[Pkg-utopia-maintainers] dbus_1.8.8-1_amd64.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Tue Sep 16 16:20:11 UTC 2014
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 15 Sep 2014 12:58:25 +0100
Source: dbus
Binary: dbus dbus-udeb dbus-x11 libdbus-1-3 libdbus-1-3-udeb dbus-1-doc libdbus-1-dev dbus-1-dbg
Architecture: source amd64 all
Version: 1.8.8-1
Distribution: unstable
Urgency: medium
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Description:
dbus - simple interprocess messaging system (daemon and utilities)
dbus-1-dbg - simple interprocess messaging system (debug symbols)
dbus-1-doc - simple interprocess messaging system (documentation)
dbus-udeb - simple interprocess messaging system (minimal runtime) (udeb)
dbus-x11 - simple interprocess messaging system (X11 deps)
libdbus-1-3 - simple interprocess messaging system (library)
libdbus-1-3-udeb - simple interprocess messaging system (minimal library) (udeb)
libdbus-1-dev - simple interprocess messaging system (development headers)
Changes:
dbus (1.8.8-1) unstable; urgency=medium
.
[ Michael Biebl ]
* Don't attempt config reload if dbus system bus is not running.
.
[ Simon McVittie ]
* Bump dbus up to Priority: standard because without it, systemd-logind
does not run a getty on tty2..tty6 (matching ftp-master action in
#759293)
* New upstream release fixes several security issues
- CVE-2014-3635: do not accept an extra fd in cmsg padding,
avoiding a buffer overrun in dbus-daemon or system services
- CVE-2014-3636: reduce maximum number of file descriptors
per message from 1024 to 16, to avoid two separate denial-of-service
attacks that could cause system services to be dropped from the bus
- CVE-2014-3637: time out connections that have a
partially-sent message containing a file descriptor, so that
malicious processes cannot use self-referential file descriptors
to make a connection that will never close
- CVE-2014-3638: reduce maximum number of pending replies
per connection to avoid algorithmic complexity DoS
- CVE-2014-3639: reduce timeout for authentication and
do not accept() new connections when all unauthenticated connection
slots are in use, so that malicious processes cannot prevent new
connections to the system bus
* debian/copyright: fix glob syntax, .[ch] is not supported
Checksums-Sha1:
9b7569de0eb31d7129a99785da6b3ec5d1d32985 2886 dbus_1.8.8-1.dsc
e0d10e8b4494383c7e366ac80a942ba45a705a96 1864881 dbus_1.8.8.orig.tar.gz
c44aa68e873ef44ee4b62fd376f7f4b15066bae9 36048 dbus_1.8.8-1.debian.tar.xz
c6cf38779da4dafe7b7a6c67efbd3b7e4ee52ad4 284876 dbus_1.8.8-1_amd64.deb
343cc558df300f4f618ee89a994c0659f7414a27 141936 dbus-udeb_1.8.8-1_amd64.udeb
773234dc9b82342adae299c2587113b70d645a3f 69316 dbus-x11_1.8.8-1_amd64.deb
31e167e66eb7c37cbabf5c632f82bcd7a0473953 165812 libdbus-1-3_1.8.8-1_amd64.deb
9a8afd5ab479a780d7367434d59c8ad9640cba52 87868 libdbus-1-3-udeb_1.8.8-1_amd64.udeb
7089d04a5cd4059c608e730a75eb6b99c526789b 1323732 dbus-1-doc_1.8.8-1_all.deb
