-
dbus (1.6.12-0ubuntu10.1) saucy-security; urgency=medium
* SECURITY UPDATE: denial of service via activation errors
- debian/patches/CVE-2014-3477.patch: improve error handling in
bus/activation.*, bus/services.c.
- CVE-2014-3477
* SECURITY UPDATE: denial of service via ETOOMANYREFS
- debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
- CVE-2014-3532
* SECURITY UPDATE: denial of service via invalid file descriptor
- debian/patches/CVE-2014-3533.patch: fix memory handling in
dbus/dbus-message.c.
- CVE-2014-3533
-- Marc Deslauriers <email address hidden> Thu, 03 Jul 2014 08:35:59 -0400
-
dbus (1.6.12-0ubuntu10) saucy; urgency=low
* debian/patches/aa-mediation.patch: Attempt to open() the mask file in
apparmorfs/features/dbus rather than simply stat() the dbus directory.
This is an important difference because AppArmor does not mediate the
stat() syscall. This resulted in problems in an environment where
dbus-daemon, running inside of an LXC container, did not have the
necessary AppArmor rules to access apparmorfs but the stat() succeeded
so mediation was not properly disabled. (LP: #1238267)
This problem was exposed after dropping aa-kernel-compat-check.patch
because the compat check was an additional check that performed a test
query. The test query was failing in the above scenario, which did result
in mediation being disabled.
* debian/patches/aa-get-connection-apparmor-security-context.patch,
debian/patches/aa-mediate-eavesdropping.patch: Refresh these patches to
accomodate the above change
-- Tyler Hicks <email address hidden> Thu, 10 Oct 2013 10:40:26 -0700
-
dbus (1.6.12-0ubuntu9) saucy; urgency=low
* debian/patches/aa-mediate-eavesdropping.patch: Fix a regression that
caused dbus-daemon to segfault when AppArmor mediation is disabled, or
unsupported by the kernel, and an application attempts to eavesdrop
(LP: #1237059)
-- Tyler Hicks <email address hidden> Tue, 08 Oct 2013 17:58:36 -0700
-
dbus (1.6.12-0ubuntu8) saucy; urgency=low
* debian/patches/aa-kernel-compat-check.patch: Drop this patch. It was a
temporary compatibility check to paper over incompatibilities between
dbus-daemon, libapparmor, and the AppArmor kernel code while AppArmor
D-Bus mediation was in development.
* debian/patches/aa-mediation.patch: Fix a bug that resulted in all actions
denied by AppArmor to be audited. Auditing such actions is the default,
but it should be possible to quiet audit messages by using the "deny"
AppArmor rule modifier. (LP: #1226356)
* debian/patches/aa-mediation.patch: Fix a bug in the code that builds
AppArmor queries for the process that is receiving a message. The
message's destination was being used, as opposed to the message's source,
as the peer name in the query string. (LP: #1233895)
* debian/patches/aa-mediate-eavesdropping.patch: Don't allow applications
that are confined by AppArmor to eavesdrop. Ideally, this would be
configurable with AppArmor policy, but the parser does not yet support
any type of eavesdropping permission. For now, confined applications will
simply not be allowed to eavesdrop. (LP: #1229280)
-- Tyler Hicks <email address hidden> Fri, 04 Oct 2013 09:59:21 -0700
-
dbus (1.6.12-0ubuntu7) saucy; urgency=low
* Enable log output in session dbus upstart job.
-- Dmitrijs Ledkovs <email address hidden> Fri, 04 Oct 2013 10:21:15 +0100
-
dbus (1.6.12-0ubuntu6) saucy; urgency=low
* Specify --fork to dbus-daemon in upstart user-session mode, to get the
daemon readiness information and emit started dbus, when dbus is
actually ready to operate. (LP: #1234731)
-- Dmitrijs Ledkovs <email address hidden> Thu, 03 Oct 2013 17:32:15 +0100
-
dbus (1.6.12-0ubuntu5) saucy; urgency=low
* Add support for mediation of D-Bus messages and services. AppArmor D-Bus
rules are described in the apparmor.d(5) man page. dbus-daemon will use
libapparmor to perform queries against the AppArmor policies to determine
if a connection should be able to send messages to another connection, if
a connection should be able to receive messages from another connection,
and if a connection should be able to bind to a well-known name.
- debian/patches/aa-build-tools.patch: Update build files to detect and
build against libapparmor
- debian/patches/aa-mediation.patch: Support AppArmor mediation of D-Bus
messages and services. By default, AppArmor mediation is enabled if
AppArmor is available. To disable AppArmor mediation, place
'<apparmor mode="disabled"/>' in each bus configuration file. See the
dbus-daemon(1) man page for more details.
- debian/patches/aa-get-connection-apparmor-security-context.patch: Add an
org.freedesktop.DBus.GetConnectionAppArmorSecurityContext method that
takes the unique name of a connection as input and returns the AppArmor
label attached to the connection
- debian/patches/aa-kernel-compat-check.patch: Perform a compatibility
check of dbus, libapparmor, and the AppArmor kernel code during
initialization to determine if everything is in place to perform
AppArmor mediation. This is a temporary patch to overcome some potential
incompatabilities during the Saucy development release and should be
dropped prior to Saucy's release.
