1 dbus 1.12.4 (UNRELEASED)
2 ========================
6 • Report the correct error if OOM is reached while trying to listen
7 on a TCP socket (fd.o #89104, Simon McVittie)
9 • Fix assertion failures in recovery from OOM while setting up a
10 DBusServer (fd.o #89104, Simon McVittie)
12 • Add a missing space to a warning message (fd.o #103729, Thomas Zajic)
14 dbus 1.12.2 (2017-11-13)
15 ========================
17 The “spider pumpkin” release.
21 • Log a warning if a new connection cannot be accepted due to an
22 out-of-memory condition or failure to identify its AppArmor or
23 SELinux context (fd.o #103592, Simon McVittie)
27 • Make use of $(MKDIR_P) compatible with install-sh, fixing build when a
28 GNU-compatible `mkdir -p` is not available (fd.o #103521, ilovezfs)
30 • When building for Windows with Autotools, avoid `echo -e`, fixing
31 cross-compilation on non-GNU platforms like macOS
32 (fd.o #103493, Tony Theodore)
34 • Fix crashes in the server side of the nonce-tcp: transport under
35 various error conditions. This transport should normally only be used
36 on Windows, where AF_UNIX sockets are unavailable; the unix: transport
37 is the only one recommended for production use on Unix platforms.
38 (fd.o #103597, Simon McVittie)
42 • Improve test coverage on Travis-CI (Simon McVittie)
44 dbus 1.12.0 (2017-10-30)
45 ========================
47 The “gingerbread skull” release.
49 1.12.x is a new stable branch, recommended for use in OS
52 Summary of major changes between 1.10.x and 1.12.0
53 --------------------------------------------------
57 • Expat >= 2.1.0 is required.
58 • GLib >= 2.40 is required if full test coverage is enabled.
59 • [Linux] libselinux >= 2.0.86 is required if SELinux support is
61 • [Unix] dbus now requires an <inttypes.h> that defines C99 constants
62 such as PRId64 and PRIu64, except when building for Windows.
63 • [Autotools] Building from git (but not from tarballs) with Autotools
64 now requires macros from the GNU Autoconf Archive.
65 • [CMake] Builds done using CMake now require CMake 3.0.2.
67 Build-time configuration changes:
69 • Expat is now found using pkg-config. See the release notes for
71 • The --disable-compiler-optimisations and --enable-compiler-coverage
72 options no longer exist. See the release notes for 1.11.4 and 1.11.8.
73 • [Unix] The --enable-abstract-sockets and --disable-abstract-sockets
74 options no longer exist. See the release notes for 1.11.20.
75 • [Unix] Flag files in /var/run/console/${username} are no longer
76 checked for at_console by default. See the release notes for 1.11.18.
77 • [Unix, Cygwin] Init scripts are no longer provided by upstream dbus,
78 and packagers will now need to add these downstream (most already do).
79 See the release notes for 1.11.18.
80 • [Unix] The process ID file no longer has a different default location
81 on Red Hat derivatives. See the release notes for 1.11.18.
82 • [Unix] ${runstatedir} is now independent of ${localstatedir} with
83 recent Autotools versions. See the release notes for 1.11.16.
84 • [Windows] The WINDRES variable is no longer used. See the release
89 • Eavesdropping is officially deprecated in favour of BecomeMonitor.
90 See the release notes for spec version 0.31 (in dbus 1.11.14).
91 • [Unix] Flag files in /var/run/console/${username} are deprecated.
92 See the release notes for 1.11.18.
96 • <allow> and <deny> rules in dbus-daemon configuration can now
97 include send_broadcast="true", send_broadcast="false",
98 max_unix_fds="N", min_unix_fds="N" (for some integer N).
99 See the release notes for 1.11.18.
100 • dbus_try_get_local_machine_id() is like
101 dbus_get_local_machine_id(), but returns a DBusError.
102 • New APIs around DBusMessageIter to simplify cleanup.
103 See the release notes for 1.11.16.
104 • The message bus daemon now implements the standard Introspectable,
105 Peer and Properties interfaces. See the release notes for
106 dbus 1.11.14 and spec version 0.31.
107 • DTDs for introspection XML and bus configuration are installed.
108 • dbus can be compiled to be relocatable, making it more suitable for
109 binary bundling with other software. On Windows, this is on by
111 • [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but
112 never uses Linux abstract sockets, which is advantageous for
113 containers. On non-Linux it is equivalent to unix:tmpdir=….
114 See the release notes for dbus 1.11.14 and spec version 0.31.
115 • [Unix] New option "dbus-launch --exit-with-x11".
116 • [Unix] Session managers can create transient .service files in
117 $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12.
118 • [Unix] A sysusers.d snippet can create the messagebus user on-demand.
120 Miscellaneous behaviour changes:
122 • [Unix] The session bus now logs to syslog if it was started by
124 • [Unix] Internal warnings are logged to syslog if configured.
125 • [Unix] Exceeding an anti-DoS limit is logged to syslog if configured,
128 Changes since 1.11.22 release candidate
129 ---------------------------------------
131 Standard stable-branch changes:
133 • Disable warnings about use of deprecated functions (Simon McVittie)
137 • Don't distribute files generated by ./configure in the source tarball
138 (fd.o #103420, Simon McVittie)
142 • Remove some unused files from the git repository
143 (fd.o #103420, Simon McVittie)
145 D-Bus 1.11.22 (2017-10-23)
146 ==========================
148 The “fire surface” release.
150 This is the first release-candidate for the 1.12.0 stable release.
152 Build-time configuration changes:
154 • When building for Windows with Autotools, setting the WINDRES variable
155 no longer works to select a non-standard resource compiler. Use
156 libtool's standard RC variable instead, for example
157 "./configure RC=i686-w64-mingw32-windres"
161 • Builds done using CMake now require CMake 3.0.2.
165 • When building for Windows, improve quality of metadata in
166 libdbus-1-3.dll (fd.o #103015, Ralf Habacker)
170 • Fix a typo "uint 16" in dbus-send(1) man page
171 (fd.o #103075, David King)
173 • When building for Windows, libdbus-1-3.dll always includes version
174 information. Previously, this was missing if using CMake and any
175 non-MSVC compiler. (fd.o #103015, Ralf Habacker)
177 • Fix the build with MSVC, which regressed with the #102558 fix in
178 1.11.20. (fd.o #102558, Ralf Habacker)
182 • Simplify Windows resource embedding
183 (fd.o #103015, Simon McVittie)
185 D-Bus 1.11.20 (2017-10-03)
188 The “wraith stun” release.
190 Build-time configuration changes:
192 • The --enable-abstract-sockets and --disable-abstract-sockets options
193 no longer exist. Support for Linux's abstract AF_UNIX sockets is now
194 unconditionally enabled on Linux and disabled everywhere else.
195 (fd.o #34905, Simon McVittie)
199 • Make slower tests less likely to time out, and improve diagnostics if
200 tests do time out (fd.o #103009, Simon McVittie)
202 • On Windows, don't compile an unused stub implementation of
203 _dbus_set_signal_handler() (fd.o #103010, Simon McVittie)
207 • Be more careful to save and restore errno in POSIX async signal
208 handlers (fd.o #103010, Simon McVittie)
210 • On Windows, embed a manifest in dbus-update-activation-environment.exe
211 so that the heuristics used for UAC do not assume it needs elevated
212 privileges due to its name containing "update"
213 (fd.o #102558, Ralf Habacker)
215 • On Windows with Automake, embed version information in libdbus-1,
216 as was meant to happen in all versions since 2009
217 (fd.o #103015, Simon McVittie)
219 D-Bus 1.11.18 (2017-09-25)
222 The “vampire conquistador” release.
224 Build-time configuration changes:
226 • By default, dbus-daemon on Unix no longer checks for flag files
227 /var/run/console/${username} created by the obsolete pam_console and
228 pam_foreground PAM modules when deciding whether ${username} is
229 currently at the console. The old default behaviour can be restored
230 by specifying --with-console-auth-dir=/var/run/console in the
231 recommended Autotools build system, or
232 -DDBUS_CONSOLE_AUTH_DIR=/var/run/console in CMake. This feature is
233 now deprecated, and will be removed in dbus 1.13 unless feedback via
234 fd.o #101629 indicates that this would be problematic.
235 (fd.o #101629, Simon McVittie)
237 • LSB-style init scripts for Red Hat and Slackware, and a non-LSB init
238 script for Cygwin, are no longer provided in the upstream dbus
239 source. We recommend that distributors who support non-systemd service
240 management should maintain their own init scripts or other service
241 manager integration as part of their downstream packaging, similar to
242 the way Debian distributes a Debian-specific LSB init script for dbus.
244 The systemd unit continues to be maintained as part of the upstream
245 dbus source, because it receives regular testing and maintenance.
247 (fd.o #101706, Simon McVittie)
249 • The process ID file created by the system bus is no longer influenced
250 by the --with-init-scripts=redhat configure option or the presence of
251 /etc/redhat-release at build time. If your OS's init script or other
252 service management relies on the Red Hat-style pid file, it can be
253 restored by specifying --with-system-pid-file=/run/messagebus.pid at
254 configure time or using the <pidfile> directive in bus configuration.
256 Note that the upstream-supplied systemd unit runs dbus-daemon with
257 the --nopidfile option, so it does not normally write a pid file,
258 regardless of whether the OS is Red-Hat-derived or not.
260 (fd.o #101706, Simon McVittie)
264 • <allow> and <deny> rules in dbus-daemon configuration can now
265 include send_broadcast="true" or send_broadcast="false", which make
266 the rule only match broadcast signals, or only match messages that
267 are not broadcast signals, respectively.
268 (fd.o #29853, Simon McVittie)
270 • <allow> and <deny> rules can now be configured to apply only to
271 messages with or without Unix file descriptors attached. This would
272 typically be used in rules like these:
273 <allow send_destination="..." max_unix_fds="0"/>
274 <deny send_destination="..." min_unix_fds="1"/>
275 <deny receive_sender="..." min_unix_fds="1"/>
276 but can also be used to set a nonzero upper limit on the number of
278 <allow send_destination="..." max_unix_fds="4"/>
279 (fd.o #101848, Simon McVittie)
281 • On Unix platforms, the DBUS_COOKIE_SHA1 authentication mechanism
282 now respects the HOME environment variable on the client side, and
283 on the server side when the uid attempting to connect is the same
284 as the uid of the server. This allows the automated tests to pass in
285 environments where the user's "official" home directory in /etc/passwd
286 is nonexistent, such as Debian autobuilders.
287 (fd.o #101960, Simon McVittie)
291 • When parsing dbus-daemon configuration, tell Expat not to use
292 cryptographic-quality entropy as a salt for its hash tables: we trust
293 the configuration files, so we are not concerned about algorithmic
294 complexity attacks via hash table collisions. This prevents
295 dbus-daemon --system from holding up the boot process (and causing
296 early-boot system services like systemd, logind, networkd to time
297 out) on entropy-starved embedded systems.
298 (fd.o #101858, Simon McVittie)
300 • Avoid a -Werror=declaration-after-statement build failure on Solaris
301 (fd.o #102145, Alan Coopersmith)
303 • On Unix platform, drop DBUS_SYSTEM_LOG_INFO messages from LOG_NOTICE
304 to LOG_INFO, matching how we use this log level in practice
305 (fd.o #102686, Simon McVittie)
307 D-Bus 1.11.16 (2017-07-27)
310 The “south facing garden” release.
312 Build-time configuration changes:
314 • The Autotools build system now supports varying ${runstatedir}
315 independently of ${localstatedir}, if using an Autoconf version
316 that has that feature; version 2.70 will eventually have this, but
317 many Linux distributions add it to version 2.69 as a patch.
318 A typical use is to set prefix=/usr, sysconfdir=/etc, localstatedir=/var
319 and runstatedir=/run. (fd.o #101569, Simon McVittie)
323 • New APIs DBUS_MESSAGE_ITER_INIT_CLOSED, dbus_message_iter_init_closed()
324 and dbus_message_iter_abandon_container_if_open() simplify the
325 single-exit-point ("goto out") style of resource cleanup. The API
326 documentation around DBusMessageIter and containers has also been
327 clarified. (fd.o #101568, Simon McVittie)
331 • Fix the implementation of re-enabling a timeout (again) so that its
332 countdown is always restarted as intended. (fd.o #95619,
335 • Make the dbus-daemon's Properties interface, as introduced in 1.11.14,
336 available to all users on the system bus (fd.o #101700, Simon McVittie)
338 • dbus_message_iter_append_basic() no longer leaks memory if it fails to
339 append a file descriptor to a message. (fd.o #101568, Simon McVittie)
341 • dbus_message_iter_open_container() no longer leaks memory if it runs out
342 of memory. (fd.o #101568, Simon McVittie)
344 • dbus_message_append_args_valist() no longer leaks memory if given an
345 unsupported type. This situation is still considered to be a programming
346 error which needs to be corrected by the user of libdbus.
347 (fd.o #101568, Simon McVittie)
349 • dbus_message_iter_append_basic() and dbus_message_iter_open_container()
350 will no longer report that their arguments were invalid if they run out
351 of memory at exactly the wrong time. (fd.o #101568, Simon McVittie)
353 • Ensure that tests fail if they would otherwise have tried to connect to
354 the real session bus (fd.o #101698, Simon McVittie)
356 • Make build-time tests cope with finding Python 3, but not Python 2
357 (fd.o #101716, Simon McVittie)
359 Internal changes relevant to dbus developers:
361 • DBusVariant is a new mechanism to copy single values from a message into
362 a buffer without copying the entire message (fd.o #101568, Simon McVittie)
364 • DBUS_SYSTEM_LOG_FATAL has been replaced by DBUS_SYSTEM_LOG_ERROR.
365 Logging an ERROR message does not make the process exit; the caller
366 is responsible for calling abort() or exit(), whichever is more appropriate.
367 (fd.o #101568, Simon McVittie)
369 • Better test coverage (fd.o #101568, Simon McVittie)
371 D-Bus 1.11.14 (2017-06-29)
374 The “irrational fear of bees” release.
378 • Expat >= 2.1.0 is always required
379 • libselinux >= 2.0.86 is required if SELinux support is enabled
380 • GLib >= 2.40 is required if full test coverage is enabled
382 Build-time configuration changes:
384 • We now use pkg-config to find libexpat in Autotools builds. This requires
385 Expat 2.1.0 (March 2012) or later. In particular, this should remove the
386 need to configure with LDFLAGS=-L/usr/local/lib on OpenBSD, which can
387 itself cause compilation failures.
389 As with all pkg-config-based configure checks, you can use
390 PKG_CONFIG_PATH=/whatever/lib/pkgconfig to find expat.pc in a
391 non-standard prefix, or EXPAT_CFLAGS="-I/whatever/include" and
392 EXPAT_LIBS="-L/whatever/lib -lexpat" to avoid needing a .pc file
395 (fd.o #69801, Simon McVittie)
397 • Similarly, we now use pkg-config to find libselinux. Version 2.0.86
398 is required due to the removal of explicit refcounting for SIDs.
