-
acpid (1.0.10-5ubuntu2.5) lucid-security; urgency=low
* SECURITY UPDATE: Arbitrary code execution in the power button handling
script (LP: #893821)
- debian/powerbtn.sh: Ensure that the DBUS_SESSION_BUS_ADDRESS environment
variable is only read from a process owned by the user that will be
evaluating the variable.
- CVE-2011-2777
* SECURITY UPDATE: Unprivileged users may be able to write to directories
and read files created by event handler scripts
- event.c: Set a restrictive umask of 0077 before running an event handler
script. Based on upstream patch.
- CVE-2011-4578
-- Tyler Hicks <email address hidden> Wed, 07 Dec 2011 16:35:39 -0600
-
acpid (1.0.10-5ubuntu2.2) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via blocking socket
- debian/patches/CVE-2011-1159.patch: adjust the socket fd to use
O_NONBLOCK
- CVE-2011-1159
-- Jamie Strandboge <email address hidden> Thu, 13 Oct 2011 17:31:21 -0500
-
acpid (1.0.10-5ubuntu2.1) lucid-proposed; urgency=low
* debian/powerbtn.sh: ensure that /usr/share/acpi-support/power-funcs
exists before sourcing it; note that acpid does not depend on
acpi-support (which is fine, as it brings in lots of X dependencies
not appropriate for servers); this fix will allow Ubuntu servers
(especially those in VMs) to run acpid and catch and handle power
button events again; LP: #570450
-- Dustin Kirkland <email address hidden> Mon, 26 Apr 2010 17:25:02 -0500
-
acpid (1.0.10-5ubuntu2) lucid; urgency=low
* Source /usr/share/acpi-support/power-funcs in powerbtn.sh (LP: #508073)
-- Jonathan Thomas <email address hidden> Fri, 15 Jan 2010 19:59:47 -0500
-
acpid (1.0.10-5ubuntu1) lucid; urgency=low
* Merge from Debian testing. Remaining changes:
- Replace init script with Upstart job.
- This does not load modules, unlike the init script, since these are
all loaded by ACPI:* modaliases now (and thus by udev)
- debian/control:
- Bump build-dependency on debhelper for Upstart-aware dh_installinit
- debian/preinst, debian/acpid.install, debian/control, debian/rules:
continue installing /etc/acpi/events/powerbtn and /etc/acpi/powerbtn.sh,
deferring the migration to acpi-support-base; and drop the Recommends:
on acpi-support-base for the same reason.
acpid (1.0.10-5) unstable; urgency=high
* Correct permissions that were incorrectly set by very old acpid versions.
This fixes CVE-2009-4235. (Closes: #560771)
-- Steve Langasek <email address hidden> Wed, 23 Dec 2009 00:32:09 +0000
-
acpid (1.0.10-4ubuntu1) lucid; urgency=low
* Merge from Debian testing. Remaining changes:
- Replace init script with Upstart job.
- This does not load modules, unlike the init script, since these are
all loaded by ACPI:* modaliases now (and thus by udev)
- debian/control:
- Bump build-dependency on debhelper for Upstart-aware dh_installinit
* Dropped changes, integrated upstream:
- build with -D_GNU_SOURCE to make "struct ucred" available
- acpid.*, event.c, ud_socket.*: limit the number of non-root clients,
correctly close dead connections.
- Remove the logrotate file on upgrade
- Bump Standards-Version to 3.8.0
- debian/powerbtn.sh:
- Update for KDE 4
- Add dalston-power-applet to list of handlers for power
button events
- add xfce4-power-manager to the list of handlers as well.
* Dropped changes, superseded by upstart conversion:
- debian/acpid.init.d: add the 'status' action
- Replace "multiuser" deprecated init mode in debian/rules with manual
arguments. Adapt the corresponding change in LSB init script header
and runtime dependency in debian/control
- depend on sysv-rc
* debian/preinst, debian/acpid.install, debian/control, debian/rules:
continue installing /etc/acpi/events/powerbtn and /etc/acpi/powerbtn.sh,
deferring the migration to acpi-support-base; and drop the Recommends:
on acpi-support-base for the same reason.
acpid (1.0.10-4) unstable; urgency=low
* Updated netlink patch to version 6.
acpid (1.0.10-3) unstable; urgency=low
* Made acpid recommend correct version of acpi-support-base.
