dbus (1.9.20-1ubuntu1) wily; urgency=medium
* Merge with Debian (LP: #1477086), remaining changes:
- Add upstart jobs; Upstart is still supported for the system init.
+ Add debian/dbus.upstart and dbus.user-session.upstart
- Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service
unit (see patch header and upstream bug for details). Fixes various
causes of shutdown hangs, particularly with remote file systems. (LP:
#1438612)
- aa-get-connection-apparmor-security-context.patch: This is not
intended for upstream inclusion. It implements a bus method
(GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
security context but upstream D-Bus has recently added a generic way of
getting a connection's security credentials (GetConnectionCredentials).
Ubuntu should carry this patch until packages in the archive are moved
over to the new, generic method of getting a connection's credentials.
* Dropped changes:
+ 81-session.conf-timeout.patch; didn't ever do anything. (LP: #1479771)
+ 20_system_conf_limit.patch: Dropped. This was introduced due to problems
with aptdaemon and large transactions. These problems seem to no longer
exists, so we will try to run without an increased limit.
+ All other changes merged in Debian.
dbus (1.9.20-1) experimental; urgency=medium
* New upstream release (release candidate for 1.10)
* Add a tmpfiles.d snippet so that on systemd machines,
/var/lib/dbus/machine-id is a symlink to /etc/machine-id if not
otherwise created. This might help third-party software
that relies on that path, in cloud/live images where
/var/lib/dbus/machine-id is deleted during image preparation,
while avoiding having to run dbus-uuidgen on boot (as done in
non-systemd init systems and dbus/1.8.12-1ubuntu4).
* dbus.postinst: don't try to reload bus setup/configuration if we
are running an older version that will not understand the new
arrangement (Closes: #793519)
dbus (1.9.18-1) experimental; urgency=medium
* New upstream development release
* debian/.gitignore: add
* Adapt for bus setup in ${datadir}
- deb: install both /etc/dbus-1/s*.conf and /usr/share/dbus-1/s*.conf
- udeb: install /usr/share/dbus-1/session.conf only
- configure the debug build to share /usr/share with the production build
dbus (1.8.20-1) unstable; urgency=medium
* New upstream bugfix release
- fix a memory leak when GetConnectionCredentials is called
- stop dbus-monitor replying to org.freedesktop.DBus.Peer
messages, including those that another process should have
replied to
dbus (1.9.16-2) experimental; urgency=medium
* libdbus-1-3 Breaks dbus versions that did not have a lockstep dependency
on it, to allow dropping internal ABIs (Closes: #785378)
* Drop now-unnecessary XS-Testsuite field from d/control
dbus (1.9.16-1) experimental; urgency=medium
* New upstream development release
* Update symbols file
- new ABI: dbus_message_iter_get_element_count()
- ignore removal of dbus_internal_do_not_use_create_uuid(),
it is just as internal as its name would suggest
- make dbus_internal_do_not_use_get_uuid() generate a lockstep
dependency on libdbus (it's used by dbus-uuidgen)
dbus (1.8.18-1) unstable; urgency=medium
* New upstream bugfix release
- Hardening: lock down the session bus to only allow EXTERNAL auth by
default, the same as the system bus. This avoids allowing
DBUS_COOKIE_SHA1, which can end up using a predictable random source
on systems where /dev/urandom is unavailable or dbus-daemon runs out
of memory. See the upstream NEWS for more details.
dbus (1.9.14-2) experimental; urgency=medium
* Remove dbus-glib build-dependency, no longer used
* Merge from unstable
- security hardening: PIE, bindnow
- transcode debian/rules from Latin-1 to UTF-8
- reproducible build
dbus (1.8.16-2) unstable; urgency=medium
* Merge packaging changes (but not the new upstream branch) from
experimental:
- Move Vcs-Git to cgit; go via https, because we can
- Standards-Version: 3.9.6 (no changes needed)
- Remove debian/source/local-options, no longer necessary (dpkg-source
now unapplies patches after the build if they were unapplied before)
- Configure gbp-pq to export patches without patch numbers, and
re-export our long-standing Debian patch in that format
- dbus-x11: use dbus-x11.install for the Xsession hook
- If DEB_BUILD_OPTIONS=noudeb, don't do the udeb build, for a 30% speedup
- Change the check for requiring a reboot to be init-system-agnostic
so Ubuntu can stop patching it (partially addresses #712167)
* Security hardening: build position-independent executables
for better ASLR
* Security hardening: build with bindnow, so relro (which is
already on by default) can make the entire PLT read-only
* Transcode debian/rules from Latin-1 to UTF-8
* Reproducible build: remove dates from man pages using sed
* Reproducible build: patch Doxyfile.in to not include timestamps
in HTML documentation
dbus (1.9.14-1) experimental; urgency=medium
* New upstream release
- drop all patches, except for warnings being non-fatal by default:
all merged upstream
- removes redundant <apparmor> directive that matches the new default
behaviour anyway, allowing the old system bus to continue to reload
its configuration until the system is rebooted (Closes: #779463)
- update symbols file for new versioned-symbol support
- generate strict (= ${binary:Version}) dependencies for
anything using private symbols
* Use the library in dbus-1-dbg to satisfy its binaries' dependencies
dbus (1.9.12-1) experimental; urgency=medium
* New upstream release adds AppArmor mediation support
- enable AppArmor in the normal build, disable it in the udeb
- disable build of ducktype docs for now, it isn't in Debian