399 (fd.o #100912, Laurent Bigonville)
403 • Previously, /etc/machine-id could be copied to /var/lib/dbus/machine-id
404 as a side-effect of a sufficiently privileged process merely reading the
405 machine ID. It is no longer copied as a side-effect of reading.
406 Running dbus-uuidgen --ensure, which should be done after installing dbus,
407 continues to copy /etc/machine-id to /var/lib/dbus/machine-id if the
408 former exists and the latter does not.
409 (fd.o #101257, Simon McVittie)
411 • The undocumented Verbose interface, and the GetAllMatchRules method on
412 the undocumented Stats interface, must now be used via the object path
413 /org/freedesktop/DBus. Previously, they existed on all object paths.
414 (fd.o #101257, Simon McVittie)
416 • AddMatch() with a match rule containing eavesdrop='true' will now fail
417 unless called by either the same user as the dbus-daemon, or Unix uid 0
418 (root), matching the restrictions applied to the newer BecomeMonitor()
419 method. On the session bus this has no practical effect. On the system
420 bus this will prevent certain configurations that already did not
421 work well in practice. (fd.o #101567, Simon McVittie)
425 • D-Bus Specification version 0.31
426 · Don't require implementation-specific search paths to be lowest
428 · Correct regex syntax for optionally-escaped bytes in addresses so it
429 includes hyphen-minus, forward slash and underscore as intended
430 · Describe all message bus methods in the same section
431 · Clarify the correct object path for method calls to the message bus
432 (/org/freedesktop/DBus, DBUS_PATH_DBUS in the reference implementation)
433 · Document that the message bus implements Introspectable, Peer and
435 · Add new Features and Interfaces properties for message bus
437 · Add unix:dir=..., which resembles unix:tmpdir=... but never uses
439 · Don't require eavesdrop='true' to be accepted from connections not
440 sufficiently privileged to use it successfully
441 · Formally deprecate eavesdropping in favour of BecomeMonitor
442 (fd.o #99825, #100686, #100795, #101256, #101257, #101567;
443 Simon McVittie, Tom Gundersen)
445 • Implement the Properties and Peer interfaces in dbus-daemon
446 (fd.o #101257, Simon McVittie)
448 • New function dbus_try_get_local_machine_id() is like
449 dbus_get_local_machine_id(), but returning a DBusError. Other code
450 that needs the machine ID will now report a recoverable error (instead
451 of logging to stderr and aborting) if no machine ID is available.
452 Generating a machine ID is still considered to be a required part of
453 installing dbus correctly. (fd.o #13194, Simon McVittie)
455 • Implement GetConnectionSELinuxSecurityContext("org.freedesktop.DBus")
456 (fd.o #101315, Laurent Bigonville)
458 • Avoid deprecated API calls when using SELinux
459 (fd.o #100912, Laurent Bigonville)
461 • Switch a test from the deprecated g_test_trap_fork() to
462 g_test_trap_subprocess(), for Windows support and better robustness
463 on Unix (fd.o #101362, Simon McVittie)
465 • On systemd systems, if ${localstatedir}/dbus/machine-id doesn't exist,
466 instruct systemd-tmpfiles to make it a symbolic link to /etc/machine-id.
467 This prevents the two files from going out of sync on stateless or live
468 images without needing to run dbus-uuidgen, and supports older D-Bus
469 implementations that do not necessarily read /etc/machine-id themselves.
470 (fd.o #101570, Simon McVittie)
472 • Implement unix:dir=..., which resembles unix:tmpdir=... but never uses
473 abstract sockets. This is preferable when used with Linux containers.
474 (fd.o #101567, Simon McVittie)
478 • Fix a reference leak when blocking on a pending call on a connection
479 that has been disconnected (fd.o #101481, Shin-ichi MORITA)
481 • Don't put timestamps in the Doxygen-generated documentation,
482 or hard-code the build directory into builds with embedded tests,
483 for reproducible builds (fd.o #100692, Simon McVittie)
485 • Fix some integration test issues (fd.o #100686, Simon McVittie)
487 • Fix memory leaks in the tests (fd.o #101257, Simon McVittie)
489 • If we somehow get an autolaunch address with multiple semicolon-separated
490 components, and they don't work, don't invalidly "pile up" errors
491 (fd.o #101257, Simon McVittie)
495 • Update git URIs in HACKING document to sync up with cgit.freedesktop.org
496 (fd.o #100715, Simon McVittie)
498 D-Bus 1.11.12 (2017-04-07)
501 The “it's something humans do” release.
505 • The session dbus-daemon now supports transient .service files
506 in $XDG_RUNTIME_DIR/dbus-1/services. Unlike the other standard
507 service directories, this directory is not monitored with inotify
508 or similar, and the service files must be named exactly
509 ${bus_name}.service. (fd.o #99825, Simon McVittie)
511 • dbus can be configured with --enable-relocation when building with
512 Autotools, or with -DDBUS_RELOCATABLE=ON when building with cmake,
513 to make the pkg-config metadata relocatable. This is useful for
514 non-standard prefixes, and in particular for Windows installations.
515 However, it is not recommended for system-wide installations into
516 /usr, because it interferes with pkg-config's ability to filter out
517 compiler default linker directories.
519 With Autotools, the default is --enable-relocation when building
520 for Windows or --disable-relocation otherwise. With CMake, the default
521 is -DDBUS_RELOCATABLE=ON.
523 (fd.o #99721; Ralf Habacker, Simon McVittie)
525 • Users of CMake ≥ 2.6 can now link to libdbus without providing their
526 own FindDBus.cmake macros, whether dbus was compiled with Autotools
527 or with CMake. See the end of README.cmake for more information.
528 (fd.o #99721; Ralf Habacker, Simon McVittie)
532 • Always read service file directories in the intended order
533 (fd.o #99825, Simon McVittie)
535 • When tests are skipped, don't try to kill nonexistent process 0
536 (fd.o #99825, Simon McVittie)
538 • Avoid valgrind false positives (fd.o #88808, Philip Withnall)
540 • Fix a harmless read overflow and some memory leaks in a unit test
541 (fd.o #100568, Philip Withnall)
543 • Fix some typos in test code
544 (fd.o #99999, Coverity #141876, #141877; Philip Withnall)
546 • Clarify the roles of /etc/dbus-1/s*.d and /usr/share/dbus-1/s*.d
547 in documentation (fd.o #99901, Philip Withnall)
549 • Fix and enable compiler warnings related to -Wswitch
550 (fd.o #98191; Thomas Zimmermann, Simon McVittie)
552 • Fix writing off the end of a fd_set when testing with valgrind
553 (fd.o #99839, Philip Withnall)
555 D-Bus 1.11.10 (2017-02-16)
558 The “purple hair gives you telekinesis?” release.
562 • AppArmor support requires at least libapparmor 2.8.95, reduced
563 from 2.10 in previous versions. One test requires 2.10 and is
564 skipped if building with an older version.
568 • Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian
569 stable and Debian testing in addition to the older Ubuntu that is
570 the default (fd.o #98889, Simon McVittie)
572 • Avoid some deprecated CMake functions (fd.o #99586, Ralf Habacker)
574 • Silence many -Wswitch-enum and -Wswitch-default warnings
575 (fd.o #98191; Thomas Zimmermann, Simon McVittie)
577 • Install a sysusers.d snippet so `dbus-daemon --system` can be used
578 with an unpopulated /etc (fd.o #99162, Lennart Poettering)
580 • Install pkg-config metadata on Unix even if building with CMake
581 (fd.o #99752, Ralf Habacker)
583 • Exclude auth mechanisms from REJECTED message if they are supported
584 in the code but but configured to be disallowed (fd.o #99621,
589 • Prevent symlink attacks in the nonce-tcp transport on Unix that could
590 allow an attacker to overwrite a file named "nonce", in a directory
591 that the user running dbus-daemon can write, with a random value
592 known only to the user running dbus-daemon. This is unlikely to be
593 exploitable in practice, particularly since the nonce-tcp transport
594 is really only useful on Windows.
596 On Unix systems we strongly recommend using only the unix: and systemd:
597 transports, together with EXTERNAL authentication. These are the only
598 transports and authentication mechanisms enabled by default.
600 (fd.o #99828, Simon McVittie)
602 • Avoid symlink attacks in the "embedded tests", which are not enabled
603 by default and should never be enabled in production builds of dbus.
604 (fd.o #99828, Simon McVittie)
606 • Fix the implementation of re-enabling a timeout so that its
607 countdown is restarted as intended, instead of continually
608 decreasing. (fd.o #95619; Michal Koutný, Simon McVittie)
610 • When receiving a message with file descriptors, do not start reading
611 the beginning of the next message, so that only one such message
612 is processed at a time. In conjunction with the fix for #95619
613 this means that processes sending many file descriptors, such as
614 systemd-logind on a system that receives very rapid ssh connections,
615 are not treated as abusive and kicked off the bus. Revert the previous
616 workaround that special-cased uid 0.
617 (fd.o #95263, LP#1591411; Simon McVittie)
619 • Do not require TMPDIR, TEMP or TMP to be set when cross-compiling
620 for Windows with CMake (fd.o #99586, Ralf Habacker)
622 • Do not set Unix-specific variables when targeting Windows
623 (fd.o #99586, Ralf Habacker)
625 • Install Unix executables to ${CMAKE_INSTALL_PREFIX}/bin as intended,
626 not ${CMAKE_INSTALL_PREFIX}/lib (fd.o #99752, Ralf Habacker)
628 • Use relative install locations in CMake on Unix to respect DESTDIR,
629 and use GNU-style install layout (fd.o #99721, #99752; Ralf Habacker)
631 • Install dbus-arch-deps.h correctly when using CMake
632 (fd.o #99586, #99721; Ralf Habacker)
634 • Improve argument validation for `dbus-test-tool spam`
635 (ffd.o #99693, Coverity #54759; Philip Withnall)
637 • Don't shift by a negative integer if a hash table becomes monstrously
638 large (fd.o #99641, Coverity #54682; Philip Withnall)
640 • Don't leak LSM label if dbus-daemon runs out of memory when dealing with
641 a new connection (fd.o #99612, Coverity #141058; Philip Withnall)
643 • Remove an unnecessary NULL check
644 (fd.o #99642, Coverity #141062; Philip Withnall)
646 • Improve error handling in unit tests and dbus-send
647 (fd.o #99643, #99694, #99712, #99722, #99723, #99724, #99758,
648 #99759, #99793, Coverity #54688, #54692, #54693, #54697, #54701,
649 #54710, #54711, #54714, #54715, #54718, #54721, #54724, #54726,
650 #54730, #54740, #54822, #54823, #54824, #54825; Philip Withnall)
652 • Do not print verbose messages' timestamps to stderr if the actual message
653 has been redirected to the Windows debug port (fd.o #99749, Ralf Habacker)
655 D-Bus 1.11.8 (2016-11-28)
658 The “panics in the face of breakfast foods” release.
660 Build-time configuration:
662 • The new --enable-debug configure option provides an easy way to
663 enable debug symbols, disable optimization and/or enable profiling.
665 • The --enable-compile-warnings configure option can be used to control
668 • The --disable-compiler-optimisations configure option is no longer
669 supported. Use --enable-debug=yes or CFLAGS=-O0 instead.
673 • D-Bus Specification version 0.30
674 · Define the jargon term "activation" more clearly
675 · Define the jargon term "auto-starting", which is one form of activation
676 · Document the optional SystemdService key in service files
677 · Use versioned interface and bus names in most examples
678 · Clarify intended behaviour of Properties.GetAll
679 (fd.o #36190, fd.o #98671; Philip Withnall, Simon McVittie)
681 • Fix and enable a lot of compiler warnings to improve future code
682 quality. This might incidentally also fix some environment variable
684 · In particular, printf-style functions in the libdbus API are now annotated
685 with __attribute__((__format__(__printf__, *, *))) when compiling with
686 gcc or clang. This might make printf bugs in other software visible
688 (fd.o #97357, fd.o #98192, fd.o #98195, fd.o #98658;
689 Thomas Zimmermann, Simon McVittie)
691 • When running with AppArmor mediation (for example using Ubuntu's patched
692 Linux kernel), clients can no longer auto-start services unless they would
693 have been able to send the auto-starting message to the service after it
694 starts. StartServiceByName() is unaffected, and continues to be allowed by
695 default in AppArmor's <abstractions/dbus-strict> and
696 <abstractions/dbus-session-strict>. (fd.o #98666, Simon McVittie)
700 • Work around an undesired effect of the fix for CVE-2014-3637
701 (fd.o #80559), in which processes that frequently send fds, such as
702 logind during a flood of new PAM sessions, can get disconnected for
703 continuously having at least one fd "in flight" for too long;
704 dbus-daemon interprets that as a potential denial of service attack.
705 The workaround is to disable that check for uid 0 process such as
706 logind, with a message in the system log. The bug remains open while
707 we look for a more general solution.
708 (fd.o #95263, LP#1591411; Simon McVittie)
710 • Don't run the test test-dbus-launch-x11.sh if X11 autolaunching
711 was disabled at compile time. That test is not expected to work
712 in that configuration. (fd.o #98665, Simon McVittie)
714 D-Bus 1.11.6 (2016-10-10)
717 The “darkly whimsical” release.
721 • Do not treat ActivationFailure message received from root-owned systemd
722 name as a format string. In principle this is a security vulnerability,
723 but we do not believe it is exploitable in practice, because only
724 privileged processes can own the org.freedesktop.systemd1 bus name, and
725 systemd does not appear to send activation failures that contain "%".
727 Please note that this probably *was* exploitable in dbus versions
728 older than 1.6.30, 1.8.16 and 1.9.10 due to a missing check which at
729 the time was only thought to be a denial of service vulnerability
730 (CVE-2015-0245). If you are still running one of those versions,
731 patch or upgrade immediately.
733 (fd.o #98157, Simon McVittie)
737 • D-Bus Specification version 0.29
738 · Recommend not using '/' for object paths (fd.o #37095, Philip Withnall)
739 · Allow <annotation> in <arg> elements (fd.o #86162, Philip Withnall)
741 • Log to syslog when we exceed various anti-DoS limits, and add test
742 coverage for them (fd.o #86442, Simon McVittie)
744 • Improve syslog handling so that _dbus_warn() and similar warnings
745 go to syslog, add dbus-daemon --syslog|--nosyslog|--syslog-only options,
746 and log to syslog (instead of /dev/null) when dbus-daemon is started by
747 dbus-launch. (fd.o #97009, Simon McVittie)
749 • Install introspect.dtd and busconfig.dtd to ${datadir}/xml/dbus-1
750 (fd.o #89011, Philip Withnall)
752 • When logging messages about service activation, mention which peer
753 requested the activation (fd.o #68212, Philip Withnall)
755 • On Linux, mention the LSM label (if available) whenever we print
756 debug information about a peer (fd.o #68212, Philip Withnall)
760 • Harden dbus-daemon against malicious or incorrect ActivationFailure
761 messages by rejecting them if they do not come from a privileged
762 process, or if systemd activation is not enabled
763 (fd.o #98157, Simon McVittie)
765 • Avoid undefined behaviour when setting reply serial number without going
766 via union DBusBasicValue (fd.o #98035, Marc Mutz)
768 • Fix CMake build for Unix platforms that do not have -lrt, such as Android,
769 or that do need -lsocket, such as QNX (fd.o #94096, Ralf Habacker)
771 • autogen.sh: fail cleanly if autoconf fails (Simon McVittie)
773 D-Bus 1.11.4 (2016-08-15)
776 The “copper pickaxe” release.
780 • Building from git (but not from tarballs) now requires
781 macros from the GNU Autoconf Archive, for example the autoconf-archive
782 package in Debian or Fedora derivatives.
