Change log for dbus package in Ubuntu

175 of 226 results
Published in bionic-release on 2017-11-22
Deleted in bionic-proposed (Reason: moved to release)
dbus (1.12.2-1ubuntu1) bionic; urgency=medium

  * Sync with Debian. Remaining changes:
    - Clean up /etc/init/dbus.conf on upgrades. This needs to be kept until
      after 18.04 LTS.
    - Add dont-stop-dbus.patch: Don't stop D-Bus in the service unit
      (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems.
      (LP: #1438612) (LP: #1540282)
    - debian/dbus.postinst, debian/rules: Don't start D-Bus on package
      installation, as that doesn't work any more with dont-stop-dbus.patch.
      Instead, start dbus.socket in postinst, which will then start D-Bus
      on demand after package installation.
    - Add aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.

Superseded in bionic-release on 2017-11-22
Deleted in bionic-proposed on 2017-11-23 (Reason: moved to release)
dbus (1.12.0-1ubuntu1) bionic; urgency=medium

  * Sync with Debian. Remaining changes:
    - Clean up /etc/init/dbus.conf on upgrades. This needs to be kept until
      after 18.04 LTS.
    - Add dont-stop-dbus.patch: Don't stop D-Bus in the service unit
      (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems.
      (LP: #1438612) (LP: #1540282)
    - debian/dbus.postinst, debian/rules: Don't start D-Bus on package
      installation, as that doesn't work any more with dont-stop-dbus.patch.
      Instead, start dbus.socket in postinst, which will then start D-Bus
      on demand after package installation.
    - Add aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.

Available diffs

Superseded in bionic-release on 2017-10-31
Published in artful-release on 2017-08-13
Deleted in artful-proposed (Reason: moved to release)
dbus (1.10.22-1ubuntu1) artful; urgency=medium

  * Merge with Debian but don't use "really" version number since we never
    had the 1.11 version in Ubuntu. Remaining changes:
    - Clean up /etc/init/dbus.conf on upgrades. This needs to be kept until
      after 18.04 LTS.
    - Add dont-stop-dbus.patch: Don't stop D-Bus in the service unit
      (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems.
      (LP: #1438612) (LP: #1540282)
    - debian/dbus.postinst, debian/rules: Don't start D-Bus on package
      installation, as that doesn't work any more with dont-stop-dbus.patch.
      Instead, start dbus.socket in postinst, which will then start D-Bus
      on demand after package installation.
    - Add aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.

Superseded in artful-release on 2017-08-13
Deleted in artful-proposed on 2017-08-15 (Reason: moved to release)
dbus (1.10.18-1ubuntu2) artful; urgency=medium

  * Restore accidentally dropped debian/rules modification
    to not start D-Bus on package installation

Superseded in artful-proposed on 2017-06-19
dbus (1.10.18-1ubuntu1) artful; urgency=medium

  * Sync with Debian. Remaining changes:
    - Clean up /etc/init/dbus.conf on upgrades. This needs to be kept until
      after 18.04 LTS.
    - Add dont-stop-dbus.patch: Don't stop D-Bus in the service unit
      (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems.
      (LP: #1438612) (LP: #1540282)
    - debian/dbus.postinst, debian/rules: Don't start D-Bus on package
      installation, as that doesn't work any more with dont-stop-dbus.patch.
      Instead, start dbus.socket in postinst, which will then start D-Bus
      on demand after package installation.
    - Add aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.
  * Dropped changes:
    - make-uid-0-immune-to-timeout.patch: Applied in new release
    - debian/dbus.user-session.upstart

Published in xenial-updates on 2017-01-17
Deleted in xenial-proposed (Reason: moved to -updates)
dbus (1.10.6-1ubuntu3.3) xenial; urgency=medium

  * debian/dbus.user-session.upstart:
    - Temporarily revert latest changes as those seem to cause issues in the
      unity8 session on touch (LP: #1654241).

 -- Łukasz 'sil2100' Zemczak <email address hidden>  Thu, 12 Jan 2017 19:01:21 +0100
Deleted in yakkety-proposed on 2017-07-10 (Reason: SRU abandoned (not verified for over 105 days))
dbus (1.10.10-1ubuntu1.2) yakkety; urgency=medium

  * debian/patches/make-uid-0-immune-to-timeout.patch:
    - Backport fix proposed by Simon McVittie upstream to workaround bug
      LP: #1591411.

 -- Łukasz 'sil2100' Zemczak <email address hidden>  Fri, 25 Nov 2016 18:36:48 +0100
Superseded in xenial-proposed on 2017-01-12
dbus (1.10.6-1ubuntu3.2) xenial; urgency=medium

  [ Iain Lane ]
  * debian/dbus.user-session.upstart: Backport zesty's version - don't launch
    a duplicate session bus if there already is one (dbus-user-session). (LP:
    #1644323)

  [ Łukasz 'sil2100' Zemczak ]
  * debian/patches/make-uid-0-immune-to-timeout.patch:
    - Backport fix proposed by Simon McVittie upstream to workaround bug
      LP: #1591411.

 -- Iain Lane <email address hidden>  Wed, 30 Nov 2016 10:48:01 +0000
Published in trusty-updates on 2017-01-18
Deleted in trusty-proposed (Reason: moved to -updates)
dbus (1.6.18-0ubuntu4.5) trusty; urgency=medium

  * debian/patches/unrequested-reply-mediation.patch: Don't let unrequested
    reply messages through and don't audit them. Unrequested reply messages
    are error or method_return messages that are sent from D-Bus connection A
    to D-Bus connection B that do not correspond to any message ever sent by
    D-Bus connection B. They should be quietly dropped as there's no use for
    them outside of malicious activity. Patch based on upstream patches.
    (LP: #1641243)

 -- Tyler Hicks <email address hidden>  Wed, 30 Nov 2016 21:44:48 +0000
Superseded in artful-release on 2017-06-19
Published in zesty-release on 2016-11-04
Deleted in zesty-proposed (Reason: moved to release)
dbus (1.10.10-1ubuntu2) zesty; urgency=medium

  * debian/patches/make-uid-0-immune-to-timeout.patch:
    - Add a test patch proposed by Simon McVittie upstream to fix bug
      LP: #1591411.

 -- Łukasz 'sil2100' Zemczak <email address hidden>  Tue, 11 Oct 2016 20:12:43 +0200
Published in yakkety-updates on 2016-11-01
Published in yakkety-security on 2016-11-01
dbus (1.10.10-1ubuntu1.1) yakkety-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution or denial of service via
    format string vulnerability (likely limited to uid 0 only)
    - debian/patches/format_string.patch: do not use non-literal format
      string in bus/activation.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Wed, 12 Oct 2016 08:29:20 -0400
Superseded in xenial-updates on 2017-01-17
Published in xenial-security on 2016-11-01
dbus (1.10.6-1ubuntu3.1) xenial-security; urgency=medium

  * SECURITY UPDATE: arbitrary code execution or denial of service via
    format string vulnerability (likely limited to uid 0 only)
    - debian/patches/format_string.patch: do not use non-literal format
      string in bus/activation.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Wed, 12 Oct 2016 08:33:00 -0400
Published in precise-updates on 2016-11-01
Published in precise-security on 2016-11-01
dbus (1.4.18-1ubuntu1.8) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via ActivationFailure signal race
    - debian/patches/CVE-2015-0245.patch: prevent forged ActivationFailure
      from non-root processes in bus/system.conf.in.
    - CVE-2015-0245
  * SECURITY UPDATE: arbitrary code execution or denial of service via
    format string vulnerability
    - debian/patches/format_string.patch: do not use non-literal format
      string in bus/activation.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Wed, 12 Oct 2016 08:37:07 -0400
Superseded in trusty-updates on 2017-01-18
Published in trusty-security on 2016-11-01
dbus (1.6.18-0ubuntu4.4) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via ActivationFailure signal race
    - debian/patches/CVE-2015-0245.patch: prevent forged ActivationFailure
      from non-root processes in bus/system.conf.in.
    - CVE-2015-0245
  * SECURITY UPDATE: arbitrary code execution or denial of service via
    format string vulnerability
    - debian/patches/format_string.patch: do not use non-literal format
      string in bus/activation.c.
    - No CVE number

 -- Marc Deslauriers <email address hidden>  Wed, 12 Oct 2016 08:33:44 -0400
Superseded in zesty-release on 2016-11-04
Published in yakkety-release on 2016-09-12
Deleted in yakkety-proposed (Reason: moved to release)
dbus (1.10.10-1ubuntu1) yakkety; urgency=medium

  [ Jeremy Bicha ]
  * Merge with Debian (LP: #1622401), remaining changes:
    - Add debian/dbus.user-session.upstart.
    - debian, dbus.postinst, debian/rules: Don't start D-Bus on package
      installation, as that doesn't work any more. Instead, start dbus.socket
      in postinst, which will then start D-Bus on demand after package
      installation.
    - Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service
      unit (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems. (LP:
      #1438612) (LP: #1540282)
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.
  * Dropped changes:
    - debian/dbus.preinst: divert the dbus-daemon-launch-helper if upgrading
      from < 1.9.4-2~. This will make sure we keep the setuid bit during upgrade.
      (LP: #1555237)
    - Drop system upstart job.

