stable and Debian testing in addition to the older Ubuntu that is
the default (fd.o #98889, Simon McVittie)
+• Avoid some deprecated CMake functions (fd.o #99586, Ralf Habacker)
+
+• Silence many -Wswitch-enum and -Wswitch-default warnings
+ (fd.o #98191; Thomas Zimmermann, Simon McVittie)
+
+• Install a sysusers.d snippet so `dbus-daemon --system` can be used
+ with an unpopulated /etc (fd.o #99162, Lennart Poettering)
+
+• Install pkg-config metadata on Unix even if building with CMake
+ (fd.o #99752, Ralf Habacker)
+
+• Exclude auth mechanisms from REJECTED message if they are supported
+ in the code but but configured to be disallowed (fd.o #99621,
+ Ralf Habacker)
+
Fixes:
-D-Bus 1.10.14 (2016-11-28)
+ • Prevent symlink attacks in the nonce-tcp transport on Unix that could
+ allow an attacker to overwrite a file named "nonce", in a directory
+ that the user running dbus-daemon can write, with a random value
+ known only to the user running dbus-daemon. This is unlikely to be
+ exploitable in practice, particularly since the nonce-tcp transport
+ is really only useful on Windows.
+
+ On Unix systems we strongly recommend using only the unix: and systemd:
+ transports, together with EXTERNAL authentication. These are the only
+ transports and authentication mechanisms enabled by default.
+
+ (fd.o #99828, Simon McVittie)
+
+ • Avoid symlink attacks in the "embedded tests", which are not enabled
+ by default and should never be enabled in production builds of dbus.
+ (fd.o #99828, Simon McVittie)
+
+• Fix the implementation of re-enabling a timeout so that its
+ countdown is restarted as intended, instead of continually
+ decreasing. (fd.o #95619; Michal Koutný, Simon McVittie)
+
+• When receiving a message with file descriptors, do not start reading
+ the beginning of the next message, so that only one such message
+ is processed at a time. In conjunction with the fix for #95619
+ this means that processes sending many file descriptors, such as
+ systemd-logind on a system that receives very rapid ssh connections,
+ are not treated as abusive and kicked off the bus. Revert the previous
+ workaround that special-cased uid 0.
+ (fd.o #95263, LP#1591411; Simon McVittie)
+
+• Do not require TMPDIR, TEMP or TMP to be set when cross-compiling
+ for Windows with CMake (fd.o #99586, Ralf Habacker)
+
+• Do not set Unix-specific variables when targeting Windows
+ (fd.o #99586, Ralf Habacker)
+
+• Install Unix executables to ${CMAKE_INSTALL_PREFIX}/bin as intended,
+ not ${CMAKE_INSTALL_PREFIX}/lib (fd.o #99752, Ralf Habacker)
+
+• Use relative install locations in CMake on Unix to respect DESTDIR,
+ and use GNU-style install layout (fd.o #99721, #99752; Ralf Habacker)
+
+• Install dbus-arch-deps.h correctly when using CMake
+ (fd.o #99586, #99721; Ralf Habacker)
+
+• Improve argument validation for `dbus-test-tool spam`
+ (ffd.o #99693, Coverity #54759; Philip Withnall)
+
+• Don't shift by a negative integer if a hash table becomes monstrously
+ large (fd.o #99641, Coverity #54682; Philip Withnall)
+
+• Don't leak LSM label if dbus-daemon runs out of memory when dealing with
+ a new connection (fd.o #99612, Coverity #141058; Philip Withnall)
+
+• Remove an unnecessary NULL check
+ (fd.o #99642, Coverity #141062; Philip Withnall)
+
+• Improve error handling in unit tests and dbus-send
+ (fd.o #99643, #99694, #99712, #99722, #99723, #99724, #99758,
+ #99759, #99793, Coverity #54688, #54692, #54693, #54697, #54701,
+ #54710, #54711, #54714, #54715, #54718, #54721, #54724, #54726,
+ #54730, #54740, #54822, #54823, #54824, #54825; Philip Withnall)
+
+• Do not print verbose messages' timestamps to stderr if the actual message
+ has been redirected to the Windows debug port (fd.o #99749, Ralf Habacker)
+
+D-Bus 1.11.8 (2016-11-28)
==
-The “Well, other bands know more than three chords” release.
+The “panics in the face of breakfast foods” release.
+
+Build-time configuration:
+
+• The new --enable-debug configure option provides an easy way to
+ enable debug symbols, disable optimization and/or enable profiling.
+
+• The --enable-compile-warnings configure option can be used to control
+ compiler warnings.
+
+• The --disable-compiler-optimisations configure option is no longer
+ supported. Use --enable-debug=yes or CFLAGS=-O0 instead.
+
+Enhancements:
+
+• D-Bus Specification version 0.30
+ · Define the jargon term "activation" more clearly
+ · Define the jargon term "auto-starting", which is one form of activation
+ · Document the optional SystemdService key in service files
+ · Use versioned interface and bus names in most examples
+ · Clarify intended behaviour of Properties.GetAll
+ (fd.o #36190, fd.o #98671; Philip Withnall, Simon McVittie)
+
+• Fix and enable a lot of compiler warnings to improve future code
+ quality. This might incidentally also fix some environment variable
+ accesses on OS X.
+ · In particular, printf-style functions in the libdbus API are now annotated
+ with __attribute__((__format__(__printf__, *, *))) when compiling with
+ gcc or clang. This might make printf bugs in other software visible
+ at compile time.
+ (fd.o #97357, fd.o #98192, fd.o #98195, fd.o #98658;
+ Thomas Zimmermann, Simon McVittie)
+
+• When running with AppArmor mediation (for example using Ubuntu's patched
+ Linux kernel), clients can no longer auto-start services unless they would
+ have been able to send the auto-starting message to the service after it
+ starts. StartServiceByName() is unaffected, and continues to be allowed by
+ default in AppArmor's <abstractions/dbus-strict> and
+ <abstractions/dbus-session-strict>. (fd.o #98666, Simon McVittie)
Fixes:
projects / platform / upstream / dbus.git / commitdiff