[arch-dev-public] [signoff] dbus-core 1.4.12-1
Hi, please signoff D-Bus 1.4.12 (2011-06-10) == Security (local denial of service): • Byte-swap foreign-endian messages correctly, preventing a long-standing local DoS if foreign-endian messages are relayed through the dbus-daemon (backporters: this is git commit c3223ba6c401ba81df1305851312a47c485e6cd7) (fd.o #38120, Debian #629938, no CVE number yet; Simon McVittie) D-Bus 1.4.10 (2011-06-01) == The "Ape Ale" release. Notes for distributors: This version of D-Bus no longer uses -fPIE by default. Distributions wishing to harden the dbus-daemon and dbus-launch-helper can re-enable this if their toolchain supports it reliably, via something like: ./configure CFLAGS=-fPIE LDFLAGS="-pie -Wl,-z,relro" for more read them from: http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.4 -- Ionuț
On Fri, Jun 24, 2011 at 05:09:16PM +0300, Ionut Biru wrote:
Hi,
please signoff
D-Bus 1.4.12 (2011-06-10) ==
Security (local denial of service):
• Byte-swap foreign-endian messages correctly, preventing a long-standing local DoS if foreign-endian messages are relayed through the dbus-daemon (backporters: this is git commit c3223ba6c401ba81df1305851312a47c485e6cd7) (fd.o #38120, Debian #629938, no CVE number yet; Simon McVittie)
D-Bus 1.4.10 (2011-06-01) ==
The "Ape Ale" release.
Notes for distributors:
This version of D-Bus no longer uses -fPIE by default. Distributions wishing to harden the dbus-daemon and dbus-launch-helper can re-enable this if their toolchain supports it reliably, via something like:
./configure CFLAGS=-fPIE LDFLAGS="-pie -Wl,-z,relro"
for more read them from: http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.4
-- Ionuț
systemd still boots and systemctl is happy. Signoff i686 and x86_64
On Fri, Jun 24, 2011 at 5:45 PM, Dave Reisner <d@falconindy.com> wrote:
On Fri, Jun 24, 2011 at 05:09:16PM +0300, Ionut Biru wrote:
Hi,
please signoff
D-Bus 1.4.12 (2011-06-10) ==
Security (local denial of service):
• Byte-swap foreign-endian messages correctly, preventing a long-standing local DoS if foreign-endian messages are relayed through the dbus-daemon (backporters: this is git commit c3223ba6c401ba81df1305851312a47c485e6cd7) (fd.o #38120, Debian #629938, no CVE number yet; Simon McVittie)
D-Bus 1.4.10 (2011-06-01) ==
The "Ape Ale" release.
Notes for distributors:
This version of D-Bus no longer uses -fPIE by default. Distributions wishing to harden the dbus-daemon and dbus-launch-helper can re-enable this if their toolchain supports it reliably, via something like:
./configure CFLAGS=-fPIE LDFLAGS="-pie -Wl,-z,relro"
for more read them from: http://cgit.freedesktop.org/dbus/dbus/tree/NEWS?h=dbus-1.4
-- Ionuț
systemd still boots and systemctl is happy.
KDE is happy too. Signoff both. -t
participants (3)
-
Dave Reisner
-
Ionut Biru
-
Tom Gundersen