  [ Martin Pitt ]
  * Clean up /etc/init/dbus.conf on upgrades. This needs to be kept until
    after 18.04 LTS.

Available diffs

Superseded in yakkety-release on 2016-09-12
Deleted in yakkety-proposed on 2016-09-13 (Reason: moved to release)
dbus (1.10.6-1ubuntu4) yakkety; urgency=medium

  * debian/dbus.user-session.upstart:
    - Don't start a new session bus if there already is one (e. g. via
      dbus-user-session), as this would lead to different services talking to
      different buses and thus not seeing each other. As we still need the
      actual job itself running, run "sleep infinity" instead in this case.
    - Drop "expect fork" and "--fork" argument. There is little point in the
      daemon forking, upstart already manages it. This makes debugging easier
      and also avoids having to fork "sleep" in the case that dbus-daemon is
      already running.
    - Drop "mkdir ~/.cache/upstart". This doesn't belong into a job, isn't
      necessary (upstart already creates it on start) and would be too late
      anyway.

 -- Martin Pitt <email address hidden>  Tue, 24 May 2016 21:25:46 +0200
Superseded in yakkety-release on 2016-05-25
Published in xenial-release on 2016-04-01
Deleted in xenial-proposed (Reason: moved to release)
dbus (1.10.6-1ubuntu3) xenial; urgency=medium

  * debian/dbus.preinst: divert the dbus-daemon-launch-helper if upgrading
    from < 1.9.4-2~. This will make sure we keep the setuid bit during upgrade.
    (LP: #1555237)
  * debian/dbus.postinst: remove diversion.

 -- Mathieu Trudel-Lapierre <email address hidden>  Thu, 31 Mar 2016 15:07:46 -0400

Available diffs

Superseded in xenial-release on 2016-04-01
Deleted in xenial-proposed on 2016-04-03 (Reason: moved to release)
dbus (1.10.6-1ubuntu2) xenial; urgency=medium

  * dont-stop-dbus.patch: Disallow manual (re)starts, as we don't (want to)
    stop D-Bus on shutdown. (LP: #1540282)
  * debian/rules: Don't start D-Bus on package installation, as that doesn't
    work any more with the above. Instead, start dbus.socket in postinst,
    which will then start D-Bus on demand after package installation.

 -- Martin Pitt <email address hidden>  Thu, 11 Feb 2016 12:58:02 +0100
Superseded in xenial-release on 2016-02-11
Deleted in xenial-proposed on 2016-02-13 (Reason: moved to release)
dbus (1.10.6-1ubuntu1) xenial; urgency=low

  * Merge with Debian, remaining changes:
    - Add upstart jobs; Upstart is still supported for the system init.
      + Add debian/dbus.upstart and dbus.user-session.upstart
    - Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service
      unit (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems. (LP:
      #1438612)
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.

Superseded in xenial-release on 2015-12-10
Deleted in xenial-proposed on 2015-12-11 (Reason: moved to release)
dbus (1.10.4-1ubuntu2) xenial; urgency=medium

  * debian/patches/0001-uid-permissions-test-don-t-assert-that-root-can-Upda.patch:
    Take patch from fd.o bug #119997 to resolve 'root' test failure - root can
    no longer call UpdateActivationEnvironment. Check using BecomeMonitor that
    root and messagebus are privileged.

 -- Iain Lane <email address hidden>  Mon, 23 Nov 2015 12:51:40 +0000
Superseded in xenial-proposed on 2015-11-23
dbus (1.10.4-1ubuntu1) xenial; urgency=low

  * Merge with Debian, remaining changes:
    - Add upstart jobs; Upstart is still supported for the system init.
      + Add debian/dbus.upstart and dbus.user-session.upstart
    - Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service
      unit (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems. (LP:
      #1438612)
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.
  * debian/rules, debian/dbus.install: Modify upstart session job installation
    to use dh-exec instead of editing debian/rules

Available diffs

Superseded in xenial-release on 2015-11-24
Published in wily-release on 2015-09-02
Deleted in wily-proposed (Reason: moved to release)
dbus (1.10.0-1ubuntu1) wily; urgency=medium

  * Merge with Debian, remaining changes:
    - Add upstart jobs; Upstart is still supported for the system init.
      + Add debian/dbus.upstart and dbus.user-session.upstart
    - Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service
      unit (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems. (LP:
      #1438612)
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.

Superseded in wily-release on 2015-09-02
Deleted in wily-proposed on 2015-09-03 (Reason: moved to release)
dbus (1.9.20-1ubuntu2) wily; urgency=medium

  * debian/dbus.postinst: Check if /run/dbus exists before writing to a file
    there. If it doesn't then the system bus isn't running so we don't have
    anything to restart anyway.

 -- Iain Lane <email address hidden>  Thu, 20 Aug 2015 11:09:58 +0100
Superseded in wily-proposed on 2015-08-20
dbus (1.9.20-1ubuntu1) wily; urgency=medium

  * Merge with Debian (LP: #1477086), remaining changes:
    - Add upstart jobs; Upstart is still supported for the system init.
      + Add debian/dbus.upstart and dbus.user-session.upstart
    - Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service
      unit (see patch header and upstream bug for details). Fixes various
      causes of shutdown hangs, particularly with remote file systems. (LP:
      #1438612)
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.
  * Dropped changes:
    + 81-session.conf-timeout.patch; didn't ever do anything. (LP: #1479771)
    + 20_system_conf_limit.patch: Dropped. This was introduced due to problems
      with aptdaemon and large transactions. These problems seem to no longer
      exists, so we will try to run without an increased limit.
    + All other changes merged in Debian.

Available diffs

Superseded in wily-release on 2015-08-20
Deleted in wily-proposed on 2015-08-21 (Reason: moved to release)
dbus (1.8.12-1ubuntu6) wily; urgency=medium

  * debian/dbus.triggers: Switch trigger to interest-noawait to make life
    slightly easier on dpkg/apt while dependency unwinding (LP: #1485970)

 -- Adam Conrad <email address hidden>  Tue, 18 Aug 2015 12:37:46 -0600

Available diffs

Superseded in wily-release on 2015-08-19
Published in vivid-release on 2015-03-31
Deleted in vivid-proposed (Reason: moved to release)
dbus (1.8.12-1ubuntu5) vivid; urgency=medium

  * Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service
    unit (see patch header and upstream bug for details). Fixes various causes
    of shutdown hangs, particularly with remote file systems. (LP: #1438612)
 -- Martin Pitt <email address hidden>   Tue, 31 Mar 2015 18:46:06 +0200
Superseded in vivid-release on 2015-03-31
Deleted in vivid-proposed on 2015-04-02 (Reason: moved to release)
dbus (1.8.12-1ubuntu4) vivid; urgency=medium

  * debian/patches/ensure-dbus-machine-id.patch:
    - ensure that we have /var/lib/dbus/machine-id on user's system as some
      third-parties application relies on that file. It will only copy
      /etc/machine-id the file is not present already.
 -- Didier Roche <email address hidden>   Thu, 19 Mar 2015 15:19:02 +0100
Superseded in vivid-release on 2015-03-24
Deleted in vivid-proposed on 2015-03-25 (Reason: moved to release)
dbus (1.8.12-1ubuntu3) vivid; urgency=medium