* Added missing input defines for Thinkpads. (Closes: #521280) -
thanks to Harald Braumann <email address hidden>
* Fixed package description. (Closes: #549948) - thanks to Justin B
Rye <email address hidden>
* Clarify some wording. - thanks to Thiemo Nagel
<email address hidden>
* Bumped Standards-Version to 3.8.3, no changes needed.
* Fix some lintian warnings.
* Updated list of power managers. (Closes: #547326)
* Stopping for single user mode could be done by sendsigs as well.
* Updated to netlink patch to version 1.0.10-netlink5. (Closes:
#522756)
acpid (1.0.10-2) unstable; urgency=low
* Updated netlink patch to version 1.0.10-netlink2.
* Added patch to make acpid compile with gcc 4.4, closes: #526665
acpid (1.0.10-1) unstable; urgency=high
* New upstream version fixing CVE-2009-0798.
* Removed fixfd patch which was applied upstream.
* Made example powerbtn.sh script work with kde4, closes: #526000
acpid (1.0.8-8) unstable; urgency=low
* Fixed netlink patch to not expect long option --netlink to carry an
argument, closes: #524223
* Do not remove /etc/acpi/ config at each upgrade, closes: #524528
acpid (1.0.8-7) unstable; urgency=low
* Fixed ioctl call to use correct buffer size, closes: #521512
* Do not print error message for missing event file unless we are in debug
mode, closes: #521666
* Bumped Standards-Version to 3.8.1, no changes needed.
acpid (1.0.8-6) unstable; urgency=low
* Start acpid even if /proc/acpi/event doesn't exist, closes: #516079
* Recommend acpi-support-base so a script handling power button pressing is
installed.
* If the power button script had been changed, not only rename it but also
keep a changed events file to not lose functionality, closes: #516083
acpid (1.0.8-5) unstable; urgency=low
* Reverted redirection patch, it broke debug mode.
acpid (1.0.8-4) unstable; urgency=low
* Added patch to correctly redirect stdin/stdout/stderr to /dev/null.
* Added patch by Ted Felix <email address hidden> adding netlink support to
acpid, closes: #462467, #515773
acpid (1.0.8-3) unstable; urgency=low
* Only conditionally restart hal on purge, closes: #515650
* Remove the remaining scriptlets in /etc/acpi. All files are still available
and installed as examples under /usr/share/doc/acpid/examples but not under
/etc/acpi anymore.
* Fixed GPL version information in copyright file.
acpid (1.0.8-2) unstable; urgency=low
[ Loic Minier ]
* Add git-buildpackage config debian/gbp.conf.
[ Michael Meskes ]
* Added patch by Harald Braumann <email address hidden> to correctly open
/dev/null, closes: #483805
* Removed old syslog patch as upstream has the same/similar functionality
nowadays, closes: #496574
* Made powerbtn.sh script fall back to shutdown if dbus fails, closes: #492756
* Restart hal in case of acpid removal, closes: #505663
acpid (1.0.8-1) unstable; urgency=low
[ Loic Minier ]
* Comment out OPTIONS in the acpid defaults file as -c /etc/acpi/events is
the default anyway; this paves the way to a future removal of this file.
* Test for /proc/acpi/event instead of /proc/acpi in init script;
see Debian #440870.
* Document rationale for hal restart in postinst.
[ Michael Meskes ]
* New upstream version.
* Moved our patches to debian/patches and added support for quilt.
acpid (1.0.6-16) unstable; urgency=low
[ Loic Minier ]
* Reword hints in /etc/default/acpid; suggested by Julien Blache.
* Drop bogus space in modules.dep causing modules without dependencies to
not be loaded for MODULES="all".
* Check for read permissions on the defaults file before attempting to
source it.
* Don't load any module (MODULES default to empty string) when the default
file doesn't exist or doesn't specify MODULES.
* Ignore the result of load_modules.
* Unset MODPROBE_OPTIONS to work around a bug in initramfs which leaks this
env var Launchpad #291619 and a bug in modprobe --all --quiet which
doesn't load all modules and exits with non-zero exit status
Debian.org #504088; thanks Derrick Karpo and Julien Blache;
closes: #502704.
[ Michael Meskes ]
* Make sure there is no link created in runlevel 0 and 6 to stop acpid.
* Remove old links in runlevel 0 and 6, closes: #502613.