784 Build-time configuration:
786 • The option to enable coverage instrumentation has changed from
787 --enable-compiler-coverage to --enable-code-coverage.
791 • D-Bus Specification version 0.28
792 · Clarify some details of serialization (fd.o #93382, Philip Withnall)
794 • Increase listen() backlog of AF_UNIX sockets to the maximum possible,
795 minimizing failed connections under heavy load
796 (fd.o #95264, Lennart Poettering)
798 • Add a new dbus-launch --exit-with-x11 option (fd.o #39197, Simon McVittie)
800 • Use the same regression tests for subprocess starting on Unix and Windows
801 (fd.o #95191, Ralf Habacker)
803 • Print timestamps and thread IDs in verbose messages
804 (fd.o #95191, Ralf Habacker)
806 • On Unix, unify the various places that reopen stdin, stdout and/or stderr
807 pointing to /dev/null (fd.o #97008, Simon McVittie)
809 • Use AX_CODE_COVERAGE instead of our own COMPILER_COVERAGE
810 (fd.o #88922, Thomas Zimmermann)
814 • On Windows, fix a memory leak in replacing the installation prefix
815 (fd.o #95191, Ralf Habacker)
817 • On Linux, when dbus-daemon is run with reduced susceptibility to the
818 OOM killer (typically via systemd), do not let child processes inherit
819 that setting (fd.o #32851; Kimmo Hämäläinen, WaLyong Cho)
821 • On Unix, make dbus-launch and dbus-daemon --fork work as intended
822 even if a parent process incorrectly starts them with stdin, stdout
823 and/or stderr closed (fd.o #97008, Simon McVittie)
825 • Output valid shell syntax in ~/.dbus/session-bus/ if the bus address
826 contains a semicolon (fd.o #94746, Thiago Macieira)
828 • Fix memory leaks and thread safety in subprocess starting on Windows
829 (fd.o #95191, Ralf Habacker)
831 • Stop test-dbus-daemon incorrectly failing on platforms that cannot
832 discover the process ID of clients (fd.o #96653, Руслан Ижбулатов)
834 • In tests that exercise correct handling of crashing D-Bus services,
835 suppress Windows crash handler (fd.o #95155; Yiyang Fei, Ralf Habacker)
837 • Explicitly check for stdint.h (Ioan-Adrian Ratiu)
839 • In tests, add an invalid DBusAuthState to avoid undefined behaviour
840 in some test cases (fd.o #93909, Nick Lewycky)
842 • Add assertions to reassure a static analysis tool
843 (fd.o #93210, Deepika Aggarwal)
845 • Be explicit about enum comparison when loading XML
846 (fd.o #93205, Deepika Aggarwal)
848 • update-activation-environment: produce better diagnostics on error
849 (fd.o #96653, Simon McVittie)
851 • Avoid various compiler warnings with gcc 6
852 (fd.o #97282; Thomas Zimmermann, Simon McVittie)
854 • On Unix when configured to use the system log, report as "dbus-daemon",
855 not as "dbus" (fd.o #97009, Simon McVittie)
857 • During unit tests, reduce the amount we write to the system log
858 (fd.o #97009, Simon McVittie)
860 D-Bus 1.11.2 (2016-03-07)
863 The “pneumatic drill vs. Iron Maiden” release.
867 • Enable "large file support" on systems where it exists: dbus-daemon
868 is not expected to open large files, but it might need to stat files
869 that happen to have large inode numbers (fd.o #93545, Hongxu Jia)
871 • Eliminate padding inside DBusMessageIter on 64-bit platforms,
872 which might result in a pedantic C compiler not copying the entire contents
873 of a DBusMessageIter; statically assert that this is not an ABI change
874 in practice (fd.o #94136, Simon McVittie)
876 • Document dbus-test-tool echo --sleep-ms=N instead of incorrect --sleep=N
877 (fd.o #94244, Dmitri Iouchtchenko)
879 • Correctly report test failures in C tests from run-test.sh
880 (fd.o #93379; amit tewari, Simon McVittie)
882 • When tests are enabled, run all the marshal-validate tests, not just
883 the even-numbered ones (fd.o #93908, Nick Lewycky)
885 • Correct the expected error from one marshal-validate test, which was
886 previously not run due to the above bug (fd.o #93908, Simon McVittie)
888 • Fix compilation under CMake when embedded tests are disabled
889 (fd.o #94094, eric.hyer)
893 • Fix all -Wpointer-sign (signed/unsigned mismatch) warnings, and enable the
894 warning (fd.o #93069; Ralf Habacker, Simon McVittie)
896 • When building with CMake, use the same gcc/clang warnings as under Autotools,
897 or MSVC warnings that are broadly similar (fd.o #93069, Ralf Habacker)
899 • test/name-test: make C tests produce TAP output and run them directly, not
900 via run-test.sh (fd.o #92899, Simon McVittie)
902 • Under CMake when cross-compiling for Windows on Unix, run the tests
903 under Wine even if binfmt_misc support is not available
904 (fd.o #88966, Ralf Habacker)
906 • The DBUS_USE_TEST_BINARY environment variable is no longer used by builds with
907 embedded tests; DBUS_TEST_DBUS_LAUNCH replaces it (fd.o #92899, Simon McVittie)
909 • Factor out some functions that will be needed in future for a Windows
910 implementation of dbus-run-session (fd.o #92899, Ralf Habacker)
912 D-Bus 1.11.0 (2015-12-02)
915 The “peppermint deer” release.
919 • On non-Windows platforms, dbus now requires an <inttypes.h> that defines
920 C99 constants such as PRId64 and PRIu64.
924 • D-Bus Specification version 0.27
925 · Specify that services should not reply if NO_REPLY_EXPECTED was used
926 (fd.o #75749, Lars Uebernickel)
928 • Add a script to do continuous-integration builds, and metadata to run it
929 on travis-ci.org. To use this, clone the dbus git repository on GitHub
930 and set it up with travis-ci.org; the only special setting needed is
931 "only build branches with a .travis.yml". (fd.o #93194, Simon McVittie)
933 • If dbus-daemon is run with --systemd-activation, do not require
934 org.freedesktop.systemd1.service to exist (fd.o #93194, Simon McVittie)
938 • Re-order dbus-daemon startup so that on SELinux systems, the thread
939 that reads AVC notifications retains the ability to write to the
940 audit log (fd.o #92832, Laurent Bigonville)
942 • Print 64-bit integers on non-GNU Unix platforms (fd.o #92043, Natanael Copa)
944 • When using the Monitoring interface, match messages' destinations
945 (fd.o #92074, Simon McVittie)
947 • On Linux with systemd, stop installing a reference to the obsolete
948 dbus.target, and enable dbus.socket statically (fd.o #78412, #92402;
951 • On Windows, when including configuration files with <include> or
952 <includedir>, apply the same relocation as for the Exec paths
953 in .service files (fd.o #92028, Simon McVittie)
955 • Add support for backtraces on Windows (fd.o #92721, Ralf Habacker)
957 • Fix many -Wpointer-sign warnings (fd.o #93069, Ralf Habacker)
959 D-Bus 1.10.6 (2015-12-01)
962 The “marzipan beetles” release.
966 • On Unix when running tests as root, don't assert that root and
967 the dbus-daemon user can still call UpdateActivationEnvironment;
968 assert that those privileged users can call BecomeMonitor instead
969 (fd.o #93036, Simon McVittie)
971 • On Windows, fix a memory leak in the autolaunch transport (fd.o #92899,
974 • On Windows Autotools builds, don't run tests that rely on
975 dbus-run-session and other Unix-specifics (fd.o #92899, Simon McVittie)
977 D-Bus 1.10.4 (2015-11-17)
980 The “Frostburn Canyon” release.
984 • GetConnectionCredentials, GetConnectionUnixUser and
985 GetConnectionUnixProcessID with argument "org.freedesktop.DBus"
986 will now return details of the dbus-daemon itself. This is required
987 to be able to call SetEnvironment on systemd.
988 (fd.o #92857, Jan Alexander Steffens)
992 • Make UpdateActivationEnvironment always fail with AccessDenied on the
993 system bus. Previously, it was possible to configure it so root could
994 call it, but the environment variables were not actually used,
995 because the launch helper would discard them.
996 (fd.o #92857, Jan Alexander Steffens)
998 • On Unix with --systemd-activation on a user bus, make
999 UpdateActivationEnvironment pass on its arguments to systemd's
1000 SetEnvironment method, solving inconsistency between the environments
1001 used for traditional activation and systemd user-service activation.
1002 (fd.o #92857, Jan Alexander Steffens)
1004 • On Windows, don't crash if <syslog/> or --syslog is used
1005 (fd.o #92538, Ralf Habacker)
1007 • On Windows, fix a memory leak when setting a DBusError from a Windows
1008 error (fd.o #92721, Ralf Habacker)
1010 • On Windows, don't go into infinite recursion if we abort the process
1011 with backtraces enabled (fd.o #92721, Ralf Habacker)
1013 • Fix various failing tests, variously on Windows and cross-platform:
1014 · don't test system.conf features (users, groups) that only make sense
1015 on the system bus, which is not supported on Windows
1016 · don't call _dbus_warn() when we skip a test, since it is fatal
1017 · fix computation of expected <standard_session_servicedirs/>
1018 · when running TAP tests, translate newlines to Unix format, fixing
1019 cross-compiled tests under Wine on Linux
1020 · don't stress-test refcounting under Wine, where it's really slow
1021 · stop assuming that a message looped-back to the test will be received
1023 · skip some system bus tests on Windows since they make no sense there
1024 (fd.o #92538, fd.o #92721; Ralf Habacker, Simon McVittie)
1026 D-Bus 1.10.2 (2015-10-26)
1029 The “worst pies in London” release.
1033 • Correct error handling for activation: if there are multiple attempts
1034 to activate the same service and it fails immediately, the first attempt
1035 would get the correct reply, but the rest would time out. We now send
1036 the same error reply to each attempt. (fd.o #92200, Simon McVittie)
1038 • If BecomeMonitor is called with a syntactically invalid match rule,
1039 don't crash with an assertion failure, fixing a regression in 1.9.10.
1040 This was not exploitable as a denial of service, because the check
1041 for a privileged user is done first. (fd.o #92298, Simon McVittie)
1043 • On Linux with --enable-user-session, add the bus address to the
1044 environment of systemd services for better backwards compatibility
1045 (fd.o #92612, Jan Alexander Steffens)
1047 • On Windows, fix the logic for replacing the installation prefix
1048 in service files' Exec lines (fd.o #83539; Milan Crha, Simon McVittie)
1050 • On Windows, if installed in the conventional layout with ${prefix}/etc
1051 and ${prefix}/share, use relative paths between bus configuration files
1052 to allow the tree to be relocated (fd.o #92028, Simon McVittie)
1054 • Make more of the regression tests pass in Windows builds (fd.o #92538,
1057 D-Bus 1.10.0 (2015-08-25)
1062 This is a new stable branch, recommended for use in OS distributions.
1066 • distribute test/tap-test.sh.in, even if the tarball was built without
1067 tests enabled (fd.o #91684, Simon McVittie)
1068 • work around a fd leak in libcap-ng < 0.7.7 (fd.o #91684, Simon McVittie)
1070 Summary of major changes since 1.8.0:
1072 • The basic setup for the well-known system and session buses is
1073 now done in read-only files in ${datadir} (normally /usr/share).
1074 See the NEWS entry for 1.9.18 for details.
1076 • AppArmor integration has been merged, with features similar to the
1077 pre-existing SELinux integration. It is mostly compatible with the
1078 patches previously shipped by Ubuntu, with one significant change:
1079 Ubuntu's GetConnectionAppArmorSecurityContext method has been superseded
1080 by GetConnectionCredentials and was not included.
1082 • The --enable-user-session configure option can be enabled
1083 by OS integrators intending to use systemd to provide a session bus
1084 per user (in effect, treating all concurrent graphical and non-graphical
1085 login sessions as one large session).
1087 • The new listenable address mode "unix:runtime=yes" listens on
1088 $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the systemd
1089 user session. libdbus and "dbus-launch --autolaunch" will connect to
1090 this address by default. GLib ≥ 2.45.3 and sd-bus ≥ 209 have a
1093 • All executables are now dynamically linked to libdbus-1.
1094 Previously, some executables, most notably dbus-daemon, were statically
1095 linked to a specially-compiled variant of libdbus. This results in
1096 various private functions in the _dbus namespace being exposed by the
1097 shared library. These are not API, and must not be used outside
1098 the dbus source tree.
1100 • On platforms with ELF symbol versioning, all public symbols
1101 are versioned LIBDBUS_1_3.
1105 • org.freedesktop.DBus.GetConnectionCredentials returns
1106 LinuxSecurityLabel where supported
1107 • org.freedesktop.DBus.Monitoring interface (privileged)
1108 · BecomeMonitor method supersedes match rules with eavesdrop=true,
1109 which are now deprecated
1110 • org.freedesktop.DBus.Stats interface (semi-privileged)
1111 · now enabled by default
1112 · new GetAllMatchRules method
1113 • org.freedesktop.DBus.Verbose interface (not normally compiled)
1114 · toggles the effect of DBUS_VERBOSE
1119 • dbus-update-activation-environment
1121 New optional dependencies:
1123 • The systemd: pseudo-transport requires libsystemd or libsd-daemon
1124 • Complete documentation requires Ducktype and yelp-tools
1125 • Full test coverage requires GLib 2.36 and PyGI
1126 • AppArmor integration requires libapparmor and optionally libaudit
1128 Dependencies removed:
1132 D-Bus 1.9.20 (2015-08-06)
1135 The “Remember Tomorrow” release.
1137 This is a release-candidate for D-Bus 1.10.0. OS distribution vendors
1142 • Don't second-guess what the ABI of poll() is, allowing it to be used
1143 on Integrity RTOS and other unusual platforms (fd.o #90314;
1144 Rolland Dudemaine, Simon McVittie)
1146 • Don't duplicate audit subsystem integration if AppArmor and SELinux are
1147 both enabled (fd.o #89225, Simon McVittie)
1149 • Log audit events for AppArmor/SELinux policy violations whenever
1150 we have CAP_AUDIT_WRITE, even if not the system bus
1151 (fd.o #83856, Laurent Bigonville)
1153 D-Bus 1.9.18 (2015-07-21)
1156 The “Pirate Elite” release.
1158 Configuration changes:
1160 • The basic setup for the well-known system and session buses is now done
1161 in read-only files in ${datadir}, moving a step closer to systems
1162 that can operate with an empty /etc directory. In increasing order
1165 · ${datadir}/dbus-1/s*.conf now perform the basic setup such as setting
1166 the default message policies.
