[PATCH] dbus: Update to version 1.14.4

[Adolf Belka <adolf.belka@ipfire.org>]

[-- Attachment #1: Type: text/plain, Size: 6690 bytes --]

- Update from version 1.14.0 to 1.14.4
- Update of rootfile
- Changelog
    dbus 1.14.4 (2022-10-05)
     This is a security update for the dbus 1.14.x stable branch, fixing
     denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying
     security hardening (dbus#416).
	Behaviour changes:
		• On Linux, dbus-daemon and other uses of DBusServer now create a
		  path-based Unix socket, unix:path=..., when asked to listen on a
		  unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to
		  unix:dir=... on all platforms.
		  Previous versions would have created an abstract socket, unix:abstract=...,
		  in this situation.
		  This change primarily affects the well-known session bus when run via
		  dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring
		  dbus with --enable-user-session and running it on a systemd system,
		  already used path-based Unix sockets and is unaffected by this change.
		  This behaviour change prevents a sandbox escape via the session bus socket
		  in sandboxing frameworks that can share the network namespace with the host
		  system, such as Flatpak.
		  This change might cause a regression in situations where the abstract socket
		  is intentionally shared between the host system and a chroot or container,
		  such as some use-cases of schroot(1). That regression can be resolved by
		  using a bind-mount to share either the D-Bus socket, or the whole /tmp
		  directory, with the chroot or container.
		  (dbus#416, Simon McVittie)
	Denial of service fixes:
		Evgeny Vereshchagin discovered several ways in which an authenticated
		local attacker could cause a crash (denial of service) in
		dbus-daemon --system or a custom DBusServer. In uncommon configurations
		these could potentially be carried out by an authenticated remote attacker.
		• An invalid array of fixed-length elements where the length of the array
		  is not a multiple of the length of the element would cause an assertion
		  failure in debug builds or an out-of-bounds read in production builds.
		  This was a regression in version 1.3.0.
		  (dbus#413, CVE-2022-42011; Simon McVittie)
		• A syntactically invalid type signature with incorrectly nested parentheses
		  and curly brackets would cause an assertion failure in debug builds.
		  Similar messages could potentially result in a crash or incorrect message
		  processing in a production build, although we are not aware of a practical
		  example. (dbus#418, CVE-2022-42010; Simon McVittie)
		• A message in non-native endianness with out-of-band Unix file descriptors
		  would cause a use-after-free and possible memory corruption in production
		  builds, or an assertion failure in debug builds. This was a regression in
		  version 1.3.0. (dbus#417, CVE-2022-42012; Simon McVittie)
    dbus 1.14.2 (2022-09-26)
	Fixes:
		• Fix build failure on FreeBSD (dbus!277, Alex Richardson)
		• Fix build failure on macOS with launchd enabled
		  (dbus!287, Dawid Wróbel)
		• Preserve errno on failure to open /proc/self/oom_score_adj
		  (dbus!285, Gentoo#834725; Mike Gilbert)
		• On Linux, don't log warnings if oom_score_adj is read-only but does not
		  need to be changed (dbus!291, Simon McVittie)
		• Slightly improve error-handling for inotify
		  (dbus!235, Simon McVittie)
		• Don't crash if dbus-daemon is asked to watch more than 128 directories
		  for changes (dbus!302, Jan Tojnar)
		• Autotools build system fixes:
			  · Don't treat --with-x or --with-x=yes as a request to disable X11,
			    fixing a regression in 1.13.20. Instead, require X11 libraries and
			    fail if they cannot be detected. (dbus!263, Lars Wendler)
			  · When a CMake project uses an Autotools-built libdbus in a
			    non-standard prefix, find dbus-arch-deps.h successfully
			    (dbus#314, Simon McVittie)
			  · Don't include generated XML catalog in source releases
			    (dbus!317, Jan Tojnar)
			  · Improve robustness of detecting gcc __sync atomic builtins
			    (dbus!320, Alex Richardson)
		• CMake build system fixes:
			  · Detect endianness correctly, fixing interoperability with other D-Bus
			    implementations on big-endian systems (dbus#375, Ralf Habacker)
			  · When building for Unix, install session and system bus setup
			    in the intended locations
			    (dbus!267, dbus!297; Ralf Habacker, Alex Richardson)
			  · Detect setresuid() and getresuid() (dbus!319, Alex Richardson)
			  · Detect backtrace() on FreeBSD (dbus!281, Alex Richardson)
			  · Don't include headers from parent directory (dbus!282, Alex Richardson)
			  · Distinguish between host and target TMPDIR when cross-compiling
			    (dbus!279, Alex Richardson)
			  · Fix detection of atomic operations (dbus!306, Alex Richardson)
		Tests and CI enhancements:
			• On Unix, skip tests that switch uid if run in a container that is
			  unable to do so, instead of failing (dbus#407, Simon McVittie)
			• Use the latest MSYS2 packages for CI
			  (Ralf Habacker, Simon McVittie)

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/rootfiles/packages/dbus | 2 +-
 lfs/dbus                       | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/rootfiles/packages/dbus b/config/rootfiles/packages/dbus
index 82817a942..3f752c21e 100644
--- a/config/rootfiles/packages/dbus
+++ b/config/rootfiles/packages/dbus
@@ -40,7 +40,7 @@ usr/bin/dbus-uuidgen
 #usr/lib/libdbus-1.la
 #usr/lib/libdbus-1.so
 usr/lib/libdbus-1.so.3
-usr/lib/libdbus-1.so.3.32.0
+usr/lib/libdbus-1.so.3.32.1
 #usr/lib/pkgconfig/dbus-1.pc
 usr/libexec/dbus-daemon-launch-helper
 #usr/share/dbus-1
diff --git a/lfs/dbus b/lfs/dbus
index 9e80718e4..9aceceb08 100644
--- a/lfs/dbus
+++ b/lfs/dbus
@@ -26,7 +26,7 @@ include Config
 
 SUMMARY    = D-Bus Message Bus System
 
-VER        = 1.14.0
+VER        = 1.14.4
 
 THISAPP    = dbus-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -34,7 +34,7 @@ DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = dbus
-PAK_VER    = 7
+PAK_VER    = 8
 
 DEPS       =
 
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = ae0ebc2779e840e2d83f633029f81fba0e35969648dddce0280640dd9bee3f9508aa7fb6aef696d1c4c56d40f91b754941f847525afaee5cc3170ad23a7eddbf
+$(DL_FILE)_BLAKE2 = 7da5cd8f09eaef7a64f35f8ccbeb81c5687b3fad02d6ac05dd4c232e0f731dbcf4c76c36b615e6216815c8f8631bf9cb32543665440153a1199b1b35922cdda4
 
 install : $(TARGET)
 
-- 
2.38.1