* Comment out MODULES setting in default file, so no module is loaded per
default.
acpid (1.0.6-15) unstable; urgency=low
[ Michael Meskes ]
* Fixed check for /proc/modules to not throw an error
closes: #502881, #502704
[ Loic Minier ]
* Fix above fix. :-P
acpid (1.0.6-14) unstable; urgency=low
[ Loic Minier ]
* Merge support for the "status" action in the acpid init script from the
Ubuntu package; depend on lsb-base >= 3.2-14.
* Don't stop acpid in runlevels 0 and 6; from Ubuntu, closes:#495544
* Fix support for Ubuntu kernels, stop guessing distro but always try to use
the ubuntu/acpi module dir if present; this allows using Ubuntu kernels on
Ubuntu, removes references to Ubuntu from a number of places, and makes
the script simpler to maintain and more efficient; also matches the
current Ubuntu script.
* Cleanup rules; drop DH_VERBOSE.
* Wrap build-deps and deps in control to get cleaner diffs.
* Add myself to uploaders.
* Drop obsolete information from README.Debian.
* Cleanup the awful init script.
- Drop support for *.o kernel module files; .ko is used since 2.5 kernels.
- Greatly simplify computing the list of available acpi modules by parsing
modules.dep(5) instead of running find and sh multiple times.
- Rename debian/acpid.init.d to debian/acpid.init to match debhelper's
documented name (debhelper does pick up .init.d as well, but this is
undocumented); this also avoid confusing vim which believe it's a D
file.
- Don't disable printk when loading ACPI modules; this is not only
fragile, broken, and intrusive, it's also out of the realm of acpid to
do. This snippet:
[ "$VERBOSE" = "no" ] && echo "0 0 0 0" > /proc/sys/kernel/printk
can be moved to a more sensible place if it makes sense during boot, but
I doubt anybody wants that.
- Fix support for kernels without dynamic module loading; closes: #500659.
* Use Vcs-* instead of XS-Vcs-* and fix URLs to point at the new git repos;
closes: #501305.
* Remove obsolete conffile /etc/logrotate.d/acpid in preinst; thanks to
James Westby and Ubuntu; LP: #263888. It's interesting to note that this
caused the new acpid to die once per week when logrotation kicked in.
Closes: #487815, #491058, #495686
* Pass -s to dh_* commands in binary-arch.
* Resume shipping /etc/acpi/powerbtn.sh and /etc/acpi/events/powerbtn in
acpid. They are also installed in the examples for people who symlink to
the examples. Please note that powerbtn.sh disables itself when it
detects a running power management daemon such as gnome-power-manager or
kpowersave.
* Add -D_GNU_SOURCE in Makefile's CFLAGS to fix build with newer libc6 (such
as 2.8+20080809-1 in experimental or 2.8~20080505-0ubuntu7in Ubuntu
intrepid) in making "struct ucred" available; see
http://sourceware.org/bugzilla/show_bug.cgi?id=6545.
[ Michael Meskes ]
* Fixed path to hal pidfile, closes: #440870
acpid (1.0.6-13) unstable; urgency=low
* Check for distribution during build time, closes: #499825, #500003
acpid (1.0.6-12) unstable; urgency=low
* Check for Ubuntu/Debian in apt sources list instead of /etc/issue,
closes: #499825, #499854
acpid (1.0.6-11) unstable; urgency=low
* Changed maintainer to Debian Acpi Team.
* Do not call lsb-release on startup, closes: #491388
acpid (1.0.6-10) unstable; urgency=low
* Removed Ubuntu version information.
* Back to only including some modules on default. Using all modules creates
strange error messages and even backtraces on some machines. ALL option
remains listed but commented out, closes: #484354
* Add video to list of modules, closes: #459237
* Made package lintian clean.
* In Debian do not load Ubuntu modules from Ubuntu directory. I do not see
any package providing this directory.
* Do only install powerbutton scripts as example,
closes: #481903, #484306, #253423
* Fixed watch file.
* Clarified specification of acpid options, closes: #486788
* Bumped Standards-Version to 3.8.0
-- Steve Langasek <email address hidden> Fri, 18 Dec 2009 07:44:04 +0000
-
acpid (1.0.10-4) unstable; urgency=low
* Updated netlink patch to version 6.
acpid (1.0.10-3) unstable; urgency=low
* Made acpid recommend correct version of acpi-support-base.