1167 · ${sysconfdir}/dbus-1/s*.conf are now optional. By default
1168 dbus still installs a trivial version of each, for documentation
1169 purposes; putting configuration directives in these files is deprecated.
1170 · ${datadir}/dbus-1/s*.d/ are now available for third-party software
1171 to install "drop-in" configuration snippets (any packages
1172 using those directories should explicitly depend on at least this
1174 · ${sysconfdir}/dbus-1/s*.d/ are also still available for sysadmins
1175 or third-party software to install "drop-in" configuration snippets
1176 · ${sysconfdir}/dbus-1/s*-local.conf are still available for sysadmins'
1179 ${datadir} is normally /usr/share, ${sysconfdir} is normally /etc,
1180 and "s*" refers to either system or session as appropriate.
1182 (fd.o #89280, Dimitri John Ledkov)
1186 • Fix a memory leak when GetConnectionCredentials() succeeds
1187 (fd.o #91008, Jacek Bukarewicz)
1189 • Ensure that dbus-monitor does not reply to messages intended for others,
1190 resulting in its own disconnection (fd.o #90952, Simon McVittie)
1192 D-Bus 1.9.16 (2015-05-14)
1195 The “titanium barns” release.
1199 • Automake 1.13 is now required when compiling from git or modifying
1204 • On Unix platforms, change the default configuration for the session bus
1205 to only allow EXTERNAL authentication (secure kernel-mediated
1206 credentials-passing), as was already done for the system bus.
1208 This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
1209 unpredictable pseudo-random numbers.
1211 If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
1212 in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
1213 NFS or similar, you will need to reconfigure the session bus to accept
1214 DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration
1217 (fd.o #90414, Simon McVittie)
1219 • When asked for random numbers for DBUS_COOKIE_SHA1, the nonce-tcp:
1220 transport, UUIDs or any other reason, fail if we cannot obtain entropy
1221 (from /dev/urandom or CryptGenRandom()) or an out-of-memory condition
1222 occurs, instead of silently falling back to low-entropy pseudorandom
1223 numbers from rand(). (fd.o #90414; Simon McVittie, Ralf Habacker)
1227 • Add dbus_message_iter_get_element_count()
1228 (fd.o #30350; Christian Dywan, Simon McVittie)
1230 • Introduce new internal DBusSocket and DBusPollable types so we can
1231 stop treating the Windows SOCKET type as if it was int. DBusSocket
1232 is specifically a socket, cross-platform. DBusPollable is whatever
1233 _dbus_poll() can act on, i.e. a fd on Unix or a SOCKET on Windows.
1234 (fd.o #89444; Ralf Habacker, Simon McVittie)
1236 • All regression tests now output TAP <https://testanything.org/>
1237 (fd.o #89846, Simon McVittie)
1239 • Internal APIs consistently use signed values for timestamps
1240 (fd.o #18494, Peter McCurdy)
1242 • Improve diagnostics when UpdateActivationEnvironment calls are rejected
1243 (fd.o #88812, Simon McVittie)
1245 • Clean up a lot of compiler warnings
1246 (fd.o #17289, fd.o #89284; Ralf Habacker, Simon McVittie)
1250 • Add locking to DBusCounter's reference count and notify function
1251 (fd.o #89297, Adrian Szyndela)
1253 • Ensure that DBusTransport's reference count is protected by the
1254 corresponding DBusConnection's lock (fd.o #90312, Adrian Szyndela)
1256 • Correctly release DBusServer mutex before early-return if we run out
1257 of memory while copying authentication mechanisms (fd.o #90021,
1260 • Make dbus-test-tool and dbus-update-activation-environment portable
1261 to Windows (fd.o #90089, Ralf Habacker)
1263 • Correctly initialize all fields of DBusTypeReader (fd.o #90021;
1264 Ralf Habacker, Simon McVittie)
1266 • Fix some missing \n in verbose (debug log) messages (fd.o #90004,
1269 • Clean up some memory and fd leaks in test code and tools
1270 (fd.o #90021, Ralf Habacker)
1272 • Fix a NULL dereference if the dbus-daemon cannot read a configuration
1273 directory for a reason that is not ENOENT (fd.o #90021, Ralf Habacker)
1275 • CMake generates a versioned shared library even if the revision is 0,
1276 as it usually is on the development branch. (fd.o #89450, Ralf Habacker)
1278 D-Bus 1.9.14 (2015-03-02)
1281 The “don't stand in the poison cloud” release.
1285 • dbus-daemon and dbus-daemon-launch-helper now require libdbus. They
1286 were previously linked to a static version of libdbus.
1288 • The tests no longer require dbus-glib in order to exercise the libdbus
1289 shared library; they are always linked to libdbus now.
1291 Build-time configuration:
1293 • The new --enable-user-session option, off by default, can be enabled
1294 by OS integrators intending to use systemd to provide a session bus
1295 per user (in effect, treating all concurrent graphical and non-graphical
1296 login sessions as one large session)
1300 • All executables are now linked dynamically to libdbus.
1301 (fd.o #83115; Bertrand SIMONNET, Simon McVittie, Ralf Habacker)
1303 • On platforms that support them (GNU libc and possibly others),
1304 libdbus now has versioned symbols for its public API.
1305 All public symbols (visible in the header files) are currently
1306 versioned as LIBDBUS_1_3; private symbols starting with _dbus or
1307 dbus_internal have a version that changes with each release, and
1308 must not be used by applications. (also fd.o #83115)
1310 • New listenable address mode "unix:runtime=yes" which listens on
1311 a real filesystem (non-abstract) socket $XDG_RUNTIME_DIR/bus
1312 (fd.o #61303; Colin Walters, Alexander Larsson, Simon McVittie)
1314 • Add optional systemd units for a per-user bus listening on
1315 $XDG_RUNTIME_DIR/bus (fd.o #61301; Simon McVittie, Colin Walters)
1317 • On Unix platforms, both libdbus and "dbus-launch --autolaunch"
1318 default to connecting to $XDG_RUNTIME_DIR/bus if it is a socket
1321 • New dbus-update-activation-environment tool uploads environment
1322 variables to "dbus-daemon --session" and optionally "systemd --user",
1323 primarily as a way to keep the per-user bus compatible with
1324 distributions' existing X11 login scripts (also fd.o #61301)
1326 • <includedir/> elements in dbus-daemon configuration are now silently
1327 ignored if the directory does not exist. (fd.o #89280, Dimitri John Ledkov)
1329 • Add microsecond-resolution timestamps to the default output of
1330 dbus-monitor and dbus-send (fd.o #88896; Ralf Habacker, Simon McVittie)
1334 • Fix a race condition in the 'monitor' test introduced in 1.9.10
1335 (fd.o #89222, Simon McVittie)
1337 D-Bus 1.9.12 (2015-02-19)
1340 The “monster lasagna” release.
1344 • Ducktype and yelp-tools are now required to build complete documentation
1345 (they are optional for normal builds).
1349 • D-Bus Specification version 0.26
1350 · GetConnectionCredentials can return LinuxSecurityLabel or WindowsSID
1351 · document the BecomeMonitor method
1353 • On Linux, add LinuxSecurityLabel to GetConnectionCredentials
1354 (fd.o #89041; Tyler Hicks, Simon McVittie)
1356 • On Linux, add support for AppArmor mediation of message sending and
1357 receiving and name ownership (paralleling existing SELinux mediation
1358 support), and eavesdropping (a new check, currently AppArmor-specific)
1359 (fd.o #75113; John Johansen, Tyler Hicks, Simon McVittie)
1361 • In dbus-send and dbus-monitor, pretty-print \0-terminated bytestrings
1362 that have printable ASCII contents; we previously only did this for
1363 unterminated bytestrings (fd.o #89109, Simon McVittie)
1365 • Add a guide to designing good D-Bus APIs (fd.o #88994, Philip Withnall)
1367 • On Windows, add WindowsSID to GetConnectionCredentials
1368 (fd.o #54445, Ralf Habacker)
1370 • Improve clarity of dbus-monitor --profile output and add more columns
1371 (fd.o #89165, Ralf Habacker)
1373 • Add a man page for dbus-test-tool, and build it under CMake as well
1374 as Autotools (fd.o#89086, Simon McVittie)
1376 • If dbus-daemon was compiled with --enable-verbose, add a D-Bus API
1377 to control it at runtime, overriding the DBUS_VERBOSE environment variable
1378 (fd.o #88896, Ralf Habacker)
1382 • Reduce the number of file descriptors used in the fd-passing test,
1383 avoiding failure under the default Linux fd limit, and automatically
1384 skip it if the rlimit is too small (fd.o #88998, Simon McVittie)
1386 D-Bus 1.9.10 (2015-02-09)
1389 The “sad cyborgs” release.
1391 Security fixes merged from 1.8.16:
1393 • Do not allow non-uid-0 processes to send forged ActivationFailure
1394 messages. On Linux systems with systemd activation, this would
1395 allow a local denial of service: unprivileged processes could
1396 flood the bus with these forged messages, winning the race with
1397 the actual service activation and causing an error reply
1398 to be sent back when service auto-activation was requested.
1399 This does not prevent the real service from being started,
1400 so the attack only works while the real service is not running.
1401 (CVE-2015-0245, fd.o #88811; Simon McVittie)
1405 • The new Monitoring interface in the dbus-daemon lets dbus-monitor and
1406 similar tools receive messages without altering the security properties
1407 of the system bus, by calling the new BecomeMonitor method on a
1408 private connection. This bypasses the normal <allow> and <deny> rules
1409 entirely, so to preserve normal message-privacy assumptions, only root
1410 is allowed to do this on the system bus. Restricted environments,
1411 such as Linux with LSMs, should lock down access to the Monitoring
1412 interface. (fd.o #46787, Simon McVittie)
1414 • dbus-monitor uses BecomeMonitor to capture more traffic, if the
1415 dbus-daemon supports it and access permissions allow it.
1416 It still supports the previous approach ("eavesdropping" match rules)
1417 for compatibility with older bus daemons. (fd.o #46787, Simon)
1419 • dbus-monitor can now log the message stream as binary data for later
1420 analysis, with either no extra framing beyond the normal D-Bus headers,
1421 or libpcap-compatible framing treating each D-Bus message
1422 as a captured packet. (fd.o #46787, Simon)
1426 • Fix some CMake build regressions (fd.o #88964, Ralf Habacker)
1428 • On Unix, forcibly terminate regression tests after 60 seconds to
1429 prevent them from blocking continuous integration frameworks
1430 (fd.o #46787, Simon)
1432 D-Bus 1.9.8 (2015-02-03)
1435 The “all the types of precipitation” release.
1439 • full test coverage now requires GLib 2.36
1440 • full test coverage now requires PyGI (PyGObject 3,
1441 "import gi.repository.GObject") instead of the
1442 obsolete PyGObject 2 ("import gobject")
1446 • add GLib-style "installed tests" (fd.o #88810, Simon McVittie)
1448 • better regression test coverage, including systemd activation
1449 (fd.o #57952, #88810; Simon McVittie)
1453 • fatal errors correctly make the dbus-daemon exit even if <syslog/> is
1454 turned off (fd.o #88808, Simon McVittie)
1456 • TCP sockets on Windows no longer fail to listen approximately 1 time
1457 in 256, caused by a logic error that should have always made it fail but
1458 was mitigated by incorrect endianness for the port number
1459 (fd.o #87999, Ralf Habacker)
1461 • fix some Windows build failures (fd.o #88009, #88010; Ralf Habacker)
1463 • on Windows, allow up to 8K connections to the dbus-daemon instead of the
1464 previous 64, completing a previous fix which only worked under
1465 Autotools (fd.o #71297, Ralf Habacker)
1467 • on Windows, if the IP family is unspecified only use IPv4,
1468 to mitigate IPv6 not working correctly (fd.o #87999, Ralf Habacker)
1470 • fix some unlikely memory leaks on OOM (fd.o #88087, Simon McVittie)
1472 • lcov code coverage analysis works again (fd.o #88808, Simon McVittie)
1474 • fix an unused function error with --disable-embedded-tests (fd.o #87837,
1477 D-Bus 1.9.6 (2015-01-05)
1480 The “I do have a bread knife” release.
1484 • Do not allow calls to UpdateActivationEnvironment from uids other than
1485 the uid of the dbus-daemon. If a system service installs unsafe
1486 security policy rules that allow arbitrary method calls
1487 (such as CVE-2014-8148) then this prevents memory consumption and
1488 possible privilege escalation via UpdateActivationEnvironment.
1490 We believe that in practice, privilege escalation here is avoided
1491 by dbus-daemon-launch-helper sanitizing its environment; but
1492 it seems better to be safe.
1494 • Do not allow calls to UpdateActivationEnvironment or the Stats interface
1495 on object paths other than /org/freedesktop/DBus. Some system services
1496 install unsafe security policy rules that allow arbitrary method calls
1497 to any destination, method and interface with a specified object path;
1498 while less bad than allowing arbitrary method calls, these security
1499 policies are still harmful, since dbus-daemon normally offers the
1500 same API on all object paths and other system services might behave
1505 • Add missing initialization so GetExtendedTcpTable doesn't crash on
1506 Windows Vista SP0 (fd.o #77008, Илья А. Ткаченко)
1508 D-Bus 1.9.4 (2014-11-24)
1511 The “extra-sturdy caramel” release.
1515 • Partially revert the CVE-2014-3639 patch by increasing the default
1516 authentication timeout on the system bus from 5 seconds back to 30
1517 seconds, since this has been reported to cause boot regressions for
1518 some users, mostly with parallel boot (systemd) on slower hardware.
1520 On fast systems where local users are considered particularly hostile,
1521 administrators can return to the 5 second timeout (or any other value
1522 in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
1525 <limit name="auth_timeout">5000</limit>
1528 (fd.o #86431, Simon McVittie)
1530 • Add a message in syslog/the Journal when the auth_timeout is exceeded
1531 (fd.o #86431, Simon McVittie)
1533 • Send back an AccessDenied error if the addressed recipient is not allowed
1534 to receive a message (and in builds with assertions enabled, don't
1535 assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
1537 D-Bus 1.9.2 (2014-11-10)
1540 The “structurally unsound flapjack” release.
1544 • Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536
1545 so that CVE-2014-3636 part A cannot exhaust the system bus'
1546 file descriptors, completing the incomplete fix in 1.8.8.