  * Install dbus into /usr/. It's not actually needed during early boot,
    and this deviates from upstream/Debian.
  * Adjust dbus.postinst to be systemd & usptart compatible when
    triggering reboot notification.
 -- Dimitri John Ledkov <email address hidden>   Tue, 03 Mar 2015 12:30:02 +0000
Superseded in vivid-release on 2015-03-04
Deleted in vivid-proposed on 2015-03-05 (Reason: moved to release)
dbus (1.8.12-1ubuntu2) vivid; urgency=medium

  * Refresh the patches related to AppArmor D-Bus mediation to reflect what
    landed upstream in 1.9.12.
    - 0001-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch,
      0002-Add-LSM-agnostic-support-for-LinuxSecurityLabel-cred.patch,
      0003-Add-regression-test-for-LinuxSecurityLabel-credentia.patch,
      0004-Add-LinuxSecurityLabel-to-specification.patch: Add patches that
      report the AppArmor confinement context in the bus driver's
      GetConnectionCredentials method. A "LinuxSecurityLabel" key will be
      present in the dictionary returned by the GetConnectionCredentials
      method. The corresponding value will be the AppArmor confinement context
      of the connection.
    - 0001-Document-AppArmor-enforcement-in-the-dbus-daemon-man.patch,
      0002-Add-apparmor-element-and-attributes-to-the-bus-confi.patch,
      0003-Update-autoconf-file-to-build-against-libapparmor.patch,
      0004-Add-apparmor-element-support-to-bus-config-parsing.patch,
      0005-Initialize-AppArmor-mediation.patch,
      0006-Store-AppArmor-label-of-bus-during-initialization.patch,
      0007-Store-AppArmor-label-of-connecting-processes.patch,
      0008-Mediation-of-processes-that-acquire-well-known-names.patch,
      0009-Do-LSM-checks-after-determining-if-the-message-is-a-.patch,
      0010-Mediation-of-processes-sending-and-receiving-message.patch,
      0011-Mediation-of-processes-eavesdropping.patch: Replace the patches
      with the version that were merged upstream. The upstream review process
      revealed a number of bugs and useful cleanups that are addressed in the
      new patches.
      + No longer audit denials of unrequested reply messages (LP: #1362469)
    - aa-get-connection-apparmor-security-context.patch: Update patch to
      include a bug fix, from Simon McVittie, for AppArmor labels that contain
      non UTF-8 characters.
    - 0012-apparmor-tighten-up-terminology-for-context-vs.-labe.patch,
      0013-apparmor-Fix-build-failure-with-disable-apparmor.patch: New patches
      that were merged upstream to clean up the AA mediation code and fix a
      build failure
    - 0012-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch: Drop
      this patch. It became part of the "LinuxSecurityLabel" patch set and is
      added back with a new file name.
      0013-Add-AppArmor-support-to-GetConnectionCredentials.patch: Drop this
      patch in favor of the "LinuxSecurityLabel" patch set. This means that
      the AppArmorContext and AppArmorMode keys will not be present in the
      dictionary returned by GetConnectionCredentials. Ubuntu shipped this
      patch in 14.10 but, as far as I know, those keys were not used by any
      applications in 14.10. Since this patch was not accepted upstream,
      Ubuntu should drop it and new applications should begin using
      "LinuxSecurityLabel".
 -- Tyler Hicks <email address hidden>   Thu, 19 Feb 2015 11:06:14 -0600
Superseded in vivid-release on 2015-02-27
Deleted in vivid-proposed on 2015-03-01 (Reason: moved to release)
dbus (1.8.12-1ubuntu1) vivid; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Install binaries into / rather than /usr:
      + debian/rules: Set --exec-prefix=/
      + debian/dbus.install, debian/dbus-x11.install: Install from /bin
    - Use upstart to start:
      + Add debian/dbus.upstart and dbus.user-session.upstart
      + debian/dbus.postinst: Use upstart call instead of invoking the init.d
        script for checking if we are already running.
      + debian/control: versioned dependency on netbase that emits the new
        deconfiguring-networking event used in upstart script.
    - 20_system_conf_limit.patch: Increase max_match_rules_per_connection for
      the system bus to 5000 (LP #454093)
    - 81-session.conf-timeout.patch: Raise the service startup timeout from 25
      to 60 seconds. It may be too short on the live CD with slow machines.
    - debian/dbus.user-session.upstart, debian/rules: Communicate session bus
      to Upstart Session Init to avoid potential out-of-memory scenario
      triggered by Upstart clients that do not run main loops. Store the
      session bus address in XDG_RUNTIME_DIR.
      (LP: #1235649, LP: #1252317).
    - debian/control, debian/rules: Build against libapparmor for AppArmor
      D-Bus mediation
    - debian/control: Use logind for session tracking, so that "at_console"
      policies work with logind instead of ConsoleKit. Add "libpam-systemd"
      recommends.
    - debian/rules: Adjust dbus-send path to our changed install layout.
      (LP: #1325364)
    - debian/dbus-Xsession: Don't start a session bus if there already is
      one, i. e. $DBUS_SESSION_BUS_ADDRESS is already set. (Closes: #681241)
    - 0001-Document-AppArmor-enforcement-in-the-dbus-daemon-man.patch,
      0002-Add-apparmor-element-and-attributes-to-the-bus-confi.patch,
      0003-Update-autoconf-file-to-build-against-libapparmor.patch,
      0004-Add-apparmor-element-support-to-bus-config-parsing.patch,
      0005-Initialize-AppArmor-mediation.patch,
      0006-Store-AppArmor-label-of-bus-during-initialization.patch,
      0007-Store-AppArmor-label-of-connecting-processes.patch,
      0008-Mediation-of-processes-that-acquire-well-known-names.patch,
      0009-Do-LSM-checks-after-determining-if-the-message-is-a-.patch,
      0010-Mediation-of-processes-sending-and-receiving-message.patch,
      0011-Mediation-of-processes-eavesdropping.patch,
      0012-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch,
      0013-Add-AppArmor-support-to-GetConnectionCredentials.patch: Add the
      latest set of AppArmor D-Bus mediation patches. This the v3 patch set
      from the upstream feature inclusion bug.
      - https://bugs.freedesktop.org/show_bug.cgi?id=75113
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.

Available diffs

Superseded in vivid-release on 2014-12-16
Deleted in vivid-proposed on 2014-12-17 (Reason: moved to release)
dbus (1.8.8-2ubuntu2) vivid; urgency=medium

  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-7824.patch: raise rlimit and restore it for
      activated services in bus/activation.c, bus/bus.*,
      dbus/dbus-sysdeps-util-unix.c, dbus/dbus-sysdeps-util-win.c,
      dbus/dbus-sysdeps.h.
    - debian/dbus.init: don't launch daemon as a user so the rlimit can be
      raised.
    - CVE-2014-7824
  * SECURITY REGRESSION: authentication timeout on certain slower systems
    - debian/patches/CVE-2014-3639-regression.patch: raise auth_timeout
      back up to 30 secs in bus/config-parser.c, add a warning to
      bus/connection.c.
    - CVE-2014-3639
 -- Marc Deslauriers <email address hidden>   Tue, 25 Nov 2014 14:22:42 -0500

Available diffs

Obsolete in utopic-updates on 2016-11-03
Obsolete in utopic-security on 2016-11-03
dbus (1.8.8-1ubuntu2.1) utopic-security; urgency=medium

