-D-Bus 1.8.8 (UNRELEASED)
+D-Bus 1.9.0 (UNRELEASED)
==
-...
+Requirements:
+
+• Support for the systemd: (LISTEN_FDS) pseudo-transport on Linux now
+ requires the sd-daemon shared library, dropping the embedded convenience
+ copy (fd.o #71818, Simon)
+
+Build-time configuration changes:
+
+• The CMake build system now builds the same shared library name as Autotools
+ on at least Linux and Windows:
+ - on Linux (and perhaps other Unix platforms), it previously built
+ libdbus-1.so, but now builds libdbus-1.so.3.* with development
+ symlink libdbus-1.so and SONAME/symlink libdbus-1.so.3
+ - on Windows, it previously built either libdbus-1.dll (release) or
+ libdbus-1d.dll (debug), but now builds libdbus-1-3.dll, copied to
+ libdbus-1.dll for compatibility with older applications.
+ (fd.o #74117, Ralf Habacker)
+
+Enhancements:
+
+• on Unix platforms, disable Nagle's algorithm on TCP connections to improve
+ initial latency (fd.o #75544, Matt Hoosier)
+
+• use backtrace() if it is in -lexecinfo instead of libc, as on NetBSD
+ (fd.o #69702, Patrick Welche)
+
+Fixes:
+
- • When dbus-launch --exit-with-session starts a dbus-daemon but then cannot
- attach to a session, kill the dbus-daemon as intended
- (fd.o #74698, Роман Донченко)
-
+• fix an incorrect error message if a Unix socket path is too long
+ (fd.o #73887, Antoine Jacoutot)
+
+• in an MSYS/Cygwin environment, pass Unix-style filenames to xmlto,
+ fixing documentation generation (fd.o #75860, Руслан Ижбулатов)
+
+• in Unix with X11, avoid giving dbus-launch a misleading argv[0]
+ in ps(1) (fd.o #69716, Chengwei Yang)
+
+• avoid calling poll() with timeout < -1, which is considered invalid
+ on FreeBSD and NetBSD (fd.o #78480, Jaap Boender)
+
+• be portable to BSD-derived platforms where O_CLOEXEC is unavailable in libc
+ (like Mac OS X 10.6), or available in libc but unsupported by the kernel
+ (fd.o #77032; rmvsxop, OBATA Akio, Patrick Welche)
+ D-Bus 1.8.6 (2014-06-02)
+ ==
+
+ Security fixes:
+
+ • On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently drop
+ the message. This prevents an attack in which a malicious client can
+ make dbus-daemon disconnect a system service, which is a local
+ denial of service.
+ (fd.o #80163, CVE-2014-3532; Alban Crequy)
+
+ • Track remaining Unix file descriptors correctly when more than one
+ message in quick succession contains fds. This prevents another attack
+ in which a malicious client can make dbus-daemon disconnect a system
+ service.
+ (fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
+ Simon McVittie, Alban Crequy)
+
+ Other fixes:
+
+ • When dbus-launch --exit-with-session starts a dbus-daemon but then cannot
+ attach to a session, kill the dbus-daemon as intended
+ (fd.o #74698, Роман Донченко)
+
D-Bus 1.8.4 (2014-06-10)
==