1547 (CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy)
1551 • D-Bus Specification version 0.25
1552 · new value 'const' for EmitsChangedSignal annotation
1553 (fd.o #72958, Lennart Poettering)
1554 · new ALLOW_INTERACTIVE_AUTHORIZATION flag, for PolicyKit and similar
1555 (fd.o #83449; Lennart Poettering, Simon McVittie)
1556 · annotate table of types with reserved/basic/container, and for
1557 basic types, fixed/string-like
1558 · clarify arbitrary limits by quoting them in mebibytes
1560 • New API: add accessors for the ALLOW_INTERACTIVE_AUTHORIZATION flag
1561 (fd.o #83449, Simon McVittie)
1563 • Add dbus-test-tool, a D-Bus swiss army knife with multiple subcommands,
1564 useful for debugging and performance testing:
1565 · dbus-test-tool spam: send repeated messages
1566 · dbus-test-tool echo: send an empty reply for all method calls
1567 · dbus-test-tool black-hole: do not reply to method calls
1568 (fd.o #34140; Alban Crequy, Simon McVittie, Will Thompson)
1570 • Add support for process ID in credentials-passing on NetBSD
1571 (fd.o #69702, Patrick Welche)
1573 • Add an example script to find potentially undesired match rules
1574 (fd.o #84598, Alban Crequy)
1576 • Document the central assumption that makes our use of credentials-passing
1577 secure (fd.o #83499, Simon McVittie)
1579 • Replace the dbus-glib section of the tutorial with a GDBus recommendation,
1580 and add some links to GDBus and QtDBus documentation (fd.o #25140,
1585 • Use a less confusing NoReply message when disconnected with a reply pending
1586 (fd.o #76112, Simon McVittie)
1588 • Make the .pc file relocatable by letting pkg-config do all variable
1589 expansion itself (fd.o #75858, Руслан Ижбулатов)
1591 • Fix a build failure on platforms with kqueue, which regressed in 1.9.0
1592 (fd.o #85563, Patrick Welche)
1594 • Consistently save errno after socket calls (fd.o #83625, Simon McVittie)
1596 • In dbus-spawn, when the grandchild process exits due to a failed exec(),
1597 do not lose the exec() errno (fd.o #24821, Simon McVittie)
1599 • Do not fail the tests if a parent process has leaked non-close-on-exec
1600 file descriptors to us (fd.o #73689, fd.o #83899; Simon McVittie)
1602 • Do not fail the tests on Unix platforms with incomplete
1603 credentials-passing support, but do fail if we can't pass credentials
1604 on a platform where it is known to work: Linux, FreeBSD, OpenBSD, NetBSD
1605 (fd.o #69702, Simon McVittie)
1607 • Detect accept4, dirfd, inotify_init1, pipe2, and Unix fd passing
1608 when building with cmake, and expand test coverage there
1609 (fd.o #73689; Ralf Habacker, Simon McVittie)
1611 D-Bus 1.9.0 (2014-10-01)
1614 The “tiered cheeses” release.
1618 • Support for the systemd: (LISTEN_FDS) pseudo-transport on Linux now
1619 requires either the libsystemd or libsd-daemon shared library, dropping the
1620 embedded convenience copy of sd-daemon (fd.o #71818, Simon)
1622 Build-time configuration changes:
1624 • The Stats interface is now enabled by default, and locked-down to
1625 root-only on the system bus. Configure with --disable-stats
1626 to disable it altogether on memory- or disk-constrained systems,
1627 or see ${docdir}/examples/ to open it up to non-root users on the
1628 system bus or restrict access on the session bus.
1629 (fd.o #80759; Simon McVittie, Alban Crequy)
1631 • The CMake build system now builds the same shared library name as Autotools
1632 on at least Linux and Windows:
1633 - on Linux (and perhaps other Unix platforms), it previously built
1634 libdbus-1.so, but now builds libdbus-1.so.3.* with development
1635 symlink libdbus-1.so and SONAME/symlink libdbus-1.so.3
1636 - on Windows, it previously built either libdbus-1.dll (release) or
1637 libdbus-1d.dll (debug), but now builds libdbus-1-3.dll, copied to
1638 libdbus-1.dll for compatibility with older applications.
1639 (fd.o #74117, Ralf Habacker)
1643 • D-Bus Specification version 0.24
1644 · document how to quote match rules (fd.o #24307, Simon McVittie)
1645 · explicitly say that most message types never expect a reply
1646 regardles of whether they have NO_REPLY_EXPECTED
1647 (fd.o #75749, Simon McVittie)
1649 • on Unix platforms, disable Nagle's algorithm on TCP connections to improve
1650 initial latency (fd.o #75544, Matt Hoosier)
1652 • use backtrace() if it is in -lexecinfo instead of libc, as on NetBSD
1653 (fd.o #69702, Patrick Welche)
1655 • in dbus-monitor, print more information about file descriptors
1656 (fd.o #80603, Alban Crequy)
1658 • do not install system bus configuration if built for Windows
1659 (fd.o #83583; Ralf Habacker, Simon McVittie)
1661 • Add GetAllMatchRules to the Stats interface (fd.o #24307, Alban Crequy)
1663 • Add a regression test for file descriptor passing (fd.o #83622,
1668 • fix an incorrect error message if a Unix socket path is too long
1669 (fd.o #73887, Antoine Jacoutot)
1671 • in an MSYS/Cygwin environment, pass Unix-style filenames to xmlto,
1672 fixing documentation generation (fd.o #75860, Руслан Ижбулатов)
1674 • in Unix with X11, avoid giving dbus-launch a misleading argv[0]
1675 in ps(1) (fd.o #69716, Chengwei Yang)
1677 • avoid calling poll() with timeout < -1, which is considered invalid
1678 on FreeBSD and NetBSD (fd.o #78480, Jaap Boender)
1680 • be portable to BSD-derived platforms where O_CLOEXEC is unavailable in libc
1681 (like Mac OS X 10.6), or available in libc but unsupported by the kernel
1682 (fd.o #77032; rmvsxop, OBATA Akio, Patrick Welche)
1684 • Fix include path for test/internal/*.c with cmake (Ralf Habacker)
1686 • Documentation improvements
1687 (fd.o #80795, #84313; Thomas Haller, Sebastian Rasmussen)
1689 • in dbus-monitor, do not leak file descriptors that we have monitored
1690 (fd.o #80603, Alban Crequy)
1692 • Set the close-on-exec flag for the inotify file descriptor, even
1693 if built with CMake or older libc (fd.o #73689, Simon McVittie)
1695 • Remove some LGPL code from the Windows dbus-daemon
1696 (fd.o #57272, Ralf Habacker)
1698 D-Bus 1.8.8 (2014-09-16)
1701 The "smashy smashy egg man" release.
1705 • Do not accept an extra fd in the padding of a cmsg message, which
1706 could lead to a 4-byte heap buffer overrun.
1707 (CVE-2014-3635, fd.o #83622; Simon McVittie)
1709 • Reduce default for maximum Unix file descriptors passed per message
1710 from 1024 to 16, preventing a uid with the default maximum number of
1711 connections from exhausting the system bus' file descriptors under
1712 Linux's default rlimit. Distributors or system administrators with a
1713 more restrictive fd limit may wish to reduce these limits further.
1715 Additionally, on Linux this prevents a second denial of service
1716 in which the dbus-daemon can be made to exceed the maximum number
1717 of fds per sendmsg() and disconnect the process that would have
1719 (CVE-2014-3636, fd.o #82820; Alban Crequy)
1721 • Disconnect connections that still have a fd pending unmarshalling after
1722 a new configurable limit, pending_fd_timeout (defaulting to 150 seconds),
1723 removing the possibility of creating an abusive connection that cannot be
1724 disconnected by setting up a circular reference to a connection's
1726 (CVE-2014-3637, fd.o #80559; Alban Crequy)
1728 • Reduce default for maximum pending replies per connection from 8192 to 128,
1729 mitigating an algorithmic complexity denial-of-service attack
1730 (CVE-2014-3638, fd.o #81053; Alban Crequy)
1732 • Reduce default for authentication timeout on the system bus from
1733 30 seconds to 5 seconds, avoiding denial of service by using up
1734 all unauthenticated connection slots; and when all unauthenticated
1735 connection slots are used up, make new connection attempts block
1736 instead of disconnecting them.
1737 (CVE-2014-3639, fd.o #80919; Alban Crequy)
1741 • Check for libsystemd from systemd >= 209, falling back to
1742 the older separate libraries if not found (Umut Tezduyar Lindskog,
1745 • On Linux, use prctl() to disable core dumps from a test executable
1746 that deliberately raises SIGSEGV to test dbus-daemon's handling
1747 of that condition (fd.o #83772, Simon McVittie)
1749 • Fix compilation with --enable-stats (fd.o #81043, Gentoo #507232;
1752 • Improve documentation for running tests on Windows (fd.o #41252,
1755 D-Bus 1.8.6 (2014-06-02)
1760 • On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently drop
1761 the message. This prevents an attack in which a malicious client can
1762 make dbus-daemon disconnect a system service, which is a local
1764 (fd.o #80163, CVE-2014-3532; Alban Crequy)
1766 • Track remaining Unix file descriptors correctly when more than one
1767 message in quick succession contains fds. This prevents another attack
1768 in which a malicious client can make dbus-daemon disconnect a system
1770 (fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
1771 Simon McVittie, Alban Crequy)
1775 • When dbus-launch --exit-with-session starts a dbus-daemon but then cannot
1776 attach to a session, kill the dbus-daemon as intended
1777 (fd.o #74698, Роман Донченко)
1779 D-Bus 1.8.4 (2014-06-10)
1784 • Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service
1785 flaw in dbus-daemon, part of the reference implementation of D-Bus.
1786 Additionally, in highly unusual environments the same flaw could lead to
1787 a side channel between processes that should not be able to communicate.
1788 (CVE-2014-3477, fd.o #78979)
1790 D-Bus 1.8.2 (2014-04-30)
1793 The “nobody wants red” release.
1797 • in the CMake build system, add some hints for Linux users cross-compiling
1798 Windows D-Bus binaries to be able to run tests under Wine
1799 (fd.o #41252, Ralf Habacker)
1801 • add Documentation key to dbus.service (fd.o #77447, Cameron Norman)
1805 • in "dbus-uuidgen --ensure", try to copy systemd's /etc/machine-id
1806 to /var/lib/dbus/machine-id instead of generating an entirely new ID
1807 (fd.o #77941, Simon McVittie)
1809 • if dbus-launch receives an X error very quickly, do not kill
1810 unrelated processes (fd.o #74698, Роман Донченко)
1812 • on Windows, allow up to 8K connections to the dbus-daemon, instead of the
1813 previous 64 (fd.o #71297; Cristian Onet, Ralf Habacker)
1815 • cope with \r\n newlines in regression tests, since on Windows,
1816 dbus-daemon.exe uses text mode (fd.o #75863, Руслан Ижбулатов)
1818 D-Bus 1.8.0 (2014-01-20)
1821 The “Wolverine distrusts my printer” release.
1823 This starts a new stable branch. The 1.6.x branch is now considered to be
1824 outdated, and will only receive fixes for serious bugs such as security
1825 flaws. The 1.4.x and 1.2.x branches no longer have upstream support and
1826 are unlikely to get any more releases, but if distributors still need to
1827 support them, please share security patches via upstream.
1829 Summary of changes since 1.6.x:
1831 • libdbus always behaves as if dbus_threads_init_default() had been called
1832 (thread-safety by default)
1833 • new dbus-run-session tool, replacing certain misuses of dbus-launch
1834 • dbus-monitor can talk to outdated versions of dbus-daemon again
1835 • new org.freedesktop.DBus.GetConnectionCredentials method
1836 • GetConnectionUnixProcessID also works correctly on Windows, returning
1837 the Windows process ID
1838 • GetConnectionWindowsSID returns the correct SID on Windows
1839 • expat is required, libxml2 can no longer be used as a substitute
1840 • the userDB cache is required, and cannot be disabled
1841 • a 64-bit integer type (either int, long, long long or _int64) is required
1842 • better systemd-journald integration on Linux
1843 • fixed long-standing fd and array leaks when failing to parse a message
1844 • fixed referenced-but-never-freed parent nodes (effectively memory leaks)
1845 when using certain object-path allocation patterns, notably in Avahi
1846 • better defaults for Windows support
1847 • better CMake support
1848 • better portability to mingw32, FreeBSD, NetBSD, QNX and Hurd
1849 • the source language for the man pages is now Docbook XML
1851 Enhancements since 1.7.10:
1853 • Enhance the CMake build system to check for GLib and compile/run
1854 a subset of the regression tests (fd.o #41252, #73495; Ralf Habacker)
1858 • don't rely on va_copy(), use DBUS_VA_COPY() wrapper (fd.o #72840,
1861 • fix compilation of systemd journal support on older systemd versions where
1862 sd-journal.h doesn't include syslog.h (fd.o #73455, Ralf Habacker)
1864 • fix compilation on older MSVC versions by including stdlib.h
1865 (fd.o #73455, Ralf Habacker)
1867 • Allow <allow_anonymous/> to appear in an included configuration file
1868 (fd.o #73475, Matt Hoosier)
1870 Test behaviour changes since 1.7.10:
1872 • If the tests crash with an assertion failure, they no longer default to
1873 blocking for a debugger to be attached. Set DBUS_BLOCK_ON_ABORT in the
1874 environment if you want the old behaviour.
1876 • To improve debuggability, the dbus-daemon and dbus-daemon-eavesdrop tests
1877 can be run with an external dbus-daemon by setting
1878 DBUS_TEST_DAEMON_ADDRESS in the environment. Test-cases that require
1879 an unusually-configured dbus-daemon are skipped.