  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-7824.patch: raise rlimit and restore it for
      activated services in bus/activation.c, bus/bus.*,
      dbus/dbus-sysdeps-util-unix.c, dbus/dbus-sysdeps-util-win.c,
      dbus/dbus-sysdeps.h.
    - debian/dbus.init: don't launch daemon as a user so the rlimit can be
      raised.
    - CVE-2014-7824
  * SECURITY REGRESSION: authentication timeout on certain slower systems
    - debian/patches/CVE-2014-3639-regression.patch: raise auth_timeout
      back up to 30 secs in bus/config-parser.c, add a warning to
      bus/connection.c.
    - CVE-2014-3639
 -- Marc Deslauriers <email address hidden>   Tue, 25 Nov 2014 14:34:31 -0500
Superseded in precise-updates on 2016-11-01
Superseded in precise-security on 2016-11-01
dbus (1.4.18-1ubuntu1.7) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-7824.patch: raise rlimit and restore it for
      activated services in bus/activation.c, bus/bus.*,
      dbus/dbus-sysdeps-util-unix.c, dbus/dbus-sysdeps-util-win.c,
      dbus/dbus-sysdeps.h.
    - debian/dbus.init: don't launch daemon as a user so the rlimit can be
      raised.
    - CVE-2014-7824
  * SECURITY REGRESSION: authentication timeout on certain slower systems
    - debian/patches/CVE-2014-3639-regression.patch: raise auth_timeout
      back up to 30 secs in bus/config-parser.c, add a warning to
      bus/connection.c.
    - CVE-2014-3639
 -- Marc Deslauriers <email address hidden>   Tue, 25 Nov 2014 14:46:53 -0500
Superseded in trusty-updates on 2016-11-01
Superseded in trusty-security on 2016-11-01
dbus (1.6.18-0ubuntu4.3) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-7824.patch: raise rlimit and restore it for
      activated services in bus/activation.c, bus/bus.*,
      dbus/dbus-sysdeps-util-unix.c, dbus/dbus-sysdeps-util-win.c,
      dbus/dbus-sysdeps.h.
    - debian/dbus.init: don't launch daemon as a user so the rlimit can be
      raised.
    - CVE-2014-7824
  * SECURITY REGRESSION: authentication timeout on certain slower systems
    - debian/patches/CVE-2014-3639-regression.patch: raise auth_timeout
      back up to 30 secs in bus/config-parser.c, add a warning to
      bus/connection.c.
    - CVE-2014-3639
 -- Marc Deslauriers <email address hidden>   Tue, 25 Nov 2014 14:36:43 -0500
Superseded in vivid-release on 2014-11-30
Deleted in vivid-proposed on 2014-12-01 (Reason: moved to release)
dbus (1.8.8-2ubuntu1) vivid; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Install binaries into / rather than /usr:
      + debian/rules: Set --exec-prefix=/
      + debian/dbus.install, debian/dbus-x11.install: Install from /bin
    - Use upstart to start:
      + Add debian/dbus.upstart and dbus.user-session.upstart
      + debian/dbus.postinst: Use upstart call instead of invoking the init.d
        script for checking if we are already running.
      + debian/control: versioned dependency on netbase that emits the new
        deconfiguring-networking event used in upstart script.
    - 20_system_conf_limit.patch: Increase max_match_rules_per_connection for
      the system bus to 5000 (LP #454093)
    - 81-session.conf-timeout.patch: Raise the service startup timeout from 25
      to 60 seconds. It may be too short on the live CD with slow machines.
    - debian/dbus.user-session.upstart, debian/rules: Communicate session bus
      to Upstart Session Init to avoid potential out-of-memory scenario
      triggered by Upstart clients that do not run main loops
      (LP: #1235649, LP: #1252317).
    - debian/control, debian/rules: Build against libapparmor for AppArmor
      D-Bus mediation
    - debian/control: Use logind for session tracking, so that "at_console"
      policies work with logind instead of ConsoleKit. Add "libpam-systemd"
      recommends.
    - debian/rules: Adjust dbus-send path to our changed install layout.
      (LP: #1325364)
    - debian/dbus-Xsession: Don't start a session bus if there already is
      one, i. e. $DBUS_SESSION_BUS_ADDRESS is already set. (Closes: #681241)
    - 0001-Document-AppArmor-enforcement-in-the-dbus-daemon-man.patch,
      0002-Add-apparmor-element-and-attributes-to-the-bus-confi.patch,
      0003-Update-autoconf-file-to-build-against-libapparmor.patch,
      0004-Add-apparmor-element-support-to-bus-config-parsing.patch,
      0005-Initialize-AppArmor-mediation.patch,
      0006-Store-AppArmor-label-of-bus-during-initialization.patch,
      0007-Store-AppArmor-label-of-connecting-processes.patch,
      0008-Mediation-of-processes-that-acquire-well-known-names.patch,
      0009-Do-LSM-checks-after-determining-if-the-message-is-a-.patch,
      0010-Mediation-of-processes-sending-and-receiving-message.patch,
      0011-Mediation-of-processes-eavesdropping.patch,
      0012-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch,
      0013-Add-AppArmor-support-to-GetConnectionCredentials.patch: Add the
      latest set of AppArmor D-Bus mediation patches. This the v3 patch set
      from the upstream feature inclusion bug.
      - https://bugs.freedesktop.org/show_bug.cgi?id=75113
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.
    - write to $XDG_RUNTIME_DIR instead of the users home when creating the
      dbus-session file, so we can start our session even with 100% filled or
      readonly home dir (LP: #1316978)

Superseded in vivid-release on 2014-10-28
Obsolete in utopic-release on 2016-11-03
Deleted in utopic-proposed on 2016-11-03 (Reason: moved to release)
dbus (1.8.8-1ubuntu2) utopic; urgency=medium

  * write to $XDG_RUNTIME_DIR instead of the users home when creating the
    dbus-session file, so we can start our session even with 100% filled or
    readonly home dir (LP: #1316978)
 -- Oliver Grawert <email address hidden>   Fri, 26 Sep 2014 15:07:05 +0200
Superseded in utopic-release on 2014-09-26
Deleted in utopic-proposed on 2014-09-28 (Reason: moved to release)
dbus (1.8.8-1ubuntu1) utopic; urgency=medium

  * Resynchronize on Debian. Remaining Ubuntu changes:
    - Install binaries into / rather than /usr:
      + debian/rules: Set --exec-prefix=/
      + debian/dbus.install, debian/dbus-x11.install: Install from /bin
    - Use upstart to start:
      + Add debian/dbus.upstart and dbus.user-session.upstart
      + debian/dbus.postinst: Use upstart call instead of invoking the init.d
        script for checking if we are already running.
      + debian/control: versioned dependency on netbase that emits the new
        deconfiguring-networking event used in upstart script.
    - 20_system_conf_limit.patch: Increase max_match_rules_per_connection for
      the system bus to 5000 (LP #454093)
    - 81-session.conf-timeout.patch: Raise the service startup timeout from 25
      to 60 seconds. It may be too short on the live CD with slow machines.
    - debian/dbus.user-session.upstart, debian/rules: Communicate session bus
      to Upstart Session Init to avoid potential out-of-memory scenario
      triggered by Upstart clients that do not run main loops
      (LP: #1235649, LP: #1252317).
    - debian/control, debian/rules: Build against libapparmor for AppArmor
      D-Bus mediation
    - debian/control: Use logind for session tracking, so that "at_console"
      policies work with logind instead of ConsoleKit. Add "libpam-systemd"
      recommends.
    - debian/rules: Adjust dbus-send path to our changed install layout.
      (LP: #1325364)
    - debian/dbus-Xsession: Don't start a session bus if there already is
      one, i. e. $DBUS_SESSION_BUS_ADDRESS is already set. (Closes: #681241)
    - 0001-Document-AppArmor-enforcement-in-the-dbus-daemon-man.patch,
      0002-Add-apparmor-element-and-attributes-to-the-bus-confi.patch,
      0003-Update-autoconf-file-to-build-against-libapparmor.patch,
      0004-Add-apparmor-element-support-to-bus-config-parsing.patch,
      0005-Initialize-AppArmor-mediation.patch,
      0006-Store-AppArmor-label-of-bus-during-initialization.patch,
      0007-Store-AppArmor-label-of-connecting-processes.patch,
      0008-Mediation-of-processes-that-acquire-well-known-names.patch,
      0009-Do-LSM-checks-after-determining-if-the-message-is-a-.patch,
      0010-Mediation-of-processes-sending-and-receiving-message.patch,
      0011-Mediation-of-processes-eavesdropping.patch,
      0012-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch,
      0013-Add-AppArmor-support-to-GetConnectionCredentials.patch: Add the
      latest set of AppArmor D-Bus mediation patches. This the v3 patch set
      from the upstream feature inclusion bug.
      - https://bugs.freedesktop.org/show_bug.cgi?id=75113
    - aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.

