From mboxrd@z Thu Jan  1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] dbus: Update to version 1.14.6
Date: Thu, 16 Feb 2023 13:50:32 +0100
Message-ID: <20230216125035.3435417-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7004611129757353213=="
List-Id: <development.lists.ipfire.org>

--===============7004611129757353213==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

- Update from version 1.14.4 to 1.14.6
- Update of rootfile
- The Denial of service issue mentioned first in the changelog is not applica=
ble to IPFire
   as the build is done without asserts enabled.
- Changelog
dbus 1.14.6 (2023-02-08)
	Denial of service fixes:
	=E2=80=A2 Fix an incorrect assertion that could be used to crash dbus-daemon=
 or
	  other users of DBusServer prior to authentication, if libdbus was compiled
	  with assertions enabled.
	  We recommend that production builds of dbus, for example in OS distributio=
ns,
	  should be compiled with checks but without assertions.
	  (dbus#421, Ralf Habacker; thanks to Evgeny Vereshchagin)
	Other fixes:
	=E2=80=A2 When connected to a dbus-broker, stop dbus-monitor from incorrectly
	  replying to Peer method calls that were sent to the dbus-broker with
	  a NULL destination (dbus#301, Kai A. Hiller)
	=E2=80=A2 Fix out-of-bounds varargs read in the dbus-daemon's config-parser.
	  This is not attacker-triggerable and appears to be harmless in practice,
	  but is technically undefined behaviour and is detected as such by
	  AddressSanitizer. (dbus!357, Evgeny Vereshchagin)
	=E2=80=A2 Avoid a data race in multi-threaded use of DBusCounter
	  (dbus#426, Ralf Habacker)
	=E2=80=A2 Fix a crash with some glibc versions when non-auditable SELinux ev=
ents
	  are logged (dbus!386, Jeremi Piotrowski)
	=E2=80=A2 If dbus_message_demarshal() runs out of memory while validating a =
message,
	  report it as NoMemory rather than InvalidArgs (dbus#420, Simon McVittie)
	=E2=80=A2 Use C11 _Alignof if available, for better standards-compliance
	  (dbus!389, Khem Raj)
	=E2=80=A2 Stop including an outdated copy of pkg.m4 in the git tree
	  (dbus!365, Simon McVittie)
	=E2=80=A2 Documentation:
	  =C2=B7 Consistently use Gitlab bug reporting URL (dbus!372, Marco Trevisan)
	=E2=80=A2 Tests fixes:
	  =C2=B7 Fix the test-apparmor-activation test after dbus#416
	    (dbus!380, Dave Jones)
	Internal changes:
	=E2=80=A2 Fix CI builds with recent git versions (dbus#447, Simon McVittie)

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/rootfiles/packages/dbus | 2 +-
 lfs/dbus                       | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/config/rootfiles/packages/dbus b/config/rootfiles/packages/dbus
index 3f752c21e..01b1538b7 100644
--- a/config/rootfiles/packages/dbus
+++ b/config/rootfiles/packages/dbus
@@ -40,7 +40,7 @@ usr/bin/dbus-uuidgen
 #usr/lib/libdbus-1.la
 #usr/lib/libdbus-1.so
 usr/lib/libdbus-1.so.3
-usr/lib/libdbus-1.so.3.32.1
+usr/lib/libdbus-1.so.3.32.2
 #usr/lib/pkgconfig/dbus-1.pc
 usr/libexec/dbus-daemon-launch-helper
 #usr/share/dbus-1
diff --git a/lfs/dbus b/lfs/dbus
index 9aceceb08..7d123e4ef 100644
--- a/lfs/dbus
+++ b/lfs/dbus
@@ -1,7 +1,7 @@
 ############################################################################=
###
 #                                                                           =
  #
 # IPFire.org - A linux based firewall                                       =
  #
-# Copyright (C) 2007-2022  IPFire Team  <info(a)ipfire.org>                 =
    #
+# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>                 =
    #
 #                                                                           =
  #
 # This program is free software: you can redistribute it and/or modify      =
  #
 # it under the terms of the GNU General Public License as published by      =
  #
@@ -26,7 +26,7 @@ include Config
=20
 SUMMARY    =3D D-Bus Message Bus System
=20
-VER        =3D 1.14.4
+VER        =3D 1.14.6
=20
 THISAPP    =3D dbus-$(VER)
 DL_FILE    =3D $(THISAPP).tar.xz
@@ -34,7 +34,7 @@ DL_FROM    =3D $(URL_IPFIRE)
 DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
 TARGET     =3D $(DIR_INFO)/$(THISAPP)
 PROG       =3D dbus
-PAK_VER    =3D 8
+PAK_VER    =3D 9
=20
 DEPS       =3D
=20
@@ -48,7 +48,7 @@ objects =3D $(DL_FILE)
=20
 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D 7da5cd8f09eaef7a64f35f8ccbeb81c5687b3fad02d6ac05dd4c23=
2e0f731dbcf4c76c36b615e6216815c8f8631bf9cb32543665440153a1199b1b35922cdda4
+$(DL_FILE)_BLAKE2 =3D c3b8a3bc455a65eb4c561fc701547760c4236912d9caf29822547c=
7ac4a5852d951c2a484e5eb0435f9d40dfa131e28b7243d5350318ea212aac7c28670ab355
=20
 install : $(TARGET)
=20
--=20
2.39.1


--===============7004611129757353213==--