* Added missing input defines for Thinkpads. (Closes: #521280) -
thanks to Harald Braumann <email address hidden>
* Fixed package description. (Closes: #549948) - thanks to Justin B
Rye <email address hidden>
* Clarify some wording. - thanks to Thiemo Nagel
<email address hidden>
* Bumped Standards-Version to 3.8.3, no changes needed.
* Fix some lintian warnings.
* Updated list of power managers. (Closes: #547326)
* Stopping for single user mode could be done by sendsigs as well.
* Updated to netlink patch to version 1.0.10-netlink5. (Closes:
#522756)
acpid (1.0.10-2) unstable; urgency=low
* Updated netlink patch to version 1.0.10-netlink2.
* Added patch to make acpid compile with gcc 4.4, closes: #526665
acpid (1.0.10-1) unstable; urgency=high
* New upstream version fixing CVE-2009-0798.
* Removed fixfd patch which was applied upstream.
* Made example powerbtn.sh script work with kde4, closes: #526000
acpid (1.0.8-8) unstable; urgency=low
* Fixed netlink patch to not expect long option --netlink to carry an
argument, closes: #524223
* Do not remove /etc/acpi/ config at each upgrade, closes: #524528
acpid (1.0.8-7) unstable; urgency=low
* Fixed ioctl call to use correct buffer size, closes: #521512
* Do not print error message for missing event file unless we are in debug
mode, closes: #521666
* Bumped Standards-Version to 3.8.1, no changes needed.
acpid (1.0.8-6) unstable; urgency=low
* Start acpid even if /proc/acpi/event doesn't exist, closes: #516079
* Recommend acpi-support-base so a script handling power button pressing is
installed.
* If the power button script had been changed, not only rename it but also
keep a changed events file to not lose functionality, closes: #516083
acpid (1.0.8-5) unstable; urgency=low
* Reverted redirection patch, it broke debug mode.
acpid (1.0.8-4) unstable; urgency=low
* Added patch to correctly redirect stdin/stdout/stderr to /dev/null.
* Added patch by Ted Felix <email address hidden> adding netlink support to
acpid, closes: #462467, #515773
acpid (1.0.8-3) unstable; urgency=low
* Only conditionally restart hal on purge, closes: #515650
* Remove the remaining scriptlets in /etc/acpi. All files are still available
and installed as examples under /usr/share/doc/acpid/examples but not under
/etc/acpi anymore.
* Fixed GPL version information in copyright file.
acpid (1.0.8-2) unstable; urgency=low
[ Loic Minier ]
* Add git-buildpackage config debian/gbp.conf.
[ Michael Meskes ]
* Added patch by Harald Braumann <email address hidden> to correctly open
/dev/null, closes: #483805
* Removed old syslog patch as upstream has the same/similar functionality
nowadays, closes: #496574
* Made powerbtn.sh script fall back to shutdown if dbus fails, closes: #492756
* Restart hal in case of acpid removal, closes: #505663
acpid (1.0.8-1) unstable; urgency=low
[ Loic Minier ]
* Comment out OPTIONS in the acpid defaults file as -c /etc/acpi/events is
the default anyway; this paves the way to a future removal of this file.
* Test for /proc/acpi/event instead of /proc/acpi in init script;
see Debian #440870.
* Document rationale for hal restart in postinst.
[ Michael Meskes ]
* New upstream version.
* Moved our patches to debian/patches and added support for quilt.
acpid (1.0.6-16) unstable; urgency=low
[ Loic Minier ]
* Reword hints in /etc/default/acpid; suggested by Julien Blache.
* Drop bogus space in modules.dep causing modules without dependencies to
not be loaded for MODULES="all".
* Check for read permissions on the defaults file before attempting to
source it.
* Don't load any module (MODULES default to empty string) when the default
file doesn't exist or doesn't specify MODULES.
* Ignore the result of load_modules.
* Unset MODPROBE_OPTIONS to work around a bug in initramfs which leaks this
env var Launchpad #291619 and a bug in modprobe --all --quiet which
doesn't load all modules and exits with non-zero exit status
Debian.org #504088; thanks Derrick Karpo and Julien Blache;
closes: #502704.
[ Michael Meskes ]
* Make sure there is no link created in runlevel 0 and 6 to stop acpid.
* Remove old links in runlevel 0 and 6, closes: #502613.
