-
dbus (1.6.18-0ubuntu4.5) trusty; urgency=medium
* debian/patches/unrequested-reply-mediation.patch: Don't let unrequested
reply messages through and don't audit them. Unrequested reply messages
are error or method_return messages that are sent from D-Bus connection A
to D-Bus connection B that do not correspond to any message ever sent by
D-Bus connection B. They should be quietly dropped as there's no use for
them outside of malicious activity. Patch based on upstream patches.
(LP: #1641243)
-- Tyler Hicks <email address hidden> Wed, 30 Nov 2016 21:44:48 +0000
-
dbus (1.6.18-0ubuntu4.4) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via ActivationFailure signal race
- debian/patches/CVE-2015-0245.patch: prevent forged ActivationFailure
from non-root processes in bus/system.conf.in.
- CVE-2015-0245
* SECURITY UPDATE: arbitrary code execution or denial of service via
format string vulnerability
- debian/patches/format_string.patch: do not use non-literal format
string in bus/activation.c.
- No CVE number
-- Marc Deslauriers <email address hidden> Wed, 12 Oct 2016 08:33:44 -0400
-
dbus (1.6.18-0ubuntu4.3) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via large number of fds
- debian/patches/CVE-2014-7824.patch: raise rlimit and restore it for
activated services in bus/activation.c, bus/bus.*,
dbus/dbus-sysdeps-util-unix.c, dbus/dbus-sysdeps-util-win.c,
dbus/dbus-sysdeps.h.
- debian/dbus.init: don't launch daemon as a user so the rlimit can be
raised.
- CVE-2014-7824
* SECURITY REGRESSION: authentication timeout on certain slower systems
- debian/patches/CVE-2014-3639-regression.patch: raise auth_timeout
back up to 30 secs in bus/config-parser.c, add a warning to
bus/connection.c.
- CVE-2014-3639
-- Marc Deslauriers <email address hidden> Tue, 25 Nov 2014 14:36:43 -0500
-
dbus (1.6.18-0ubuntu4.2) trusty-security; urgency=medium
* SECURITY UPDATE: buffer overrun via odd max_message_unix_fds
- debian/patches/CVE-2014-3635.patch: do not extra fds in cmsg padding
in dbus/dbus-sysdeps-unix.c, allow using _DBUS_STATIC_ASSERT at a
non-global scope in dbus/dbus-internals.h, dbus/dbus-macros.h.
- CVE-2014-3635
* SECURITY UPDATE: denial of service via large number of fds
- debian/patches/CVE-2014-3636.patch: reduce max number of fds in
bus/config-parser.c, bus/session.conf.in, dbus/dbus-message.c,
dbus/dbus-sysdeps.h.
- CVE-2014-3636
* SECURITY UPDATE: denial of service via persistent file descriptiors
- debian/patches/CVE-2014-3637.patch: add a timeout to expire pending
fds in bus/bus.*, bus/config-parser.c, bus/connection.c,
bus/session.conf.in, cmake/bus/dbus-daemon.xml,
dbus/dbus-connection-internal.h, dbus/dbus-connection.c,
dbus/dbus-message-internal.h, dbus/dbus-message-private.h,
dbus/dbus-message.c, dbus/dbus-transport.*.
- CVE-2014-3637
* SECURITY UPDATE: denial of service via large number of pending replies
- debian/patches/CVE-2014-3638.patch: reduce max_replies_per_connection
to 128 in bus/config-parser.c.
- CVE-2014-3638
* SECURITY UPDATE: denial of service via incomplete connections
- debian/patches/CVE-2014-3639.patch: reduce auth_timeout in
bus/config-parser.c, stop listening on DBusServer sockets when
reaching max_incomplete_connections in bus/bus.*, bus/connection.*,
dbus/dbus-server-protected.h, dbus/dbus-server.c, dbus/dbus-watch.*.
- CVE-2014-3639
-- Marc Deslauriers <email address hidden> Wed, 17 Sep 2014 10:16:51 -0400
-
dbus (1.6.18-0ubuntu4.1) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via activation errors
- debian/patches/CVE-2014-3477.patch: improve error handling in
bus/activation.*, bus/services.c.
- CVE-2014-3477
* SECURITY UPDATE: denial of service via ETOOMANYREFS
- debian/patches/CVE-2014-3532.patch: drop message on ETOOMANYREFS in
dbus/dbus-sysdeps.*, dbus/dbus-transport-socket.c.
- CVE-2014-3532
* SECURITY UPDATE: denial of service via invalid file descriptor
- debian/patches/CVE-2014-3533.patch: fix memory handling in
dbus/dbus-message.c.
- CVE-2014-3533
-- Marc Deslauriers <email address hidden> Thu, 03 Jul 2014 08:35:11 -0400
-
dbus (1.6.18-0ubuntu4) trusty; urgency=medium
* Create ~/.cache/upstart if it doesn't already exist.
Thanks to Ryan Lovett for the patch. (LP: #1300516)
-- Stephane Graber <email address hidden> Tue, 01 Apr 2014 17:53:17 -0400
-
dbus (1.6.18-0ubuntu3) trusty; urgency=low
* aa-mediate-eavesdropping.patch: Query AppArmor when confined applications
attempt to eavesdrop on the bus. See the apparmor.d(5) man page for
AppArmor syntax details. (LP: #1262440)
* debian/control: Depend on the apparmor version containing the new
eavesdrop permission
-- Tyler Hicks <email address hidden> Mon, 13 Jan 2014 11:45:21 -0600
-
dbus (1.6.18-0ubuntu2) trusty; urgency=low
[ James Hunt ]
* debian/dbus.user-session.upstart: Communicate session bus to Upstart
Session Init to avoid potential out-of-memory scenario triggered by
Upstart clients that do not run main loops (LP: #1235649, LP: #1252317).
-- Dmitrijs Ledkovs <email address hidden> Tue, 19 Nov 2013 11:14:58 +0000
-
dbus (1.6.18-0ubuntu1) trusty; urgency=low
* New upstream version
-- Sebastien Bacher <email address hidden> Mon, 11 Nov 2013 18:07:24 +0100
-
dbus (1.6.12-0ubuntu10) saucy; urgency=low
* debian/patches/aa-mediation.patch: Attempt to open() the mask file in
apparmorfs/features/dbus rather than simply stat() the dbus directory.
This is an important difference because AppArmor does not mediate the
stat() syscall. This resulted in problems in an environment where
dbus-daemon, running inside of an LXC container, did not have the
necessary AppArmor rules to access apparmorfs but the stat() succeeded
so mediation was not properly disabled. (LP: #1238267)
This problem was exposed after dropping aa-kernel-compat-check.patch
because the compat check was an additional check that performed a test
query. The test query was failing in the above scenario, which did result
in mediation being disabled.
* debian/patches/aa-get-connection-apparmor-security-context.patch,
debian/patches/aa-mediate-eavesdropping.patch: Refresh these patches to
accomodate the above change
-- Tyler Hicks <email address hidden> Thu, 10 Oct 2013 10:40:26 -0700