- Update from version 1.14.4 to 1.14.6 - Update of rootfile - The Denial of service issue mentioned first in the changelog is not applicable to IPFire as the build is done without asserts enabled. - Changelog dbus 1.14.6 (2023-02-08) Denial of service fixes: • Fix an incorrect assertion that could be used to crash dbus-daemon or other users of DBusServer prior to authentication, if libdbus was compiled with assertions enabled. We recommend that production builds of dbus, for example in OS distributions, should be compiled with checks but without assertions. (dbus#421, Ralf Habacker; thanks to Evgeny Vereshchagin) Other fixes: • When connected to a dbus-broker, stop dbus-monitor from incorrectly replying to Peer method calls that were sent to the dbus-broker with a NULL destination (dbus#301, Kai A. Hiller) • Fix out-of-bounds varargs read in the dbus-daemon's config-parser. This is not attacker-triggerable and appears to be harmless in practice, but is technically undefined behaviour and is detected as such by AddressSanitizer. (dbus!357, Evgeny Vereshchagin) • Avoid a data race in multi-threaded use of DBusCounter (dbus#426, Ralf Habacker) • Fix a crash with some glibc versions when non-auditable SELinux events are logged (dbus!386, Jeremi Piotrowski) • If dbus_message_demarshal() runs out of memory while validating a message, report it as NoMemory rather than InvalidArgs (dbus#420, Simon McVittie) • Use C11 _Alignof if available, for better standards-compliance (dbus!389, Khem Raj) • Stop including an outdated copy of pkg.m4 in the git tree (dbus!365, Simon McVittie) • Documentation: · Consistently use Gitlab bug reporting URL (dbus!372, Marco Trevisan) • Tests fixes: · Fix the test-apparmor-activation test after dbus#416 (dbus!380, Dave Jones) Internal changes: • Fix CI builds with recent git versions (dbus#447, Simon McVittie)
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- config/rootfiles/packages/dbus | 2 +- lfs/dbus | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/config/rootfiles/packages/dbus b/config/rootfiles/packages/dbus index 3f752c21e..01b1538b7 100644 --- a/config/rootfiles/packages/dbus +++ b/config/rootfiles/packages/dbus @@ -40,7 +40,7 @@ usr/bin/dbus-uuidgen #usr/lib/libdbus-1.la #usr/lib/libdbus-1.so usr/lib/libdbus-1.so.3 -usr/lib/libdbus-1.so.3.32.1 +usr/lib/libdbus-1.so.3.32.2 #usr/lib/pkgconfig/dbus-1.pc usr/libexec/dbus-daemon-launch-helper #usr/share/dbus-1 diff --git a/lfs/dbus b/lfs/dbus index 9aceceb08..7d123e4ef 100644 --- a/lfs/dbus +++ b/lfs/dbus @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2022 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2023 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config
SUMMARY = D-Bus Message Bus System
-VER = 1.14.4 +VER = 1.14.6
THISAPP = dbus-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = dbus -PAK_VER = 8 +PAK_VER = 9
DEPS =
@@ -48,7 +48,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = 7da5cd8f09eaef7a64f35f8ccbeb81c5687b3fad02d6ac05dd4c232e0f731dbcf4c76c36b615e6216815c8f8631bf9cb32543665440153a1199b1b35922cdda4 +$(DL_FILE)_BLAKE2 = c3b8a3bc455a65eb4c561fc701547760c4236912d9caf29822547c7ac4a5852d951c2a484e5eb0435f9d40dfa131e28b7243d5350318ea212aac7c28670ab355
install : $(TARGET)