3ab672b27e49cbb298a84f1ab3ff50794c6e155e 204268 libdbus-1-dev_1.8.8-1_amd64.deb
bd1cbf07266bba9f5d1c6ca5c336f166b7ebd736 6112394 dbus-1-dbg_1.8.8-1_amd64.deb
Checksums-Sha256:
b0979486f6b710416d3eb63349f3f6a02cba1b62074d68579456b6bb5d73d5e1 2886 dbus_1.8.8-1.dsc
dfab263649a979d0fff64a30cac374891a8e9940350e41f3bbd7679af32bd1fd 1864881 dbus_1.8.8.orig.tar.gz
a2d0ec7caa5262e2d02b3f54658652230e1f19b91b4a60c295d8f01bd7a28259 36048 dbus_1.8.8-1.debian.tar.xz
238da6b6b432d5f6eeec0bf39c2a3f596a998b7f3a2a11cee83972d26e19229e 284876 dbus_1.8.8-1_amd64.deb
6a35843eb9a75d0473ec61924ddc694e3371f9156ce905a60685aa250fbb23e2 141936 dbus-udeb_1.8.8-1_amd64.udeb
d2adee1e6b0f0702c6c9db60466d90c4d582695d78bd651d71148dc5431b9ad7 69316 dbus-x11_1.8.8-1_amd64.deb
0fb3c5ac831c2c0ddeee36518d7426435382399feee8e00e7b9160d5894361ff 165812 libdbus-1-3_1.8.8-1_amd64.deb
f3753a9ed232ba5539058bd87cceaabcb2334a4a11a747f651ef968455456769 87868 libdbus-1-3-udeb_1.8.8-1_amd64.udeb
1ca54882c8da0f5bac6e965bc935ee1d7c445191e32fc5343801669c245b4f0c 1323732 dbus-1-doc_1.8.8-1_all.deb
87740a153438d937d1c1d6c9003ac3d68bc6528bec14a0da336e96cbf3451520 204268 libdbus-1-dev_1.8.8-1_amd64.deb
fdc7b15af58d603671b803e03a0c0d13e1e270f0a9208c714ff8ac44d666f95a 6112394 dbus-1-dbg_1.8.8-1_amd64.deb
Files:
8fe4ecb42972479c73b77dd776414d8b 284876 admin standard dbus_1.8.8-1_amd64.deb
2591b23b8104404d985e5ba863253640 141936 debian-installer extra dbus-udeb_1.8.8-1_amd64.udeb
6848e36c63315b3e790138f6a8145ce7 69316 x11 optional dbus-x11_1.8.8-1_amd64.deb
88214f536c1668c15a11d4351213186c 165812 libs optional libdbus-1-3_1.8.8-1_amd64.deb
7b3ffe29d98623a1ad5a9c78b830965a 87868 debian-installer extra libdbus-1-3-udeb_1.8.8-1_amd64.udeb
7c9c54ae9d02aee9906c47b05798a1e5 1323732 doc optional dbus-1-doc_1.8.8-1_all.deb
14352e5a11b2055a4ca160ec4eb0d826 204268 libdevel optional libdbus-1-dev_1.8.8-1_amd64.deb
5e167f609643e6a0cfe5f3adeba999bb 6112394 debug extra dbus-1-dbg_1.8.8-1_amd64.deb
c71fc89e3f6a91547df8e9bf467b9d07 2886 admin optional dbus_1.8.8-1.dsc
b9f4a18ee3faa1e07c04aa1d83239c43 1864881 admin optional dbus_1.8.8.orig.tar.gz
4775b276b8f617c13a6e96080f88e8f0 36048 admin optional dbus_1.8.8-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIVAwUBVBhg/03o/ypjx8yQAQidqBAAhhKUNvPD9jYLD7J8PuqiagQ29ZnqFJzg
hZt0Ob7zaj/OyCaZkvon9Ke5rWEWu7zl2RpgJwuTIBK9oDripAzif/+tEisJ4WUY
OIt2e79ykFAAdTbm0g/8x1ronp1/YPWs6jMIy6VNay7arT69Bc17NyP29XOG3Was
9pbxUbMJ4mIdbHiy+Qb/8T6+/FrlQFWbcVEqbGgRrIl0uNdKnrfAgKLN4n92u5TE
xT41yxTRKDwlPLMuR9zozYHkesjILsun06kJG7+8ZGmCtjDw2bLdk23h0d9HEcO6
gV+VGJBFJim+sE2J56NLSu6R8HQTg4X+rT0URY8FxXIsLdGizgfzPO+MLmOj2lYI
QhWOpMgGF+y2I/+JGckEyMZ4WKh/MX7Z0mvswEYMWfW7BT/aZ2fuyin3PmEq9sER
mhg1NDHnmSY4u1G+hkgzWR0xWJQGkvyPwYa7AVppg0bnIuGO+j0llHICXd4uwskY
EWawTXQ2TTpVH5LqZdinAld+SjmX+6GEtg8FKoe8U3b0OKDFKIlcwdnrc23ATB/3
umvAAv5fVl743EFG0r6mG9mA2KDKnRtnoOJ0riqnQVeRgXH51hMyfuvkWMFABoMl
UaRs0dgGN2XzbLq+OapvELQU2c2h8jMocDqC4zKUwXE3BV8uATuuMCF2xyDb/ULO
xoC1PRabNuE=
=lxGn
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-utopia-maintainers
mailing list