1881 D-Bus 1.7.10 (2014-01-06)
1884 The “weighted companion cube” release.
1886 This is a release candidate for D-Bus 1.8.
1888 D-Bus Specification 0.23:
1890 • don't require messages with no INTERFACE to be dispatched
1891 (fd.o #68597, Simon McVittie)
1893 • document "tcp:bind=..." and "nonce-tcp:bind=..." (fd.o #72301,
1896 • define "listenable" and "connectable" addresses, and discuss
1897 the difference (fd.o #61303, Simon McVittie)
1901 • support printing Unix file descriptors in dbus-send, dbus-monitor
1902 (fd.o #70592, Robert Ancell)
1904 • don't install systemd units if --disable-systemd is given
1905 (fd.o #71818, Chengwei Yang)
1909 • don't leak memory on out-of-memory while listing activatable or
1910 active services (fd.o #71526, Radoslaw Pajak)
1912 • fix undefined behaviour in a regression test (fd.o #69924, DreamNik)
1914 • escape Unix socket addresses correctly (fd.o #46013, Chengwei Yang)
1916 • on SELinux systems, don't assume that SECCLASS_DBUS, DBUS__ACQUIRE_SVC
1917 and DBUS__SEND_MSG are numerically equal to their values in the
1918 reference policy (fd.o #88719, osmond sun)
1920 • define PROCESS_QUERY_LIMITED_INFORMATION if missing from MinGW < 4 headers
1921 (fd.o #71366, Matt Fischer)
1923 • define WIN32_LEAN_AND_MEAN to avoid conflicts between winsock.h and
1924 winsock2.h (fd.o #71405, Matt Fischer)
1926 • do not return failure from _dbus_read_nonce() with no error set,
1927 preventing a potential crash (fd.o #72298, Chengwei Yang)
1929 • on BSD systems, avoid some O(1)-per-process memory and fd leaks in kqueue,
1930 preventing test failures (fd.o #69332, fd.o #72213; Chengwei Yang)
1932 • fix warning spam on Hurd by not trying to set SO_REUSEADDR on Unix sockets,
1933 which doesn't do anything anyway on at least Linux and FreeBSD
1934 (fd.o #69492, Simon McVittie)
1936 • fix use of TCP sockets on FreeBSD and Hurd by tolerating EINVAL from
1937 sendmsg() with SCM_CREDS (retrying with plain send()), and looking
1938 for credentials more correctly (fd.o #69492, Simon McVittie)
1940 • ensure that tests run with a temporary XDG_RUNTIME_DIR to avoid
1941 getting mixed up in XDG/systemd "user sessions" (fd.o #61301,
1944 • refresh cached policy rules for existing connections when bus
1945 configuration changes (fd.o #39463, Chengwei Yang)
1947 D-Bus 1.7.8 (2013-11-01)
1950 The “extreme hills” release.
1954 • If systemd support is enabled, libsystemd-journal is now required.
1958 • When activating a non-systemd service under systemd, annotate its
1959 stdout/stderr with its bus name in the Journal. Known limitation:
1960 because the socket is opened before forking, the process will still be
1961 logged as if it had dbus-daemon's process ID and user ID.
1962 (fd.o #68559, Chengwei Yang)
1964 • Document more configuration elements in dbus-daemon(1)
1965 (fd.o #69125, Chengwei Yang)
1969 • Don't leak string arrays or fds if dbus_message_iter_get_args_valist()
1970 unpacks them and then encounters an error (fd.o #21259, Chengwei Yang)
1972 • If compiled with libaudit, retain CAP_AUDIT_WRITE so we can write
1973 disallowed method calls to the audit log, fixing a regression in 1.7.6
1974 (fd.o #49062, Colin Walters)
1976 • path_namespace='/' in match rules incorrectly matched nothing; it
1977 now matches everything. (fd.o #70799, Simon McVittie)
1979 D-Bus 1.7.6 (2013-10-09)
1982 The “CSI Shrewsbury” release.
1984 Build-time configuration changes:
1986 • Directory change notification via dnotify on Linux is no longer
1987 supported; it hadn't compiled successfully since 2010 in any case.
1988 If you don't have inotify (Linux) or kqueue (*BSD), you will need
1989 to send SIGHUP to the dbus-daemon when its configuration changes.
1990 (fd.o #33001, Chengwei Yang)
1992 • Compiling with --disable-userdb-cache is no longer supported;
1993 it didn't work since at least 2008, and would lead to an extremely
1994 slow dbus-daemon even it worked. (fd.o #15589, #17133, #66947;
1997 • The DBUS_DISABLE_ASSERTS CMake option didn't actually disable most
1998 assertions. It has been renamed to DBUS_DISABLE_ASSERT to be consistent
1999 with the Autotools build system. (fd.o #66142, Chengwei Yang)
2001 • --with-valgrind=auto enables Valgrind instrumentation if and only if
2002 valgrind headers are available. The default is still --with-valgrind=no.
2003 (fd.o #56925, Simon McVittie)
2007 • Platforms with no 64-bit integer type are no longer supported.
2008 (fd.o #65429, Simon McVittie)
2010 • GNU make is now (documented to be) required. (fd.o #48277, Simon McVittie)
2012 • Full test coverage no longer requires dbus-glib, although the tests do not
2013 exercise the shared library (only a static copy) if dbus-glib is missing.
2014 (fd.o #68852, Simon McVittie)
2018 • D-Bus Specification 0.22
2019 · Document GetAdtAuditSessionData() and
2020 GetConnectionSELinuxSecurityContext() (fd.o #54445, Simon)
2021 · Fix example .service file (fd.o #66481, Chengwei Yang)
2022 · Don't claim D-Bus is "low-latency" (lower than what?), just
2023 give factual statements about it supporting async use
2024 (fd.o #65141, Justin Lee)
2025 · Document the contents of .service files, and the fact that
2026 system services' filenames are constrained
2027 (fd.o #66608; Simon McVittie, Chengwei Yang)
2029 • Be thread-safe by default on all platforms, even if
2030 dbus_threads_init_default() has not been called. For compatibility with
2031 older libdbus, library users should continue to call
2032 dbus_threads_init_default(): it is harmless to do so.
2033 (fd.o #54972, Simon McVittie)
2035 • Add GetConnectionCredentials() method (fd.o #54445, Simon)
2037 • New API: dbus_setenv(), a simple wrapper around setenv().
2038 Note that this is not thread-safe. (fd.o #39196, Simon)
2040 • Add dbus-send --peer=ADDRESS (connect to a given peer-to-peer connection,
2041 like --address=ADDRESS in previous versions) and dbus-send --bus=ADDRESS
2042 (connect to a given bus, like dbus-monitor --address=ADDRESS).
2043 dbus-send --address still exists for backwards compatibility,
2044 but is no longer documented. (fd.o #48816, Andrey Mazo)
2047 · "dbus-daemon --nofork" is allowed on Windows again. (fd.o #68852,
2052 • Avoid an infinite busy-loop if a signal interrupts waitpid()
2053 (fd.o #68945, Simon McVittie)
2055 • Clean up memory for parent nodes when objects are unexported
2056 (fd.o #60176, Thomas Fitzsimmons)
2058 • Make dbus_connection_set_route_peer_messages(x, FALSE) behave as
2059 documented. Previously, it assumed its second parameter was TRUE.
2060 (fd.o #69165, Chengwei Yang)
2062 • Escape addresses containing non-ASCII characters correctly
2063 (fd.o #53499, Chengwei Yang)
2065 • Document <servicedir> search order correctly (fd.o #66994, Chengwei Yang)
2067 • Don't crash on "dbus-send --session / x.y.z" which regressed in 1.7.4.
2068 (fd.o #65923, Chengwei Yang)
2070 • If malloc() returns NULL in _dbus_string_init() or similar, don't free
2071 an invalid pointer if the string is later freed (fd.o #65959, Chengwei Yang)
2073 • If malloc() returns NULL in dbus_set_error(), don't va_end() a va_list
2074 that was never va_start()ed (fd.o #66300, Chengwei Yang)
2076 • fix build failure with --enable-stats (fd.o #66004, Chengwei Yang)
2078 • fix a regression test on platforms with strict alignment (fd.o #67279,
2081 • Avoid calling function parameters "interface" since certain Windows headers
2082 have a namespace-polluting macro of that name (fd.o #66493, Ivan Romanov)
2084 • Assorted Doxygen fixes (fd.o #65755, Chengwei Yang)
2086 • Various thread-safety improvements to static variables (fd.o #68610,
2089 • Make "make -j check" work (fd.o #68852, Simon McVittie)
2091 • Fix a NULL pointer dereference on an unlikely error path
2092 (fd.o #69327, Sviatoslav Chagaev)
2094 • Improve valgrind memory pool tracking (fd.o #69326,
2097 • Don't over-allocate memory in dbus-monitor (fd.o #69329,
2100 • dbus-monitor can monitor dbus-daemon < 1.5.6 again
2101 (fd.o #66107, Chengwei Yang)
2104 · If accept4() fails with EINVAL, as it can on older Linux kernels
2105 with newer glibc, try accept() instead of going into a busy-loop.
2106 (fd.o #69026, Chengwei Yang)
2107 · If socket() or socketpair() fails with EINVAL or EPROTOTYPE,
2108 for instance on Hurd or older Linux with a new glibc, try without
2109 SOCK_CLOEXEC. (fd.o #69073; Pino Toscano, Chengwei Yang)
2110 · Fix a file descriptor leak on an error code path.
2111 (fd.o #69182, Sviatoslav Chagaev)
2112 · dbus-run-session: clear some unwanted environment variables
2113 (fd.o #39196, Simon)
2114 · dbus-run-session: compile on FreeBSD (fd.o #66197, Chengwei Yang)
2115 · Don't fail the autolaunch test if there is no DISPLAY (fd.o #40352, Simon)
2116 · Use dbus-launch from the builddir for testing, not the installed copy
2117 (fd.o #37849, Chengwei Yang)
2118 · Fix compilation if writev() is unavailable (fd.o #69409,
2120 · Remove broken support for LOCAL_CREDS credentials passing, and
2121 document where each credential-passing scheme is used (fd.o #60340,
2123 · Make autogen.sh work on *BSD by not assuming GNU coreutils functionality
2124 (fd.o #35881, #69787; Chengwei Yang)
2125 · dbus-monitor: be portable to NetBSD (fd.o #69842, Chengwei Yang)
2126 · dbus-launch: stop using non-portable asprintf (fd.o #37849, Simon)
2127 · Improve error reporting from the setuid activation helper (fd.o #66728,
2131 · Remove unavailable command-line options from 'dbus-daemon --help'
2132 (fd.o #42441, Ralf Habacker)
2133 · Add support for looking up local TCPv4 clients' credentials on
2134 Windows XP via the undocumented AllocateAndGetTcpExTableFromStack
2135 function (fd.o #66060, Ralf Habacker)
2136 · Fix insufficient dependency-tracking (fd.o #68505, Simon McVittie)
2137 · Don't include wspiapi.h, fixing a compiler warning (fd.o #68852,
2141 · add DBUS_ENABLE_ASSERT, DBUS_ENABLE_CHECKS for less confusing
2142 conditionals (fd.o #66142, Chengwei Yang)
2143 · improve verbose-mode output (fd.o #63047, Colin Walters)
2144 · consolidate Autotools and CMake build (fd.o #64875, Ralf Habacker)
2145 · fix various unused variables, unusual build configurations
2146 etc. (fd.o #65712, #65990, #66005, #66257, #69165, #69410, #70218;
2147 Chengwei Yang, Vasiliy Balyasnyy)
2149 D-Bus 1.7.4 (2013-06-13)
2152 The “but is your thread-safety thread-safe?” release.
2156 • CVE-2013-2168: Fix misuse of va_list that could be used as a denial
2157 of service for system services. Vulnerability reported by Alexandru Cornea.
2162 • The Windows version of libdbus now contains a C++ source file, used
2163 to provide global initialization when the library is loaded.
2164 gcc (mingw*) users should ensure that g++ is also installed.
2166 • The libxml2-based configuration reader (which hasn't worked for 2.5 years,
2167 and was never the recommended option) has been removed. Expat is now a
2172 • It should now be safe to call dbus_threads_init_default() from any thread,
2173 at any time. Authors of loadable modules and plugins that use libdbus
2174 should consider doing so during initialization.
2175 (fd.o #54972, Simon McVittie)
2177 • Improve dbus-send documentation and command-line parsing (fd.o #65424,
2181 · dbus-run-session: experimental new tool to start a temporary D-Bus
2182 session, e.g. for regression tests or a text console, replacing
2183 certain uses of dbus-launch which weren't really correct
2184 (fd.o #39196, Simon)
2188 • In dbus-daemon, don't crash if a .service file starts with key=value
2189 (fd.o #60853, Chengwei Yang)
2192 · Fix a crash similar to CVE-2013-2168 the first time we try to use syslog
2193 on a platform not defining LOG_PERROR, such as Solaris or QNX.
2194 This regressed in 1.7.0. (Simon)
2195 · Fix an assertion failure if we try to activate systemd services before
2196 systemd connects to the bus (fd.o #50199, Chengwei Yang)
2197 · Avoid compiler warnings for ignoring the return from write()
2201 · Under cmake, install runtime libraries (DLLs) into bin/ instead of lib/
2202 so that Windows finds them (fd.o #59733, Ralf Habacker)
2204 D-Bus 1.7.2 (2013-04-25)
2207 The “only partially opaque” release.
2209 Configuration changes:
2211 • On non-QNX Unix platforms, the default limit on fds per message in the
2212 session bus configuration has reduced from 4096 to 1024. The default
2213 limit used on the system bus was already 1024. On QNX, both limits are
2214 reduced further, to 128.
2218 • D-Bus Specification 0.21
2219 · Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
2220 U+FDD0..U+FDEF are allowed in UTF-8 strings again. (fd.o #63072,
2225 • Diagnose incorrect use of dbus_connection_get_data() with negative slot
2226 (i.e. before allocating the slot) rather than returning junk
2227 (fd.o #63127, Dan Williams)
2229 • Fix a cmake build regression since 1.7.0 (fd.o #63682; Ralf Habacker,
2233 · On Linux, link successfully with glibc 2.17 (fd.o #63166, Simon McVittie)
2234 · Under systemd, log to syslog only, not stderr, avoiding duplication
2235 (fd.o #61399, #39987; Colin Walters, Dagobert Michelsen)
2236 · Under systemd, remove unnecessary dependency on syslog.socket
2237 (fd.o #63531, Cristian Rodríguez)
2238 · Include alloca.h for alloca() if available, fixing compilation on
2239 Solaris 10 (fd.o #63071, Dagobert Michelsen)
2240 · Allow use of systemd-logind without the rest of systemd
2241 (fd.o #62585, Martin Pitt)
2242 · When built with CMake, link to librt and use the right path for
2243 meinproc's XSLT stylesheets (fd.o #61637, Ralf Habacker)
2244 · Reduce the default limit on number of fds per message to 128 under
2245 QNX, working around an arbitrary OS limit (fd.o #61176, Matt Fischer)
2248 · Do not claim that all bus clients have the dbus-daemon's credentials;
2249 pick up local TCPv4 clients' credentials (process ID and security
2250 identifier, i.e. user) using GetExtendedTcpTable() (fd.o #61787,
2253 D-Bus 1.7.0 (2013-02-22)
2256 The "Disingenuous Assertions" release.
2258 This is a new development release, starting the 1.7.x branch. D-Bus 1.6
2259 remains the recommended version for long-term-supported distributions
2260 or the upcoming GNOME 3.8 release.
