diff -Nru dbus-1.4.18/debian/changelog dbus-1.4.18/debian/changelog --- dbus-1.4.18/debian/changelog 2012-09-14 13:02:20.000000000 +0000 +++ dbus-1.4.18/debian/changelog 2012-10-03 16:36:23.000000000 +0000 @@ -1,3 +1,16 @@ +dbus (1.4.18-1ubuntu1.3) precise-security; urgency=low + + * REGRESSION FIX: some applications launched with the activation helper + may need DBUS_STARTER_ADDRESS. (LP: #1058343) + - debian/patches/CVE-2012-3524-regression-fix.patch: hardcode the + starter address to the default system bus address. + * REGRESSION FIX: unclean shutdown after dbus upgrade (LP: #740390) + - debian/libdbus-1-3.postinst: trigger an upstart re-exec before + shutdown or reboot so that it can safely unmount the root + filesystem. + + -- Marc Deslauriers Wed, 03 Oct 2012 06:12:39 -0400 + dbus (1.4.18-1ubuntu1.1) precise-security; urgency=low * SECURITY UPDATE: privilege escalation via unsanitized environment diff -Nru dbus-1.4.18/debian/libdbus-1-3.postinst dbus-1.4.18/debian/libdbus-1-3.postinst --- dbus-1.4.18/debian/libdbus-1-3.postinst 1970-01-01 00:00:00.000000000 +0000 +++ dbus-1.4.18/debian/libdbus-1-3.postinst 2012-10-03 10:25:54.000000000 +0000 @@ -0,0 +1,11 @@ +#!/bin/sh + +set -e + +if [ "$1" = configure ]; then + # Before we shutdown or reboot, upstart needs to re-exec + # so that it can safely unmount the root filesystem (LP: #740390) + touch /var/run/init.upgraded || : +fi + +#DEBHELPER# diff -Nru dbus-1.4.18/debian/patches/CVE-2012-3524-regression-fix.patch dbus-1.4.18/debian/patches/CVE-2012-3524-regression-fix.patch --- dbus-1.4.18/debian/patches/CVE-2012-3524-regression-fix.patch 1970-01-01 00:00:00.000000000 +0000 +++ dbus-1.4.18/debian/patches/CVE-2012-3524-regression-fix.patch 2012-10-03 16:36:12.000000000 +0000 @@ -0,0 +1,62 @@ +Description: some applications launched with the activation helper + may need DBUS_STARTER_ADDRESS. Fix by hardcoding the starter address to + the default system bus address. +Origin: upstream, http://cgit.freedesktop.org/dbus/dbus/commit/?id=57ae3670508bbf4ec57049de47c9cae727a64802 +Origin: upstream, http://cgit.freedesktop.org/dbus/dbus/commit/?id=f68dbdc3e6f895012ce33939fb524accf31bcca5 +Origin: upstream, https://bugs.freedesktop.org/attachment.cgi?id=67977 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/dbus/+bug/1058517 +Bug: https://bugs.freedesktop.org/show_bug.cgi?id=52202 + +Index: dbus-1.4.18/bus/activation-helper.c +=================================================================== +--- dbus-1.4.18.orig/bus/activation-helper.c 2012-10-03 06:12:34.494407360 -0400 ++++ dbus-1.4.18/bus/activation-helper.c 2012-10-03 12:35:41.667680875 -0400 +@@ -140,21 +140,12 @@ + return desktop_file; + } + +-/* Cleares the environment, except for DBUS_VERBOSE and DBUS_STARTER_x */ ++/* Clears the environment, except for DBUS_STARTER_x, ++ * which we hardcode to the system bus. ++ */ + static dbus_bool_t + clear_environment (DBusError *error) + { +- const char *debug_env = NULL; +- const char *starter_env = NULL; +- +-#ifdef DBUS_ENABLE_VERBOSE_MODE +- /* are we debugging */ +- debug_env = _dbus_getenv ("DBUS_VERBOSE"); +-#endif +- +- /* we save the starter */ +- starter_env = _dbus_getenv ("DBUS_STARTER_ADDRESS"); +- + #ifndef ACTIVATION_LAUNCHER_TEST + /* totally clear the environment */ + if (!_dbus_clearenv ()) +@@ -163,20 +154,11 @@ + "could not clear environment\n"); + return FALSE; + } +-#endif + +-#ifdef DBUS_ENABLE_VERBOSE_MODE +- /* restore the debugging environment setting if set */ +- if (debug_env) +- _dbus_setenv ("DBUS_VERBOSE", debug_env); +-#endif +- +- /* restore the starter */ +- if (starter_env) +- _dbus_setenv ("DBUS_STARTER_ADDRESS", starter_env); +- +- /* set the type, which must be system if we got this far */ ++ /* Ensure the bus is set to system */ ++ _dbus_setenv ("DBUS_STARTER_ADDRESS", DBUS_SYSTEM_BUS_DEFAULT_ADDRESS); + _dbus_setenv ("DBUS_STARTER_BUS_TYPE", "system"); ++#endif + + return TRUE; + } diff -Nru dbus-1.4.18/debian/patches/series dbus-1.4.18/debian/patches/series --- dbus-1.4.18/debian/patches/series 2012-09-14 13:00:47.000000000 +0000 +++ dbus-1.4.18/debian/patches/series 2012-10-03 10:10:49.000000000 +0000 @@ -8,3 +8,4 @@ 0004-upstart-add-UpstartJob-to-service-desktop-files.patch 0005-activation-implement-upstart-activation.patch CVE-2012-3524-dbus.patch +CVE-2012-3524-regression-fix.patch