Available diffs

Obsolete in lucid-updates on 2016-10-26
Obsolete in lucid-security on 2016-10-26
dbus (1.2.16-2ubuntu4.8) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service via large number of pending replies
    - debian/patches/CVE-2014-3638.patch: reduce max_replies_per_connection
      to 128 in bus/config-parser.c.
    - CVE-2014-3638
  * SECURITY UPDATE: denial of service via incomplete connections
    - debian/patches/CVE-2014-3639.patch: reduce auth_timeout in
      bus/config-parser.c, stop listening on DBusServer sockets when
      reaching max_incomplete_connections in bus/bus.*, bus/connection.*,
      dbus/dbus-server-protected.h, dbus/dbus-server.c, dbus/dbus-watch.*.
    - CVE-2014-3639
 -- Marc Deslauriers <email address hidden>   Wed, 17 Sep 2014 12:27:46 -0400
Superseded in precise-updates on 2014-11-27
Superseded in precise-security on 2014-11-27
dbus (1.4.18-1ubuntu1.6) precise-security; urgency=medium

  * SECURITY UPDATE: buffer overrun via odd max_message_unix_fds
    - debian/patches/CVE-2014-3635.patch: do not extra fds in cmsg padding
      in dbus/dbus-sysdeps-unix.c, allow using _DBUS_STATIC_ASSERT at a
      non-global scope in dbus/dbus-internals.h, dbus/dbus-macros.h.
    - CVE-2014-3635
  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-3636.patch: reduce max number of fds in
      bus/config-parser.c, bus/session.conf.in, dbus/dbus-message.c,
      dbus/dbus-sysdeps.h.
    - CVE-2014-3636
  * SECURITY UPDATE: denial of service via persistent file descriptiors
    - debian/patches/CVE-2014-3637.patch: add a timeout to expire pending
      fds in bus/bus.*, bus/config-parser.c, bus/connection.c,
      bus/session.conf.in, cmake/bus/dbus-daemon.xml,
      dbus/dbus-connection-internal.h, dbus/dbus-connection.c,
      dbus/dbus-message-internal.h, dbus/dbus-message-private.h,
      dbus/dbus-message.c, dbus/dbus-transport.*.
    - CVE-2014-3637
  * SECURITY UPDATE: denial of service via large number of pending replies
    - debian/patches/CVE-2014-3638.patch: reduce max_replies_per_connection
      to 128 in bus/config-parser.c.
    - CVE-2014-3638
  * SECURITY UPDATE: denial of service via incomplete connections
    - debian/patches/CVE-2014-3639.patch: reduce auth_timeout in
      bus/config-parser.c, stop listening on DBusServer sockets when
      reaching max_incomplete_connections in bus/bus.*, bus/connection.*,
      dbus/dbus-server-protected.h, dbus/dbus-server.c, dbus/dbus-watch.*.
    - CVE-2014-3639
 -- Marc Deslauriers <email address hidden>   Wed, 17 Sep 2014 11:21:20 -0400
Superseded in trusty-updates on 2014-11-27
Superseded in trusty-security on 2014-11-27
dbus (1.6.18-0ubuntu4.2) trusty-security; urgency=medium

  * SECURITY UPDATE: buffer overrun via odd max_message_unix_fds
    - debian/patches/CVE-2014-3635.patch: do not extra fds in cmsg padding
      in dbus/dbus-sysdeps-unix.c, allow using _DBUS_STATIC_ASSERT at a
      non-global scope in dbus/dbus-internals.h, dbus/dbus-macros.h.
    - CVE-2014-3635
  * SECURITY UPDATE: denial of service via large number of fds
    - debian/patches/CVE-2014-3636.patch: reduce max number of fds in
      bus/config-parser.c, bus/session.conf.in, dbus/dbus-message.c,
      dbus/dbus-sysdeps.h.
    - CVE-2014-3636
  * SECURITY UPDATE: denial of service via persistent file descriptiors
    - debian/patches/CVE-2014-3637.patch: add a timeout to expire pending
      fds in bus/bus.*, bus/config-parser.c, bus/connection.c,
      bus/session.conf.in, cmake/bus/dbus-daemon.xml,
      dbus/dbus-connection-internal.h, dbus/dbus-connection.c,
      dbus/dbus-message-internal.h, dbus/dbus-message-private.h,
      dbus/dbus-message.c, dbus/dbus-transport.*.
    - CVE-2014-3637
  * SECURITY UPDATE: denial of service via large number of pending replies
    - debian/patches/CVE-2014-3638.patch: reduce max_replies_per_connection
      to 128 in bus/config-parser.c.
    - CVE-2014-3638
  * SECURITY UPDATE: denial of service via incomplete connections
    - debian/patches/CVE-2014-3639.patch: reduce auth_timeout in
      bus/config-parser.c, stop listening on DBusServer sockets when
      reaching max_incomplete_connections in bus/bus.*, bus/connection.*,
      dbus/dbus-server-protected.h, dbus/dbus-server.c, dbus/dbus-watch.*.
    - CVE-2014-3639
 -- Marc Deslauriers <email address hidden>   Wed, 17 Sep 2014 10:16:51 -0400
Superseded in utopic-release on 2014-09-18
Deleted in utopic-proposed on 2014-09-20 (Reason: moved to release)
dbus (1.8.6-1ubuntu1) utopic; urgency=low

  * Resynchronize on Debian testing (LP: #1320422). Remaining Ubuntu changes:
    - Install binaries into / rather than /usr:
      + debian/rules: Set --exec-prefix=/
      + debian/dbus.install, debian/dbus-x11.install: Install from /bin
    - Use upstart to start:
      + Add debian/dbus.upstart and dbus.user-session.upstart
      + debian/dbus.postinst: Use upstart call instead of invoking the init.d
        script for checking if we are already running.
      + debian/control: versioned dependency on netbase that emits the new
        deconfiguring-networking event used in upstart script.
    - 20_system_conf_limit.patch: Increase max_match_rules_per_connection for
      the system bus to 5000 (LP #454093)
    - 81-session.conf-timeout.patch: Raise the service startup timeout from 25
      to 60 seconds. It may be too short on the live CD with slow machines.
    - debian/dbus.user-session.upstart, debian/rules: Communicate session bus
      to Upstart Session Init to avoid potential out-of-memory scenario
      triggered by Upstart clients that do not run main loops
      (LP: #1235649, LP: #1252317).
    - debian/control, debian/rules: Build against libapparmor for AppArmor
      D-Bus mediation
    - debian/control: Use logind for session tracking, so that "at_console"
      policies work with logind instead of ConsoleKit. Add "libpam-systemd"
      recommends.
    - debian/rules: Adjust dbus-send path to our changed install layout.
      (LP: #1325364)
    - debian/dbus-Xsession: Don't start a session bus if there already is one,
      i. e. $DBUS_SESSION_BUS_ADDRESS is already set. (Closes: #681241)
  * Dropped changes:
    - debian/control: Drop version bump on the libglib2.0-dev Build-Depends.
      It is no longer needed.
    - debian/control: use "Breaks: unity-services (<< 6.0.0-0ubuntu6)", the
      new dbus eavedropping protection was creating issues with previous
      versions. This can be dropped now since upgrades from Quantal are no
      longer a concern.
    - debian/control, debian/rules: The tests are not run during the build.
      Configure with --disable-tests, drop the build dependencies needed for
      the tests. The tests should now run with the debug build using
      autopkgtest.
    - 00git_logind_check.patch: Fix logind check. This change is present in
      upstream dbus.
    - Add 00git_sd_daemon_update.patch: Update to current sytemd upstream
      sd_booted() to actually check for systemd init. This change is present
      in upstream dbus.
    - debian/patches/aa-build-tools.patch, debian/patches/aa-mediation.patch,
      debian/patches/aa-mediate-eavesdropping.patch: Drop these patches in
      favor of the latest set of patches submitted for upstream inclusion
    - debian/patches/02_obsolete_g_thread_api.patch: This change is present in
      upstream dbus
    - 0001-activation-allow-for-more-variation-than-just-system.patch,
      0002-bus-change-systemd-activation-to-activation-systemd.patch,
      0003-upstart-add-upstart-as-a-possible-activation-type.patch,
      0004-upstart-add-UpstartJob-to-service-desktop-files.patch,
      0005-activation-implement-upstart-activation.patch: These patches have
      been disabled since 12.10 so it should be safe to remove them at this
      point
    - debian/patches/CVE-2014-3477.patch, debian/patches/CVE-2014-3532.patch,
      debian/patches/CVE-2014-3533.patch: These changes are present in
      upstream dbus
  * 0001-Document-AppArmor-enforcement-in-the-dbus-daemon-man.patch,
    0002-Add-apparmor-element-and-attributes-to-the-bus-confi.patch,
    0003-Update-autoconf-file-to-build-against-libapparmor.patch,
    0004-Add-apparmor-element-support-to-bus-config-parsing.patch,
    0005-Initialize-AppArmor-mediation.patch,
    0006-Store-AppArmor-label-of-bus-during-initialization.patch,
    0007-Store-AppArmor-label-of-connecting-processes.patch,
    0008-Mediation-of-processes-that-acquire-well-known-names.patch,
    0009-Do-LSM-checks-after-determining-if-the-message-is-a-.patch,
    0010-Mediation-of-processes-sending-and-receiving-message.patch,
    0011-Mediation-of-processes-eavesdropping.patch,
    0012-New-a-sv-helper-for-using-byte-arrays-as-the-variant.patch,
    0013-Add-AppArmor-support-to-GetConnectionCredentials.patch: Add the
    latest set of AppArmor D-Bus mediation patches. This the v3 patch set from
    the upstream feature inclusion bug.
    - https://bugs.freedesktop.org/show_bug.cgi?id=75113
  * aa-get-connection-apparmor-security-context.patch: Refresh this patch so
    that it compiles with latest AppArmor D-Bus mediation patches. It is not
    intended for upstream inclusion. It implements a bus method
    (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
    security context but upstream D-Bus has recently added a generic way of
    getting a connection's security credentials (GetConnectionCredentials).
    Ubuntu should carry this patch until packages in the archive are moved
    over to the new, generic method of getting a connection's credentials.