2262 Build-time configuration changes:
2264 • The --with-dbus-session-bus-default-address configure option is no longer
2265 supported. Use the new --with-dbus-session-bus-connect-address and
2266 --with-dbus-session-bus-listen-address options instead. On Windows, you
2267 usually want them to have the same argument; on Unix, the defaults are
2270 • Similarly, the DBUS_SESSION_BUS_DEFAULT_ADDRESS CMake variable is no longer
2271 supported; use the new DBUS_SESSION_BUS_LISTEN_ADDRESS and
2272 DBUS_SESSION_BUS_CONNECT_ADDRESS variables instead.
2274 • cmake/cross-compile.sh has been removed. Instead, please use a
2275 cross-toolchain file (-DCMAKE_TOOLCHAIN_FILE) as documented at
2276 <http://www.vtk.org/Wiki/CMake_Cross_Compiling>; or use Autotools
2277 as documented in "info automake Cross-Compilation", and set
2278 PKG_CONFIG_PATH appropriately.
2282 • Man pages now require xmlto (or either xmlto or meinproc, if using CMake).
2283 • man2html is no longer used.
2287 • D-Bus Specification 0.20
2288 · actually say that /org/freedesktop/DBus is the object that
2289 implements o.fd.DBus (fd.o #51865, Colin Walters)
2290 · various reorganisation for better clarity (fd.o #38252, Simon McVittie)
2291 · stop claiming that all basic types work just like INT32 (strings don't!)
2293 • The "source code" for the man pages is now Docbook XML, eliminating
2294 the outdated duplicate copies used when building with CMake.
2295 (fd.o #59805; Ralf Habacker, Simon McVittie)
2299 • In the activation helper, when compiled for tests, do not reset the system
2300 bus address, fixing the regression tests. (fd.o #52202, Simon)
2302 • Fix building with Valgrind 3.8, at the cost of causing harmless warnings
2303 with Valgrind 3.6 on some compilers (fd.o #55932, Arun Raghavan)
2305 • Merge <servicehelper> from system-local.conf if necessary (fd.o #51560,
2308 • Under CMake, prefer xmlto over meinproc (fd.o #59733, Ralf Habacker)
2310 • Stop duplicating CMake's own logic to find libexpat
2311 (fd.o #59733, Ralf Habacker)
2313 • Don't assume CMake host and build system are the same (fd.o #59733,
2316 • Avoid deprecation warnings for GLib 2.35 (fd.o #59971, Simon McVittie)
2319 · Check for functions in libpthread correctly, fixing compilation on
2320 (at least) OpenBSD (fd.o #47239, Simon)
2321 · Don't leak temporary fds pointing to /dev/null (fd.o #56927,
2323 · Update sd-daemon.[ch] from systemd (fd.o #60681)
2324 · Add partial support for QNX (fd.o #60339, fd.o #61176; Matt Fischer)
2327 · The default session bus listening and connecting address is now
2328 "autolaunch:", which makes D-Bus on Windows interoperate with itself
2329 and GDBus "out of the box". Use the configure options and cmake variables
2330 described above if you require a different autolaunch scope.
2331 (fd.o #38201, Simon McVittie)
2332 · Avoid a CMake warning under Cygwin (fd.o #59401, Ralf Habacker)
2334 • Create session.d, system.d directories under CMake (fd.o #41319,
2337 D-Bus 1.6.8 (2012-09-28)
2340 The "Fix one thing, break another" release.
2342 • Follow up to CVE-2012-3524: The additional hardening
2343 work to use __secure_getenv() as a followup to bug #52202
2344 broke certain configurations of gnome-keyring. Given
2345 the difficulty of making this work without extensive
2346 changes to gnome-keyring, use of __secure_getenv() is
2349 D-Bus 1.6.6 (2012-09-28)
2352 The "Clear the environment in your setuid binaries, please" release.
2354 • CVE-2012-3524: Don't access environment variables (fd.o #52202)
2355 Thanks to work and input from Colin Walters, Simon McVittie,
2356 Geoffrey Thomas, and others.
2358 · Fix compilation on Solaris (fd.o #53286, Jonathan Perkin)
2359 · Work around interdependent headers on OpenBSD by including sys/types.h
2360 before each use of sys/socket.h (fd.o #54418, Brad Smith)
2362 D-Bus 1.6.4 (2012-07-18)
2365 • Detect that users are "at the console" correctly when configured with
2366 a non-default path such as --enable-console-auth-dir=/run/console
2367 (fd.o #51521, Dave Reisner)
2369 • Remove an incorrect assertion from DBusTransport (fd.o #51657,
2372 • Make --enable-developer default to "no" (regression in 1.6.2;
2373 fd.o #51657, Simon McVittie)
2376 · Launch dbus-daemon correctly if its path contains a space
2377 (fd.o #49450, Wolfgang Baron)
2379 D-Bus 1.6.2 (2012-06-27)
2382 The "Ice Cabbage" release.
2384 • Change how we create /var/lib/dbus so it works under Automake >= 1.11.4
2385 (fd.o #51406, Simon McVittie)
2387 • Don't return from dbus_pending_call_set_notify with a lock held on OOM
2388 (fd.o #51032, Simon McVittie)
2390 • Disconnect "developer mode" (assertions, verbose mode etc.) from
2391 Automake maintainer mode. D-Bus developers should now configure with
2392 --enable-developer. Automake maintainer mode is now on by default;
2393 distributions can disable it with --disable-maintainer-mode.
2394 (fd.o #34671, Simon McVittie)
2396 • Automatically define DBUS_STATIC_BUILD in static-only Autotools builds,
2397 fixing linking when targeting Windows (fd.o #33973; william, Simon McVittie)
2400 · Check for libpthread under CMake on Unix (fd.o #47237, Simon McVittie)
2402 D-Bus 1.6.0 (2012-06-05)
2405 The “soul of this machine has improved” release.
2407 This version starts a new stable branch of D-Bus: only bug fixes will
2408 be accepted into 1.6.x. Other changes will now go to the 1.7.x branch.
2410 Summary of changes since 1.4.x:
2413 · PTHREAD_MUTEX_RECURSIVE on Unix
2414 · compiler support for 64-bit integers (int64_t or equivalent)
2416 • D-Bus Specification v0.19
2418 • New dbus-daemon features
2419 · <allow own_prefix="com.example.Service"/> rules allow the service to
2420 own names like com.example.Service.Instance3
2421 · optional systemd integration when checking at_console policies
2422 · --nopidfile option, mainly for use by systemd
2423 · path_namespace and arg0namespace may appear in match rules
2424 · eavesdropping is disabled unless the match rule contains eavesdrop=true
2427 · functions to validate various string types (dbus_validate_path() etc.)
2428 · dbus_type_is_valid()
2429 · DBusBasicValue, a union of every basic type
2432 · removed an unsafe reimplementation of recursive mutexes
2433 · dbus-daemon no longer busy-loops if it has far too many file descriptors
2434 · dbus-daemon.exe --print-address works on Windows
2435 · all the other bug fixes from 1.4.20
2437 • Other major implementation changes
2438 · on Linux, dbus-daemon uses epoll if supported, for better scalability
2439 · dbus_threads_init() ignores its argument and behaves like
2440 dbus_threads_init_default() instead
2441 · removed the per-connection link cache, improving dbus-daemon performance
2443 • Developer features
2444 · optional Valgrind instrumentation (--with-valgrind)
2445 · optional Stats interface on the dbus-daemon (--enable-stats)
2446 · optionally abort whenever malloc() fails (--enable-embedded-tests
2447 and export DBUS_MALLOC_CANNOT_FAIL=1)
2449 Changes since 1.5.12:
2451 • Be more careful about monotonic time vs. real time, fixing DBUS_COOKIE_SHA1
2452 spec-compliance (fd.o #48580, David Zeuthen)
2454 • Don't use install(1) within the source/build trees, fixing the build as
2455 non-root when using OpenBSD install(1) (fd.o #48217, Antoine Jacoutot)
2457 • Add missing commas in some tcp and nonce-tcp addresses, and remove
2458 an unused duplicate copy of the nonce-tcp transport in Windows builds
2459 (fd.o #45896, Simon McVittie)
2461 D-Bus 1.5.12 (2012-03-27)
2464 The “Big Book of Science” release.
2466 • Add public API to validate various string types:
2467 dbus_validate_path(), dbus_validate_interface(), dbus_validate_member(),
2468 dbus_validate_error_name(), dbus_validate_bus_name(), dbus_validate_utf8()
2469 (fd.o #39549, Simon McVittie)
2471 • Turn DBusBasicValue into public API so bindings don't need to invent their
2472 own "union of everything" type (fd.o #11191, Simon McVittie)
2474 • Enumerate data files included in the build rather than using find(1)
2475 (fd.o #33840, Simon McVittie)
2477 • Add support for policy rules like <allow own_prefix="com.example.Service"/>
2478 in dbus-daemon (fd.o #46273, Alban Crequy)
2481 · make dbus-daemon.exe --print-address (and --print-pid) work again
2482 on Win32, but not on WinCE (fd.o #46049, Simon McVittie)
2483 · fix duplicate case value when compiling against mingw-w64
2484 (fd.o #47321, Andoni Morales Alastruey)
2486 D-Bus 1.5.10 (2012-02-21)
2489 The "fire in Delerium" release.
2491 On Unix platforms, PTHREAD_MUTEX_RECURSIVE (as specified in POSIX 2008 Base
2492 and SUSv2) is now required.
2494 • D-Bus Specification 0.19:
2495 · Formally define unique connection names and well-known bus names,
2496 and document best practices for interface, bus, member and error names,
2497 and object paths (fd.o #37095, Simon McVittie)
2498 · Document the search path for session and system services on Unix, and
2499 where they should be installed by build systems (fd.o #21620, fd.o #35306;
2501 · Document the systemd transport (fd.o #35232, Lennart Poettering)
2503 • Make dbus_threads_init() use the same built-in threading implementation
2504 as dbus_threads_init_default(); the user-specified primitives that it
2505 takes as a parameter are now ignored (fd.o #43744, Simon McVittie)
2507 • Allow all configured auth mechanisms, not just one (fd.o #45106,
2510 • Improve cmake build system (Ralf Habacker):
2511 · simplify XML parser dependencies (fd.o #41027)
2512 · generate build timestamp (fd.o #41029)
2513 · only create batch files on Windows
2514 · fix option and cache syntax
2515 · add help-options target
2516 · share dbus-arch-deps.h.in with autotools rather than having our
2517 own version (fd.o #41033)
2519 • Build tests successfully with older GLib, as found in e.g. Debian 6
2520 (fd.o #41219, Simon McVittie)
2522 • Avoid use of deprecated GThread API (fd.o #44413, Martin Pitt)
2524 • Build documentation correctly if man2html doesn't support filenames on
2525 its command-line (fd.o #43875, Jack Nagel)
2527 • Improve test coverage. To get even more coverage, run the tests with
2528 DBUS_TEST_SLOW=1 (fd.o #38285, #42811; Simon McVittie)
2530 • Reduce the size of the shared library by moving functionality only used
2531 by dbus-daemon, tests etc. into their internal library and deleting
2532 unused code (fd.o #34976, #39759; Simon McVittie)
2534 • Add dbus-daemon --nopidfile option, overriding the configuration, for
2535 setups where the default configuration must include <pidfile/> to avoid
2536 breaking traditional init, but the pid file is in fact unnecessary; use
2537 it under systemd to improve startup time a bit (fd.o #45520,
2540 • Optionally (if configured --with-valgrind) add instrumentation to debug
2541 libdbus and associated tools more meaningfully under Valgrind
2542 (fd.o #37286, Simon McVittie)
2544 • Improve the dbus-send(1) man page (fd.o #14005, Simon McVittie)
2546 • Make dbus-protocol.h compatible with C++11 (fd.o #46147, Marc Mutz)
2548 • If tests are enabled and DBUS_MALLOC_CANNOT_FAIL is set in the environment,
2549 abort on failure to malloc() (like GLib does), to turn runaway memory leaks
2550 into a debuggable core-dump if a resource limit is applied (fd.o #41048,
2553 • Don't crash if realloc() returns NULL in a debug build (fd.o #41048,
2557 · Replace our broken reimplementation of recursive mutexes, which has
2558 been broken since 2006, with an ordinary pthreads recursive mutex
2559 (fd.o #43744; Sigmund Augdal, Simon McVittie)
2560 · Use epoll(7) for a more efficient main loop in Linux; equivalent patches
2561 welcomed for other OSs' equivalents like kqueue, /dev/poll, or Solaris
2562 event ports (fd.o #33337; Simon McVittie, Ralf Habacker)
2563 · When running under systemd, use it instead of ConsoleKit to check
2564 whether to apply at_console policies (fd.o #39609, Lennart Poettering)
2565 · Avoid a highly unlikely fd leak (fd.o #29881, Simon McVittie)
2566 · Don't close invalid fd -1 if getaddrinfo fails (fd.o #37258, eXeC001er)
2567 · Don't touch ~/.dbus and ~/.dbus-keyrings when running 'make installcheck'
2568 (fd.o #41218, Simon McVittie)
2569 · Stop pretending we respect XDG_DATA_DIRS for system services: the launch
2570 helper doesn't obey environment variables to avoid privilege escalation
2571 attacks, so make the system bus follow the same rules
2572 (fd.o #21620, Simon McVittie)
2575 · Find the dbus-daemon executable next to the shared library (fd.o #41558;
2576 Jesper Dam, Ralf Habacker)
2577 · Remove the faulty implementation of _dbus_condvar_wake_all (fd.o #44609,
2580 D-Bus 1.5.8 (2011-09-21)
2583 The "cross-metering" release.
2585 In addition to dead code removal and refactoring, this release contains all
2586 of the bugfixes from 1.4.16.
2588 • Clean up dead code, and make more warnings fatal in development builds
2589 (fd.o #39231, fd.o #41012; Simon McVittie)
2591 • If full test coverage is requested via --enable-tests, strictly require
2592 Python, pygobject and dbus-python, which are required by some tests; if not,
2593 and Python is missing, skip those tests rather than failing
2594 (fd.o #37847, Simon McVittie)
2596 • When using cmake, provide the same version-info API in the installed headers
2597 as for autotools (DBUS_VERSION, etc.) (fd.o #40905, Ralf Habacker)
2599 • Add a regression test for fd.o #38005 (fd.o #39836, Simon McVittie)
2601 • Make "NOCONFIGURE=1 ./autogen.sh" not run configure (Colin Walters)
2603 • Add _DBUS_STATIC_ASSERT and use it to check invariants (fd.o #39636,
2606 • Fix duplicates in authors list (Ralf Habacker)
2608 • Fix broken links from dbus-tutorial.html if $(htmldir) != $(docdir)
2609 (fd.o #39879, Chris Mayo)
2611 • Fix a small memory leak, and a failure to report errors, when updating
2612 a service file entry for activation (fd.o #39230, Simon McVittie)
2615 · Clean up (non-abstract) Unix sockets on bus daemon exit (fd.o #38656;
2616 Brian Cameron, Simon McVittie)
2617 · On systems that use libcap-ng but not systemd, drop supplemental groups
2618 when switching to the daemon user (Red Hat #726953, Steve Grubb)
2619 · Make the cmake build work again on GNU platforms (fd.o #29228,
2621 · Fix compilation on non-C99 systems that have inttypes.h but not stdint.h,
2622 like Solaris (fd.o #40313, Dagobert Michelsen)
2623 · Define CMSG_ALIGN, CMSG_LEN, CMSG_SPACE on Solaris < 10
2624 (fd.o #40235, Simon McVittie)
2625 · Cope with Unixes that don't have LOG_PERROR, like Solaris 10
2626 (fd.o #39987, Simon McVittie)
2627 · Cope with platforms whose vsnprintf violates both POSIX and C99, like
2628 Tru64, IRIX and HP-UX (fd.o #11668, Simon McVittie)
2631 · Fix compilation on MSVC, which doesn't understand "inline" with its
2632 C99 meaning (fd.o #40000; Ralf Habacker, Simon McVittie)
2633 · Fix misuse of GPid in test/dbus-daemon.c (fd.o #40003, Simon McVittie)
2634 · Fix cross-compilation to Windows with Automake (fd.o #40003, Simon McVittie)
2636 D-Bus 1.5.6 (2011-07-29)
2639 The "weird, gravy-like aftertaste" release.
2641 In addition to new features and refactoring, this release contains all of the
2642 bugfixes from 1.4.14.
