Change logs for dbus source package in Lunar

dbus (1.14.4-1ubuntu1) lunar; urgency=medium

  * Merge from Debian unstable (LP: #1999258). Remaining changes:
    - Add aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.
    - Add dont-stop-dbus.patch: Don't stop D-Bus in the service unit.
    - Rework ubuntu/dont-stop-dbus.patch to actually make dbus.service _and_
      dbus.socket to not be part of the shutdown transaction. And yet make it
      possible to still stop/kill/restart dbus.service if one really wants to,
      because it is stuck and stopped responding to any commands. This allows
      allows to restart dbus.service with needrestart. However a finalrd hook
      might still be needed, to kill dbus-daemon for good, once we pivot off
      rootfs.
    - Rework d/p/ubuntu/dont-stop-dbus.patch to avoid a deadlock during boot
    - debian/dbus.postinst, debian/rules: Don't start D-Bus on package
      installation, as that doesn't work any more with dont-stop-dbus.patch.
      Instead, start dbus.socket in postinst, which will then start D-Bus on
      demand after package installation.
    - Prevent dbus from being restarted on upgrade
    - git configuration changes for Ubuntu (d/gbp.conf, d/.gitignore)
    - d/control: Add M-A: foreign to the new dbus-{session,system}-bus-common
      packages to permit the resolver to use them to satisfy i386 dependencies
  * Removed patches obsoleted/merged by upstream:
    - Make autopkgtests cross-test-friendly.
    - SECURITY UPDATE: Assertion failure in dbus-marshal-validate
      - debian/patches/CVE-2022-42010.patch: Check brackets in signature nest
        correctly
      - CVE-2022-42010
    - SECURITY UPDATE: Out-of-bound access in dbus-marshal-validate
      - debian/patches/CVE-2022-42011.patch: Validate length of arrays of
        fixed-length items
      - CVE-2022-42011
    - SECURITY UPDATE: Out-of-bound access in dbus-marshal-byteswap
      - debian/patches/CVE-2022-42012.patch: Byte-swap Unix fd indexes if
        needed
      - CVE-2022-42012
  * d/p/u/concrete-dbus-socket.patch: Add the "real" path used by the apparmor
    autopkgtest to the apparmor profile in the test

 -- Dave Jones <email address hidden>  Fri, 09 Dec 2022 15:00:27 +0000

dbus (1.14.0-2ubuntu3) kinetic; urgency=medium

  * SECURITY UPDATE: Assertion failure in dbus-marshal-validate
    - debian/patches/CVE-2022-42010.patch: Check brackets in signature nest
      correctly
    - CVE-2022-42010
  * SECURITY UPDATE: Out-of-bound access in dbus-marshal-validate
    - debian/patches/CVE-2022-42011.patch: Validate length of arrays of
      fixed-length items
    - CVE-2022-42011
  * SECURITY UPDATE: Out-of-bound access in dbus-marshal-byteswap
    - debian/patches/CVE-2022-42012.patch: Byte-swap Unix fd indexes if needed
    - CVE-2022-42012

 -- Nishit Majithia <email address hidden>  TUe, 25 Oct 2022 18:48:42 +0530

dbus (1.14.0-2ubuntu2) kinetic; urgency=medium

  * d/control: Add M-A: foreign to the new dbus-{session,system}-bus-common
    packages to permit the resolver to use them to satisfy i386 dependencies

 -- Dave Jones <email address hidden>  Tue, 30 Aug 2022 15:15:24 +0100