Available diffs

Superseded in utopic-release on 2014-08-21
Deleted in utopic-proposed on 2014-08-22 (Reason: moved to release)
dbus (1.6.18-0ubuntu10) utopic; urgency=medium

  * Drop upstart dependency. We ship init scripts for sysv, upstart, and
    systemd now. (LP: #1351306)
 -- Martin Pitt <email address hidden>   Fri, 01 Aug 2014 15:19:20 +0200

Available diffs

Superseded in utopic-release on 2014-08-01
Deleted in utopic-proposed on 2014-08-02 (Reason: moved to release)
dbus (1.6.18-0ubuntu9) utopic; urgency=medium

  * SECURITY UPDATE: denial of service via activation errors
    - debian/patches/CVE-2014-3477.patch: improve error handling in
      bus/activation.*, bus/services.c.
    - CVE-2014-3477
  * SECURITY UPDATE: denial of service via ETOOMANYREFS
    - debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
      dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
    - CVE-2014-3532
  * SECURITY UPDATE: denial of service via invalid file descriptor
    - debian/patches/CVE-2014-3533.patch: fix memory handling in
      dbus/dbus-message.c.
    - CVE-2014-3533
 -- Marc Deslauriers <email address hidden>   Thu, 03 Jul 2014 08:28:23 -0400
Superseded in precise-updates on 2014-09-22
Superseded in precise-security on 2014-09-22
dbus (1.4.18-1ubuntu1.5) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via activation errors
    - debian/patches/CVE-2014-3477.patch: improve error handling in
      bus/activation.*, bus/services.c.
    - CVE-2014-3477
  * SECURITY UPDATE: denial of service via ETOOMANYREFS
    - debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
      dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
    - CVE-2014-3532
  * SECURITY UPDATE: denial of service via invalid file descriptor
    - debian/patches/CVE-2014-3533.patch: fix memory handling in
      dbus/dbus-message.c.
    - CVE-2014-3533
 -- Marc Deslauriers <email address hidden>   Thu, 03 Jul 2014 08:39:34 -0400
Obsolete in saucy-updates on 2015-04-24
Obsolete in saucy-security on 2015-04-24
dbus (1.6.12-0ubuntu10.1) saucy-security; urgency=medium

  * SECURITY UPDATE: denial of service via activation errors
    - debian/patches/CVE-2014-3477.patch: improve error handling in
      bus/activation.*, bus/services.c.
    - CVE-2014-3477
  * SECURITY UPDATE: denial of service via ETOOMANYREFS
    - debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
      dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
    - CVE-2014-3532
  * SECURITY UPDATE: denial of service via invalid file descriptor
    - debian/patches/CVE-2014-3533.patch: fix memory handling in
      dbus/dbus-message.c.
    - CVE-2014-3533
 -- Marc Deslauriers <email address hidden>   Thu, 03 Jul 2014 08:35:59 -0400
Superseded in trusty-updates on 2014-09-22
Superseded in trusty-security on 2014-09-22
dbus (1.6.18-0ubuntu4.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via activation errors
    - debian/patches/CVE-2014-3477.patch: improve error handling in
      bus/activation.*, bus/services.c.
    - CVE-2014-3477
  * SECURITY UPDATE: denial of service via ETOOMANYREFS
    - debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
      dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
    - CVE-2014-3532
  * SECURITY UPDATE: denial of service via invalid file descriptor
    - debian/patches/CVE-2014-3533.patch: fix memory handling in
      dbus/dbus-message.c.
    - CVE-2014-3533
 -- Marc Deslauriers <email address hidden>   Thu, 03 Jul 2014 08:35:11 -0400
Superseded in utopic-release on 2014-07-09
Deleted in utopic-proposed on 2014-07-11 (Reason: moved to release)
dbus (1.6.18-0ubuntu8) utopic; urgency=medium

  * debian/dbus-Xsession: Don't start a session bus if there already is one,
    i. e. $DBUS_SESSION_BUS_ADDRESS is already set. (Closes: #681241)
 -- Martin Pitt <email address hidden>   Tue, 03 Jun 2014 11:07:54 +0200
Superseded in utopic-proposed on 2014-06-03
dbus (1.6.18-0ubuntu7) utopic; urgency=medium

  * debian/rules: Adjust dbus-send path to our changed install layout.
    (LP: #1325364)
 -- Martin Pitt <email address hidden>   Mon, 02 Jun 2014 09:05:53 +0200

Available diffs

Superseded in utopic-release on 2014-06-03
Deleted in utopic-proposed on 2014-06-04 (Reason: moved to release)
dbus (1.6.18-0ubuntu6) utopic; urgency=high

  * No change rebuild against new dh_installinit, to call update-rc.d at
    postinst.
 -- Dimitri John Ledkov <email address hidden>   Wed, 28 May 2014 10:39:49 +0100

Available diffs

Superseded in utopic-release on 2014-05-28
Deleted in utopic-proposed on 2014-05-30 (Reason: moved to release)
dbus (1.6.18-0ubuntu5) utopic; urgency=medium

  * Do not fail starting user-session dbus, if e.g. /home is 100% or
    ~/.cache is not-writable.
  * Make sure that DBUS_SESSION_ADDRESS is only exported, after the
    session dbus has been launched.
 -- Dimitri John Ledkov <email address hidden>   Fri, 02 May 2014 12:00:27 +0100

Available diffs

Superseded in utopic-release on 2014-05-02
Published in trusty-release on 2014-04-02
Deleted in trusty-proposed (Reason: moved to release)
dbus (1.6.18-0ubuntu4) trusty; urgency=medium

  * Create ~/.cache/upstart if it doesn't already exist.
    Thanks to Ryan Lovett for the patch. (LP: #1300516)
 -- Stephane Graber <email address hidden>   Tue, 01 Apr 2014 17:53:17 -0400
Superseded in trusty-release on 2014-04-02
Deleted in trusty-proposed on 2014-04-03 (Reason: moved to release)
dbus (1.6.18-0ubuntu3) trusty; urgency=low