* Comment out MODULES setting in default file, so no module is loaded per
default.
acpid (1.0.6-15) unstable; urgency=low
[ Michael Meskes ]
* Fixed check for /proc/modules to not throw an error
closes: #502881, #502704
[ Loic Minier ]
* Fix above fix. :-P
acpid (1.0.6-14) unstable; urgency=low
[ Loic Minier ]
* Merge support for the "status" action in the acpid init script from the
Ubuntu package; depend on lsb-base >= 3.2-14.
* Don't stop acpid in runlevels 0 and 6; from Ubuntu, closes:#495544
* Fix support for Ubuntu kernels, stop guessing distro but always try to use
the ubuntu/acpi module dir if present; this allows using Ubuntu kernels on
Ubuntu, removes references to Ubuntu from a number of places, and makes
the script simpler to maintain and more efficient; also matches the
current Ubuntu script.
* Cleanup rules; drop DH_VERBOSE.
* Wrap build-deps and deps in control to get cleaner diffs.
* Add myself to uploaders.
* Drop obsolete information from README.Debian.
* Cleanup the awful init script.
- Drop support for *.o kernel module files; .ko is used since 2.5 kernels.
- Greatly simplify computing the list of available acpi modules by parsing
modules.dep(5) instead of running find and sh multiple times.
- Rename debian/acpid.init.d to debian/acpid.init to match debhelper's
documented name (debhelper does pick up .init.d as well, but this is
undocumented); this also avoid confusing vim which believe it's a D
file.
- Don't disable printk when loading ACPI modules; this is not only
fragile, broken, and intrusive, it's also out of the realm of acpid to
do. This snippet:
[ "$VERBOSE" = "no" ] && echo "0 0 0 0" > /proc/sys/kernel/printk
can be moved to a more sensible place if it makes sense during boot, but
I doubt anybody wants that.
- Fix support for kernels without dynamic module loading; closes: #500659.
* Use Vcs-* instead of XS-Vcs-* and fix URLs to point at the new git repos;
closes: #501305.
* Remove obsolete conffile /etc/logrotate.d/acpid in preinst; thanks to
James Westby and Ubuntu; LP: #263888. It's interesting to note that this
caused the new acpid to die once per week when logrotation kicked in.
Closes: #487815, #491058, #495686
* Pass -s to dh_* commands in binary-arch.
* Resume shipping /etc/acpi/powerbtn.sh and /etc/acpi/events/powerbtn in
acpid. They are also installed in the examples for people who symlink to
the examples. Please note that powerbtn.sh disables itself when it
detects a running power management daemon such as gnome-power-manager or
kpowersave.
* Add -D_GNU_SOURCE in Makefile's CFLAGS to fix build with newer libc6 (such
as 2.8+20080809-1 in experimental or 2.8~20080505-0ubuntu7in Ubuntu
intrepid) in making "struct ucred" available; see
http://sourceware.org/bugzilla/show_bug.cgi?id=6545.
[ Michael Meskes ]
* Fixed path to hal pidfile, closes: #440870
acpid (1.0.6-13) unstable; urgency=low
* Check for distribution during build time, closes: #499825, #500003
acpid (1.0.6-12) unstable; urgency=low
* Check for Ubuntu/Debian in apt sources list instead of /etc/issue,
closes: #499825, #499854
acpid (1.0.6-11) unstable; urgency=low
* Changed maintainer to Debian Acpi Team.
* Do not call lsb-release on startup, closes: #491388
acpid (1.0.6-10) unstable; urgency=low
* Removed Ubuntu version information.
* Back to only including some modules on default. Using all modules creates
strange error messages and even backtraces on some machines. ALL option
remains listed but commented out, closes: #484354
* Add video to list of modules, closes: #459237
* Made package lintian clean.
* In Debian do not load Ubuntu modules from Ubuntu directory. I do not see
any package providing this directory.
* Do only install powerbutton scripts as example,
closes: #481903, #484306, #253423
* Fixed watch file.
* Clarified specification of acpid options, closes: #486788
* Bumped Standards-Version to 3.8.0
-- Ubuntu Archive Auto-Sync <email address hidden> Fri, 18 Dec 2009 06:54:58 +0000
-
acpid (1.0.6-9ubuntu8) karmic; urgency=low
* debian/powerbtn.sh: add xfce4-power-manager to the list of handlers as
well. LP: #425155
-- Lionel Le Folgoc <email address hidden> Wed, 23 Sep 2009 14:53:01 +0200