- debian/control: Add libapparmor-dev as a Build-Depends
- debian/rules: Specify that D-Bus should be built against libapparmor
during the configure stage of the build
* debian/patches/aa-mediation.patch: Clean up the AppArmor initialization
- Don't treat any errors from aa_is_enabled() as fatal unless the AppArmor
D-Bus mode is set to "required". This should fix errors when various
test cases need to start dbus-daemon on buildds. (LP: #1217598)
- Don't print to stderr during initialization unless an error has
occurred (LP: #1217710)
- Don't redefine _dbus_warn() to syslog(). A previous comment left in the
code suggested that _dbus_warn() caused segfaults. Testing proves that
is not the case.
* debian/patches/aa-get-connection-apparmor-security-context.patch: Refresh
patch to fix offset warnings after modifying aa-mediation.patch
-- Tyler Hicks <email address hidden> Wed, 28 Aug 2013 13:26:13 -0700
-
dbus (1.6.12-0ubuntu4) saucy; urgency=low
* Add support for mediation of D-Bus messages and services. AppArmor D-Bus
rules are described in the apparmor.d(5) man page. dbus-daemon will use
libapparmor to perform queries against the AppArmor policies to determine
if a connection should be able to send messages to another connection, if
a connection should be able to receive messages from another connection,
and if a connection should be able to bind to a well-known name.
- debian/patches/aa-build-tools.patch: Update build files to detect and
build against libapparmor
- debian/patches/aa-mediation.patch: Support AppArmor mediation of D-Bus
messages and services. By default, AppArmor mediation is enabled if
AppArmor is available. To disable AppArmor mediation, place
'<apparmor mode="disabled"/>' in each bus configuration file. See the
dbus-daemon(1) man page for more details.
- debian/patches/aa-get-connection-apparmor-security-context.patch: Add an
org.freedesktop.DBus.GetConnectionAppArmorSecurityContext method that
takes the unique name of a connection as input and returns the AppArmor
label attached to the connection
- debian/patches/aa-kernel-compat-check.patch: Perform a compatibility
check of dbus, libapparmor, and the AppArmor kernel code during
initialization to determine if everything is in place to perform
AppArmor mediation. This is a temporary patch to overcome some potential
incompatabilities during the Saucy development release and should be
dropped prior to Saucy's release.
- debian/control: Add libapparmor-dev as a Build-Depends
- debian/rules: Specify that D-Bus should be built against libapparmor
during the configure stage of the build
-- Tyler Hicks <email address hidden> Mon, 26 Aug 2013 15:33:10 -0700
-
dbus (1.6.12-0ubuntu2) saucy; urgency=low
* dump DBUS_SESSION_BUS_ADDRESS into ~/.dbus-session, so we can source it
-- Oliver Grawert <email address hidden> Tue, 16 Jul 2013 19:56:35 +0200
-
dbus (1.6.12-0ubuntu1) saucy; urgency=low
* New upstream version, drop CVE-2013-2168.patch included in the update
-- Sebastien Bacher <email address hidden> Wed, 19 Jun 2013 19:04:25 +0200
-
dbus (1.6.10-0ubuntu2) saucy; urgency=low
* SECURITY UPDATE: denial of service via _dbus_printf_string_upper_bound()
length.
- debian/patches/CVE-2013-2168.patch: use a copy of va_list in
dbus/dbus-sysdeps-unix.c, dbus/dbus-sysdeps-win.c, added test to
test/Makefile.am, test/internals/printf.c.
- CVE-2013-2168
-- Marc Deslauriers <email address hidden> Thu, 13 Jun 2013 08:40:01 -0400
-
dbus (1.6.10-0ubuntu1) saucy; urgency=low
* New upstream version
-- Sebastien Bacher <email address hidden> Mon, 13 May 2013 19:29:40 +0200
-
dbus (1.6.8-1ubuntu8) saucy; urgency=low
* Add 00git_logind_check.patch: Fix logind check.
* Add 00git_sd_daemon_update.patch: Update to current sytemd upstream
sd_booted() to actually check for systemd init.
-- Martin Pitt <email address hidden> Mon, 29 Apr 2013 11:42:42 -0700
-
dbus (1.6.8-1ubuntu7) saucy; urgency=low
* Use logind for session tracking, so that "at_console" policies work with
logind instead of ConsoleKit. Add "libpam-systemd" recommends.
-- Martin Pitt <email address hidden> Sun, 10 Mar 2013 13:39:46 +0100
-
dbus (1.6.8-1ubuntu6) raring; urgency=low
* Tweak startup condition of user-job to block xsession-init until it's
started. (LP: #1155205)
-- Stephane Graber <email address hidden> Mon, 25 Mar 2013 09:52:01 -0400