  * aa-mediate-eavesdropping.patch: Query AppArmor when confined applications
    attempt to eavesdrop on the bus. See the apparmor.d(5) man page for
    AppArmor syntax details. (LP: #1262440)
  * debian/control: Depend on the apparmor version containing the new
    eavesdrop permission
 -- Tyler Hicks <email address hidden>   Mon, 13 Jan 2014 11:45:21 -0600
Superseded in trusty-release on 2014-01-17
Deleted in trusty-proposed on 2014-01-18 (Reason: moved to release)
dbus (1.6.18-0ubuntu2) trusty; urgency=low

  [ James Hunt ]
  * debian/dbus.user-session.upstart: Communicate session bus to Upstart
    Session Init to avoid potential out-of-memory scenario triggered by
    Upstart clients that do not run main loops (LP: #1235649, LP: #1252317).
 -- Dmitrijs Ledkovs <email address hidden>   Tue, 19 Nov 2013 11:14:58 +0000

Available diffs

Superseded in trusty-release on 2013-11-20
Deleted in trusty-proposed on 2013-11-21 (Reason: moved to release)
dbus (1.6.18-0ubuntu1) trusty; urgency=low

  * New upstream version
 -- Sebastien Bacher <email address hidden>   Mon, 11 Nov 2013 18:07:24 +0100
Superseded in trusty-release on 2013-11-12
Obsolete in saucy-release on 2015-04-24
Deleted in saucy-proposed on 2015-04-28 (Reason: moved to release)
dbus (1.6.12-0ubuntu10) saucy; urgency=low

  * debian/patches/aa-mediation.patch: Attempt to open() the mask file in
    apparmorfs/features/dbus rather than simply stat() the dbus directory.
    This is an important difference because AppArmor does not mediate the
    stat() syscall. This resulted in problems in an environment where
    dbus-daemon, running inside of an LXC container, did not have the
    necessary AppArmor rules to access apparmorfs but the stat() succeeded
    so mediation was not properly disabled. (LP: #1238267)
    This problem was exposed after dropping aa-kernel-compat-check.patch
    because the compat check was an additional check that performed a test
    query. The test query was failing in the above scenario, which did result
    in mediation being disabled.
  * debian/patches/aa-get-connection-apparmor-security-context.patch,
    debian/patches/aa-mediate-eavesdropping.patch: Refresh these patches to
    accomodate the above change
 -- Tyler Hicks <email address hidden>   Thu, 10 Oct 2013 10:40:26 -0700
Superseded in saucy-release on 2013-10-10
Deleted in saucy-proposed on 2013-10-12 (Reason: moved to release)
dbus (1.6.12-0ubuntu9) saucy; urgency=low

  * debian/patches/aa-mediate-eavesdropping.patch: Fix a regression that
    caused dbus-daemon to segfault when AppArmor mediation is disabled, or
    unsupported by the kernel, and an application attempts to eavesdrop
    (LP: #1237059)
 -- Tyler Hicks <email address hidden>   Tue, 08 Oct 2013 17:58:36 -0700

Available diffs

Superseded in saucy-release on 2013-10-09
Deleted in saucy-proposed on 2013-10-11 (Reason: moved to release)
dbus (1.6.12-0ubuntu8) saucy; urgency=low

  * debian/patches/aa-kernel-compat-check.patch: Drop this patch. It was a
    temporary compatibility check to paper over incompatibilities between
    dbus-daemon, libapparmor, and the AppArmor kernel code while AppArmor
    D-Bus mediation was in development.
  * debian/patches/aa-mediation.patch: Fix a bug that resulted in all actions
    denied by AppArmor to be audited. Auditing such actions is the default,
    but it should be possible to quiet audit messages by using the "deny"
    AppArmor rule modifier. (LP: #1226356)
  * debian/patches/aa-mediation.patch: Fix a bug in the code that builds
    AppArmor queries for the process that is receiving a message. The
    message's destination was being used, as opposed to the message's source,
    as the peer name in the query string. (LP: #1233895)
  * debian/patches/aa-mediate-eavesdropping.patch: Don't allow applications
    that are confined by AppArmor to eavesdrop. Ideally, this would be
    configurable with AppArmor policy, but the parser does not yet support
    any type of eavesdropping permission. For now, confined applications will
    simply not be allowed to eavesdrop. (LP: #1229280)
 -- Tyler Hicks <email address hidden>   Fri, 04 Oct 2013 09:59:21 -0700
Superseded in saucy-release on 2013-10-08
Deleted in saucy-proposed on 2013-10-09 (Reason: moved to release)
dbus (1.6.12-0ubuntu7) saucy; urgency=low

  * Enable log output in session dbus upstart job.
 -- Dmitrijs Ledkovs <email address hidden>   Fri, 04 Oct 2013 10:21:15 +0100

Available diffs

Superseded in saucy-release on 2013-10-04
Deleted in saucy-proposed on 2013-10-05 (Reason: moved to release)
dbus (1.6.12-0ubuntu6) saucy; urgency=low

  * Specify --fork to dbus-daemon in upstart user-session mode, to get the
    daemon readiness information and emit started dbus, when dbus is
    actually ready to operate. (LP: #1234731)
 -- Dmitrijs Ledkovs <email address hidden>   Thu, 03 Oct 2013 17:32:15 +0100

Available diffs

Superseded in saucy-release on 2013-10-03
Deleted in saucy-proposed on 2013-10-04 (Reason: moved to release)
dbus (1.6.12-0ubuntu5) saucy; urgency=low

  * Add support for mediation of D-Bus messages and services. AppArmor D-Bus
    rules are described in the apparmor.d(5) man page. dbus-daemon will use
    libapparmor to perform queries against the AppArmor policies to determine
    if a connection should be able to send messages to another connection, if
    a connection should be able to receive messages from another connection,
    and if a connection should be able to bind to a well-known name.
    - debian/patches/aa-build-tools.patch: Update build files to detect and
      build against libapparmor
    - debian/patches/aa-mediation.patch: Support AppArmor mediation of D-Bus
      messages and services. By default, AppArmor mediation is enabled if
      AppArmor is available. To disable AppArmor mediation, place
      '<apparmor mode="disabled"/>' in each bus configuration file. See the
      dbus-daemon(1) man page for more details.
    - debian/patches/aa-get-connection-apparmor-security-context.patch: Add an
      org.freedesktop.DBus.GetConnectionAppArmorSecurityContext method that
      takes the unique name of a connection as input and returns the AppArmor
      label attached to the connection
    - debian/patches/aa-kernel-compat-check.patch: Perform a compatibility
      check of dbus, libapparmor, and the AppArmor kernel code during
      initialization to determine if everything is in place to perform
      AppArmor mediation. This is a temporary patch to overcome some potential
      incompatabilities during the Saucy development release and should be
      dropped prior to Saucy's release.
    - debian/control: Add libapparmor-dev as a Build-Depends
    - debian/rules: Specify that D-Bus should be built against libapparmor
      during the configure stage of the build
  * debian/patches/aa-mediation.patch: Clean up the AppArmor initialization
    - Don't treat any errors from aa_is_enabled() as fatal unless the AppArmor
      D-Bus mode is set to "required". This should fix errors when various
      test cases need to start dbus-daemon on buildds. (LP: #1217598)
    - Don't print to stderr during initialization unless an error has
      occurred (LP: #1217710)
    - Don't redefine _dbus_warn() to syslog(). A previous comment left in the
      code suggested that _dbus_warn() caused segfaults. Testing proves that
      is not the case.
  * debian/patches/aa-get-connection-apparmor-security-context.patch: Refresh
    patch to fix offset warnings after modifying aa-mediation.patch
 -- Tyler Hicks <email address hidden>   Wed, 28 Aug 2013 13:26:13 -0700
Deleted in saucy-proposed on 2013-08-28 (Reason: doesn't work on the buildds and block landing of other co...)
dbus (1.6.12-0ubuntu4) saucy; urgency=low