- remove upstreamed patches
- update patch series
* Update patch series for fd.o #61301 to latest version
* Change the check for requiring a reboot to be init-system-agnostic
so Ubuntu can stop patching it (partially addresses #712167)
* dbus Suggests: dbus-user-session | dbus-x11, not just dbus-x11
* dbus-user-session Depends: libpam-systemd since it really needs logind
dbus (1.9.10-3) experimental; urgency=medium
* Update proposed fd.o #61301 patch set:
- dbus-launch --autolaunch now returns the XDG_RUNTIME_DIR/bus if
available
dbus (1.9.10-2) experimental; urgency=low
* Remove debian/source/local-options, no longer necessary (dpkg-source now
unapplies patches after the build if they were unapplied before)
* Configure gbp-pq to export patches without patch numbers, and
re-export our long-standing Debian patch in that format
* Add patch from upstream to reduce the number of fds the fdpass test
demands, fixing autopkgtest in a more limited environment
* Add patch from upstream to add a man page for dbus-test-tool
* Move installed-tests for the production build (but not the debug build)
to a new dbus-tests package, and add dbus-test-tool to that package
* dbus-x11: use dbus-x11.install for the Xsession hook
* If DEB_BUILD_OPTIONS=noudeb, don't do the udeb build, for a 30% speedup
* Add patch proposed upstream adding unix:runtime=yes as a listenable
address (fd.o #61303)
* Add user-bus patch set as proposed upstream (fd.o #61301):
- connect to XDG_RUNTIME_DIR/bus by default, if it is a socket
- add systemd --user units to run dbus-daemon, in the new
dbus-user-session package (Closes: #682375, #774626 for
users of systemd and dbus-user-session)
- even if dbus-x11 is installed, do not override an existing
DBUS_SESSION_BUS_ADDRESS (Closes: #681241)
- if dbus-x11 is installed, propagate all Xsession environment
variables except XDG_SEAT, XDG_SESSION_ID, XDG_VTNR into
D-Bus and systemd services for backwards compatibility
(remove dbus-x11 to get a "legacy-free" mode of operation)
dbus (1.9.10-1) experimental; urgency=high
* New upstream release fixes a local denial of service
when using systemd activation (CVE-2015-0245)
* Move Vcs-Git to cgit; go via https, because we can
* Standards-Version: 3.9.6 (no changes needed)
dbus (1.8.16-1) unstable; urgency=high
* New upstream release fixes a local denial of service
when using systemd activation (CVE-2015-0245)
dbus (1.9.8-1) experimental; urgency=medium
* Merge from unstable
- relax the triggers from interest to interest-noawait (Closes: #771989;
mitigates: #776063; partially reopens: #740139), see below
* New upstream release with GNOME-style installed tests
- run the tests through gnome-desktop-testing-runner
- also continue to run the tests the old way to make sure there are
no regressions
- also run one test as root to verify behaviour with multiple uids
- dbus-1-dbg is temporarily not Multi-Arch: same (until we split out
dbus-1-tests, which will require a trip through the NEW queue)
dbus (1.8.14-2) unstable; urgency=high
* Relax the triggers from interest to interest-noawait (Closes: #771989;
mitigates: #776063; partially reopens: #740139).
This is not strictly correct, because the purpose of the triggers
is to set up the .conf, .service files for system services before those
services satisfy dependencies. However, it mitigates #776063
(apt getting into a stuck state during upgrades), and should in
principle be redundant anyway, because dbus-daemon is meant to use
inotify to keep up with configuration changes. See #771989, #776063
for details.
dbus (1.8.14-1) unstable; urgency=medium
* New upstream release to harden dbus-daemon against packages that install
unsafe security policy configurations.
dbus (1.9.6-1) experimental; urgency=medium
* New upstream release to harden dbus-daemon against packages that install
unsafe security policy configurations.
* Merge from unstable:
- preinst: partially revert change from 1.9.4-2. It seems that the
preinst is too late to add a useful dpkg-statoverride entry: dpkg has
already loaded the statoverride database by this point, and if we add
the entry in the preinst, dpkg-statoverride won't run and have
its --update side-effect in the postinst. (Closes: #773107, #773838)
- postinst: don't run dpkg-statoverride with 2>/dev/null: in the unlikely
event that it fails for a reason other than "not overridden" (which
results in silently exiting 1), we'll want to know about it.
dbus (1.8.12-3) unstable; urgency=medium
* preinst: partially revert change from 1.8.12-2. It seems that the
preinst is too late to add a useful dpkg-statoverride entry: dpkg has
already loaded the statoverride database by this point, and if we add
the entry in the preinst, dpkg-statoverride won't run and have
its --update side-effect in the postinst. (Closes: #773107, #773838)
* postinst: don't run dpkg-statoverride with 2>/dev/null: in the unlikely
event that it fails for a reason other than "not overridden" (which
results in silently exiting 1), we'll want to know about it.
dbus (1.8.12-2) unstable; urgency=medium
* postinst: use dpkg-statoverride to set the permissions for
dbus-daemon-launch-helper (expected to be 04754 root:messagebus)
as suggested in Policy ยง10.9. This avoids a temporarily broken state
when an upgraded dbus is unpacked but not yet configured (Closes: #773107)
* preinst: opportunistically set up the same dpkg-statoverride entry
if the group already exists, to avoid the same broken state during
upgrades from older versions without needing Pre-Depends: adduser
* postrm: delete the dpkg-statoverride entry on purge
-- Iain Lane <email address hidden> Wed, 19 Aug 2015 17:11:04 +0100