2644 Potentially incompatible (Bustle and similar debugging tools will need
2645 changes to work as intended):
2647 • Do not allow match rules to "eavesdrop" (receive messages intended for a
2648 different recipient) by mistake: eavesdroppers must now opt-in to this
2649 behaviour by putting "eavesdrop='true'" in the match rule, which will
2650 not have any practical effect on buses where eavesdropping is not allowed
2651 (fd.o #37890, Cosimo Alfarano)
2655 • D-Bus Specification version 0.18 (fd.o #37890, fd.o #39450, fd.o #38252;
2656 Cosimo Alfarano, Simon McVittie)
2657 · add the "eavesdrop" keyword to match rules
2658 · define eavesdropping, unicast messages and broadcast messages
2659 · stop claiming that match rules are needed to match unicast messages to you
2660 · promote the type system to be a top-level section
2662 • Use DBUS_ERROR_OBJECT_PATH_IN_USE if dbus_connection_try_register_object_path
2663 or dbus_connection_try_register_fallback fails, not ...ADDRESS_IN_USE,
2664 and simplify object-path registration (fd.o #38874, Jiří Klimeš)
2666 • Consistently use atomic operations on everything that is ever manipulated
2667 via atomic ops, as was done for changes to DBusConnection's refcount in
2668 1.4.12 (fd.o #38005, Simon McVittie)
2670 • Fix a file descriptor leak when connecting to a TCP socket (fd.o #37258,
2673 • Make "make check" in a clean tree work, by not running tests until
2674 test data has been set up (fd.o #34405, Simon McVittie)
2676 • The dbus-daemon no longer busy-loops if it has a very large number of file
2677 descriptors (fd.o #23194, Simon McVittie)
2679 • Refactor message flow through dispatching to avoid locking violations if
2680 the bus daemon's message limit is hit; remove the per-connection link cache,
2681 which was meant to improve performance, but now reduces it (fd.o #34393,
2684 • Some cmake fixes (Ralf Habacker)
2686 • Remove dead code, mainly from DBusString (fd.o #38570, fd.o #39610;
2687 Simon McVittie, Lennart Poettering)
2689 • Stop storing two extra byte order indicators in each D-Bus message
2690 (fd.o #38287, Simon McVittie)
2692 • Add an optional Stats interface which can be used to get statistics from
2693 a running dbus-daemon if enabled at configure time with --enable-stats
2694 (fd.o #34040, Simon McVittie)
2696 • Fix various typos (fd.o #27227, fd.o #38284; Sascha Silbe, Simon McVittie)
2698 • Documentation (fd.o #36156, Simon McVittie):
2699 · let xsltproc be overridden as usual: ./configure XSLTPROC=myxsltproc
2700 · install more documentation automatically, including man2html output
2701 · put dbus.devhelp in the right place (it must go in ${htmldir})
2704 · look for system services in /lib/dbus-1/system-services in addition to all
2705 the other well-known locations; note that this should always be /lib,
2706 even on platforms where shared libraries on the root FS would go in /lib64,
2707 /lib/x86_64-linux-gnu or similar (fd.o #35229, Lennart Poettering)
2708 · opt-in to fd passing on Solaris (fd.o #33465, Simon McVittie)
2710 • Windows-specific (Ralf Habacker):
2711 · fix use of a mutex for autolaunch server detection
2712 · don't crash on malloc failure in _dbus_printf_string_upper_bound
2714 D-Bus 1.5.4 (2011-06-10)
2717 Security (local denial of service):
2719 • Byte-swap foreign-endian messages correctly, preventing a long-standing
2720 local DoS if foreign-endian messages are relayed through the dbus-daemon
2721 (backporters: this is git commit c3223ba6c401ba81df1305851312a47c485e6cd7)
2722 (CVE-2011-2200, fd.o #38120, Debian #629938; Simon McVittie)
2726 • The constant to use for an infinite timeout now has a name,
2727 DBUS_TIMEOUT_INFINITE. It is numerically equivalent to 0x7fffffff (INT32_MAX)
2728 which can be used for source compatibility with older versions of libdbus.
2730 • If GLib and DBus-GLib are already installed, more tests will be built,
2731 providing better coverage. The new tests can also be installed via
2732 ./configure --enable-installed-tests
2733 for system integration testing, if required. (fd.o #34570, Simon McVittie)
2737 • Consistently use atomic operations for the DBusConnection's refcount,
2738 fixing potential threading problems (fd.o #38005, Simon McVittie)
2740 • Don't use -Wl,--gc-sections by default: in practice the size decrease is
2741 small (300KiB on x86-64) and it frequently doesn't work in unusual
2742 toolchains. To optimize for minimum installed size, you should benchmark
2743 various possibilities for CFLAGS and LDFLAGS, and set the best flags for
2744 your particular toolchain at configure time. (fd.o #33466, Simon McVittie)
2746 • Use #!/bin/sh for run-with-tmp-session-bus.sh, making it work on *BSD
2747 (fd.o #35880, Timothy Redaelli)
2749 • Use ln -fs to set up dbus for systemd, which should fix reinstallation
2750 when not using a DESTDIR (fd.o #37870, Simon McVittie)
2752 • Windows-specific changes:
2753 · don't try to build dbus-daemon-launch-helper (fd.o #37838, Mark Brand)
2755 D-Bus 1.5.2 (2011-06-01)
2758 The "Boar Hunter" release.
2760 Notes for distributors:
2762 This version of D-Bus no longer uses -fPIE by default. Distributions wishing
2763 to harden the dbus-daemon and dbus-launch-helper can re-enable this if their
2764 toolchain supports it reliably, via something like:
2766 ./configure CFLAGS=-fPIE LDFLAGS="-pie -Wl,-z,relro"
2768 or by using distribution-specific wrappers such as Debian's hardening-wrapper.
2772 • D-Bus Specification v0.17
2773 · Reserve the extra characters used in signatures by GVariant
2774 (fd.o #34529, Simon McVittie)
2775 · Define the ObjectManager interface (fd.o #34869, David Zeuthen)
2776 • Don't force -fPIE: distributions and libtool know better than we do whether
2777 it's desirable (fd.o #16621, fd.o #27215; Simon McVittie)
2778 • Allow --disable-gc-sections, in case your toolchain offers the
2779 -ffunction-sections, -fdata-sections and -Wl,--gc-sections options
2780 but they're broken, as seen on Solaris (fd.o #33466, Simon McVittie)
2781 • Install dbus-daemon and dbus-daemon-launch-helper in a more normal way
2782 (fd.o #14512; Simon McVittie, loosely based on a patch from Luca Barbato)
2783 • Ensure that maintainers upload documentation with the right permissions
2784 (fd.o #36130, Simon McVittie)
2785 • Don't force users of libdbus to be linked against -lpthread, -lrt
2786 (fd.o #32827, Simon McVittie)
2787 • Log system-bus activation information to syslog (fd.o #35705,
2789 • Log messages dropped due to quotas to syslog (fd.o #35358,
2791 • Make the nonce-tcp transport work on Unix (fd.o #34569, Simon McVittie)
2792 • On Unix, if /var/lib/dbus/machine-id cannot be read, try /etc/machine-id
2793 (fd.o #35228, Lennart Poettering)
2794 • In the regression tests, don't report fds as "leaked" if they were open
2795 on startup (fd.o #35173, Simon McVittie)
2796 • Make dbus-monitor bail out if asked to monitor more than one bus,
2797 rather than silently using the last one (fd.o #26548, Will Thompson)
2798 • Clarify documentation (fd.o #35182, Simon McVittie)
2799 • Clean up minor dead code and some incorrect error handling
2800 (fd.o #33128, fd.o #29881; Simon McVittie)
2801 • Check that compiler options are supported before using them (fd.o #19681,
2804 • Remove obsolete workaround for winioctl.h (fd.o #35083, Ralf Habacker)
2806 D-Bus 1.5.0 (2011-04-11)
2809 The "you never know when you need to tow something from your giant
2810 flying shark" release.
2812 • D-Bus Specification v0.16
2813 · Add support for path_namespace and arg0namespace in match rules
2814 (fd.o #24317, #34870; Will Thompson, David Zeuthen, Simon McVittie)
2815 · Make argNpath support object paths, not just object-path-like strings,
2816 and document it better (fd.o #31818, Will Thompson)
2817 • Let the bus daemon implement more than one interface (fd.o #33757,
2819 • Optimize _dbus_string_replace_len to reduce waste (fd.o #21261,
2821 • Require user intervention to compile with missing 64-bit support
2822 (fd.o #35114, Simon McVittie)
2823 • Add dbus_type_is_valid as public API (fd.o #20496, Simon McVittie)
2824 • Raise UnknownObject instead of UnknownMethod for calls to methods on
2825 paths that are not part of the object tree, and UnknownInterface for calls
2826 to unknown interfaces in the bus daemon (fd.o #34527, Lennart Poettering)
2828 D-Bus 1.4.8 (2011-04-08)
2831 The "It's like the beginning of a lobster" release.
2833 • Rename configure.in to configure.ac, and update it to modern conventions
2834 (fd.o #32245; Javier Jardón, Simon McVittie)
2835 • Correctly give XDG_DATA_HOME priority over XDG_DATA_DIRS (fd.o #34496,
2837 • Prevent X11 autolaunching if $DISPLAY is unset or empty, and add
2838 --disable-x11-autolaunch configure option to prevent it altogether
2839 in embedded environments (fd.o #19997, NB#219964; Simon McVittie)
2840 • Install the documentation, and an index for Devhelp (fd.o #13495,
2841 Debian #454142; Simon McVittie, Matthias Clasen)
2842 • If checks are not disabled, check validity of string-like types and
2843 booleans when sending them (fd.o #16338, NB#223152; Simon McVittie)
2844 • Add UnknownObject, UnknownInterface, UnknownProperty and PropertyReadOnly
2845 errors to dbus-shared.h (fd.o #34527, Lennart Poettering)
2846 • Break up a huge conditional in config-parser so gcov can produce coverage
2847 data (fd.o #10887, Simon McVittie)
2848 • List which parts of the Desktop Entry specification are applicable to
2849 .service files (fd.o #19159, Sven Herzberg)
2850 • Don't suppress service activation if two services have the same Exec=
2851 (fd.o #35750, Colin Walters)
2853 · Avoid the name ELEMENT_TYPE due to namespace-pollution from winioctl.h
2855 · Include _dbus_path_is_absolute in libdbus on Windows, fixing compilation
2856 (fd.o #32805, Mark Brand)
2858 D-Bus 1.4.6 (2010-02-17)
2861 The "1, 2, miss a few, 99, 100" release.
2863 • Remove unfinished changes intended to support GTest-based tests,
2864 which were mistakenly included in 1.4.4
2866 D-Bus 1.4.4 (2010-02-17)
2869 • Switch back to using even micro versions for stable releases; 1.4.1
2870 should have been called 1.4.2, so skip that version number
2871 • Don't leave bad file descriptors being watched when spawning processes,
2872 which could result in a busy-loop (fd.o #32992, NB#200248; possibly
2873 also LP#656134, LP#680444, LP#713157)
2874 • Check for MSG_NOSIGNAL correctly
2875 • Fix failure to detect abstract socket support (fd.o #29895)
2876 • Make _dbus_system_logv actually exit with DBUS_SYSTEM_LOG_FATAL
2877 (fd.o #32262, NB#180486)
2878 • Improve some error code paths (fd.o #29981, fd.o #32264, fd.o #32262,
2879 fd.o #33128, fd.o #33277, fd.o #33126, NB#180486)
2880 • Avoid possible symlink attacks in /tmp during compilation (fd.o #32854)
2881 • Tidy up dead code (fd.o #25306, fd.o #33128, fd.o #34292, NB#180486)
2882 • Improve gcc malloc annotations (fd.o #32710)
2883 • If the system bus is launched via systemd, protect it from the OOM killer
2884 • Documentation improvements (fd.o #11190)
2885 • Avoid readdir_r, which is difficult to use correctly (fd.o #8284,
2886 fd.o #15922, LP#241619)
2887 • Cope with invalid files in session.d, system.d (fd.o #19186,
2889 • Don't distribute generated files that embed our builddir (fd.o #30285,
2891 • Raise the system bus's fd limit to be sufficient for its configuration
2892 (fd.o #33474, LP#381063)
2893 • Fix syslog string processing
2895 • Remove broken gcov parsing code and --enable-gcov, and replace them
2896 with lcov HTML reports and --enable-compiler-coverage (fd.o #10887)
2898 · avoid live-lock in Windows CE due to unfair condition variables
2900 · support credentials-passing (fd.o #32542)
2902 · opt-in to thread safety (fd.o #33464)
2904 D-Bus 1.4.1 (20 December 2010)
2907 • Fix for CVE-2010-4352: sending messages with excessively-nested variants can
2908 crash the bus. The existing restriction to 64-levels of nesting previously
2909 only applied to the static type signature; now it also applies to dynamic
2910 nesting using variants. Thanks to Rémi Denis-Courmont for discoving this
2912 • OS X portability fixes, including launchd support.
2913 • Windows autolaunch improvements.
2914 • Various bug fixes.
2916 D-Bus 1.4.0 (6 Sep 2010)
2920 D-Bus 1.3.1 (23 June 2010)
2922 - New standardized PropertiesChanged signal in the properties interface
2923 - Various portability fixes, in particular to Windows platforms
2924 - Support forking bus services, for compatibility
2926 D-Bus 1.3.0 (29 July 2009)
2928 - ability for dbus-send to send to any bus (--address)
2929 - file descriptor passing on Unix socket transports
2930 - use of GCC atomic intrinsics for better processor support
2931 (requires -march=i486 or above for x86 compilation)
2932 - thread-safe FD_CLOEXEC setting on recent Linux kernels (2.6.24-27 and up)
2933 and glibc (2.9 for pipe2 and 2.10 for accept4)
2934 - feature negotiation in the bus daemon