  * Add support for mediation of D-Bus messages and services. AppArmor D-Bus
    rules are described in the apparmor.d(5) man page. dbus-daemon will use
    libapparmor to perform queries against the AppArmor policies to determine
    if a connection should be able to send messages to another connection, if
    a connection should be able to receive messages from another connection,
    and if a connection should be able to bind to a well-known name.
    - debian/patches/aa-build-tools.patch: Update build files to detect and
      build against libapparmor
    - debian/patches/aa-mediation.patch: Support AppArmor mediation of D-Bus
      messages and services. By default, AppArmor mediation is enabled if
      AppArmor is available. To disable AppArmor mediation, place
      '<apparmor mode="disabled"/>' in each bus configuration file. See the
      dbus-daemon(1) man page for more details.
    - debian/patches/aa-get-connection-apparmor-security-context.patch: Add an
      org.freedesktop.DBus.GetConnectionAppArmorSecurityContext method that
      takes the unique name of a connection as input and returns the AppArmor
      label attached to the connection
    - debian/patches/aa-kernel-compat-check.patch: Perform a compatibility
      check of dbus, libapparmor, and the AppArmor kernel code during
      initialization to determine if everything is in place to perform
      AppArmor mediation. This is a temporary patch to overcome some potential
      incompatabilities during the Saucy development release and should be
      dropped prior to Saucy's release.
    - debian/control: Add libapparmor-dev as a Build-Depends
    - debian/rules: Specify that D-Bus should be built against libapparmor
      during the configure stage of the build
 -- Tyler Hicks <email address hidden>   Mon, 26 Aug 2013 15:33:10 -0700
Superseded in saucy-release on 2013-08-29
Deleted in saucy-proposed on 2013-08-30 (Reason: moved to release)
dbus (1.6.12-0ubuntu2) saucy; urgency=low

  * dump DBUS_SESSION_BUS_ADDRESS into ~/.dbus-session, so we can source it
 -- Oliver Grawert <email address hidden>   Tue, 16 Jul 2013 19:56:35 +0200

Available diffs

Superseded in saucy-release on 2013-07-16
Deleted in saucy-proposed on 2013-07-18 (Reason: moved to release)
dbus (1.6.12-0ubuntu1) saucy; urgency=low

  * New upstream version, drop CVE-2013-2168.patch included in the update
 -- Sebastien Bacher <email address hidden>   Wed, 19 Jun 2013 19:04:25 +0200
Superseded in saucy-release on 2013-06-24
Deleted in saucy-proposed on 2013-06-25 (Reason: moved to release)
dbus (1.6.10-0ubuntu2) saucy; urgency=low

  * SECURITY UPDATE: denial of service via _dbus_printf_string_upper_bound()
    length.
    - debian/patches/CVE-2013-2168.patch: use a copy of va_list in
      dbus/dbus-sysdeps-unix.c, dbus/dbus-sysdeps-win.c, added test to
      test/Makefile.am, test/internals/printf.c.
    - CVE-2013-2168
 -- Marc Deslauriers <email address hidden>   Thu, 13 Jun 2013 08:40:01 -0400
Superseded in precise-updates on 2014-07-08
Superseded in precise-security on 2014-07-08
dbus (1.4.18-1ubuntu1.4) precise-security; urgency=low

  * SECURITY UPDATE: denial of service via _dbus_printf_string_upper_bound()
    length.
    - debian/patches/CVE-2013-2168.patch: use a copy of va_list in
      dbus/dbus-sysdeps-unix.c, dbus/dbus-sysdeps-win.c, added test to
      test/Makefile.am, test/internals/printf.c.
    - CVE-2013-2168
 -- Marc Deslauriers <email address hidden>   Thu, 13 Jun 2013 10:23:58 -0400
Obsolete in quantal-updates on 2015-04-24
Obsolete in quantal-security on 2015-04-24
dbus (1.6.4-1ubuntu4.1) quantal-security; urgency=low

  * SECURITY UPDATE: denial of service via _dbus_printf_string_upper_bound()
    length.
    - debian/patches/CVE-2013-2168.patch: use a copy of va_list in
      dbus/dbus-sysdeps-unix.c, dbus/dbus-sysdeps-win.c, added test to
      test/Makefile.am, test/internals/printf.c.
    - CVE-2013-2168
 -- Marc Deslauriers <email address hidden>   Thu, 13 Jun 2013 10:17:02 -0400
Obsolete in raring-updates on 2015-04-24
Obsolete in raring-security on 2015-04-24
dbus (1.6.8-1ubuntu6.1) raring-security; urgency=low

  * SECURITY UPDATE: denial of service via _dbus_printf_string_upper_bound()
    length.
    - debian/patches/CVE-2013-2168.patch: use a copy of va_list in
      dbus/dbus-sysdeps-unix.c, dbus/dbus-sysdeps-win.c, added test to
      test/Makefile.am, test/internals/printf.c.
    - CVE-2013-2168
 -- Marc Deslauriers <email address hidden>   Thu, 13 Jun 2013 08:44:47 -0400
Superseded in saucy-release on 2013-06-13
Deleted in saucy-proposed on 2013-06-14 (Reason: moved to release)
dbus (1.6.10-0ubuntu1) saucy; urgency=low

  * New upstream version
 -- Sebastien Bacher <email address hidden>   Mon, 13 May 2013 19:29:40 +0200

Available diffs

Superseded in saucy-release on 2013-05-13
Deleted in saucy-proposed on 2013-05-15 (Reason: moved to release)
dbus (1.6.8-1ubuntu8) saucy; urgency=low

  * Add 00git_logind_check.patch: Fix logind check.
  * Add 00git_sd_daemon_update.patch: Update to current sytemd upstream
    sd_booted() to actually check for systemd init.
 -- Martin Pitt <email address hidden>   Mon, 29 Apr 2013 11:42:42 -0700

Available diffs

Superseded in saucy-release on 2013-04-29
Deleted in saucy-proposed on 2013-05-01 (Reason: moved to release)
dbus (1.6.8-1ubuntu7) saucy; urgency=low

  * Use logind for session tracking, so that "at_console" policies work with
    logind instead of ConsoleKit. Add "libpam-systemd" recommends.
 -- Martin Pitt <email address hidden>   Sun, 10 Mar 2013 13:39:46 +0100

Available diffs

Superseded in saucy-release on 2013-04-28
Obsolete in raring-release on 2015-04-24
Deleted in raring-proposed on 2015-04-27 (Reason: moved to release)
dbus (1.6.8-1ubuntu6) raring; urgency=low

  * Tweak startup condition of user-job to block xsession-init until it's
    started. (LP: #1155205)
 -- Stephane Graber <email address hidden>   Mon, 25 Mar 2013 09:52:01 -0400

Available diffs

Superseded in raring-release on 2013-03-25
Deleted in raring-proposed on 2013-03-26 (Reason: moved to release)
dbus (1.6.8-1ubuntu5) raring; urgency=low

  * debian/libdbus-1-3.postinst: Force an upgrade to restart Upstart
    (to pick up new package version) if the running instance supports
    it (LP: #1146653).
 -- James Hunt <email address hidden>   Thu, 14 Mar 2013 10:32:39 -0400
Superseded in raring-proposed on 2013-03-14
dbus (1.6.8-1ubuntu4) raring; urgency=low

  * Add upstart user session job for dbus.
 -- Stephane Graber <email address hidden>   Tue, 12 Mar 2013 15:04:50 -0400

Available diffs

Superseded in raring-release on 2013-03-14
Deleted in raring-proposed on 2013-03-16 (Reason: moved to release)
dbus (1.6.8-1ubuntu3) raring; urgency=low

  * Mark libdbus-1-dev as Multi-Arch same.
 -- Dmitrijs Ledkovs <email address hidden>   Mon, 07 Jan 2013 17:36:51 +0000

Available diffs

Superseded in raring-release on 2013-01-07
Deleted in raring-proposed on 2013-01-09 (Reason: moved to release)
dbus (1.6.8-1ubuntu2) raring; urgency=low

  * The tests are not run diring the build. Configure with --disable-tests,
    drop the build dependencies needed for the tests.
 -- Matthias Klose <email address hidden>   Mon, 07 Jan 2013 17:03:23 +0100

Available diffs

175 of 226 results