[Pkg-utopia-maintainers] dbus_1.8.8-1_amd64.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Tue Sep 16 16:20:11 UTC 2014



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 15 Sep 2014 12:58:25 +0100
Source: dbus
Binary: dbus dbus-udeb dbus-x11 libdbus-1-3 libdbus-1-3-udeb dbus-1-doc libdbus-1-dev dbus-1-dbg
Architecture: source amd64 all
Version: 1.8.8-1
Distribution: unstable
Urgency: medium
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv at debian.org>
Description:
 dbus       - simple interprocess messaging system (daemon and utilities)
 dbus-1-dbg - simple interprocess messaging system (debug symbols)
 dbus-1-doc - simple interprocess messaging system (documentation)
 dbus-udeb  - simple interprocess messaging system (minimal runtime) (udeb)
 dbus-x11   - simple interprocess messaging system (X11 deps)
 libdbus-1-3 - simple interprocess messaging system (library)
 libdbus-1-3-udeb - simple interprocess messaging system (minimal library) (udeb)
 libdbus-1-dev - simple interprocess messaging system (development headers)
Changes:
 dbus (1.8.8-1) unstable; urgency=medium
 .
   [ Michael Biebl ]
   * Don't attempt config reload if dbus system bus is not running.
 .
   [ Simon McVittie ]
   * Bump dbus up to Priority: standard because without it, systemd-logind
     does not run a getty on tty2..tty6 (matching ftp-master action in
     #759293)
   * New upstream release fixes several security issues
     - CVE-2014-3635: do not accept an extra fd in cmsg padding,
       avoiding a buffer overrun in dbus-daemon or system services
     - CVE-2014-3636: reduce maximum number of file descriptors
        per message from 1024 to 16, to avoid two separate denial-of-service
        attacks that could cause system services to be dropped from the bus
     - CVE-2014-3637: time out connections that have a
        partially-sent message containing a file descriptor, so that
        malicious processes cannot use self-referential file descriptors
        to make a connection that will never close
     - CVE-2014-3638: reduce maximum number of pending replies
       per connection to avoid algorithmic complexity DoS
     - CVE-2014-3639: reduce timeout for authentication and
       do not accept() new connections when all unauthenticated connection
       slots are in use, so that malicious processes cannot prevent new
       connections to the system bus
   * debian/copyright: fix glob syntax, .[ch] is not supported
Checksums-Sha1:
 9b7569de0eb31d7129a99785da6b3ec5d1d32985 2886 dbus_1.8.8-1.dsc
 e0d10e8b4494383c7e366ac80a942ba45a705a96 1864881 dbus_1.8.8.orig.tar.gz
 c44aa68e873ef44ee4b62fd376f7f4b15066bae9 36048 dbus_1.8.8-1.debian.tar.xz
 c6cf38779da4dafe7b7a6c67efbd3b7e4ee52ad4 284876 dbus_1.8.8-1_amd64.deb
 343cc558df300f4f618ee89a994c0659f7414a27 141936 dbus-udeb_1.8.8-1_amd64.udeb
 773234dc9b82342adae299c2587113b70d645a3f 69316 dbus-x11_1.8.8-1_amd64.deb
 31e167e66eb7c37cbabf5c632f82bcd7a0473953 165812 libdbus-1-3_1.8.8-1_amd64.deb
 9a8afd5ab479a780d7367434d59c8ad9640cba52 87868 libdbus-1-3-udeb_1.8.8-1_amd64.udeb
 7089d04a5cd4059c608e730a75eb6b99c526789b 1323732 dbus-1-doc_1.8.8-1_all.deb
 3ab672b27e49cbb298a84f1ab3ff50794c6e155e 204268 libdbus-1-dev_1.8.8-1_amd64.deb
 bd1cbf07266bba9f5d1c6ca5c336f166b7ebd736 6112394 dbus-1-dbg_1.8.8-1_amd64.deb
Checksums-Sha256:
 b0979486f6b710416d3eb63349f3f6a02cba1b62074d68579456b6bb5d73d5e1 2886 dbus_1.8.8-1.dsc
 dfab263649a979d0fff64a30cac374891a8e9940350e41f3bbd7679af32bd1fd 1864881 dbus_1.8.8.orig.tar.gz
 a2d0ec7caa5262e2d02b3f54658652230e1f19b91b4a60c295d8f01bd7a28259 36048 dbus_1.8.8-1.debian.tar.xz
 238da6b6b432d5f6eeec0bf39c2a3f596a998b7f3a2a11cee83972d26e19229e 284876 dbus_1.8.8-1_amd64.deb
 6a35843eb9a75d0473ec61924ddc694e3371f9156ce905a60685aa250fbb23e2 141936 dbus-udeb_1.8.8-1_amd64.udeb
 d2adee1e6b0f0702c6c9db60466d90c4d582695d78bd651d71148dc5431b9ad7 69316 dbus-x11_1.8.8-1_amd64.deb
 0fb3c5ac831c2c0ddeee36518d7426435382399feee8e00e7b9160d5894361ff 165812 libdbus-1-3_1.8.8-1_amd64.deb
 f3753a9ed232ba5539058bd87cceaabcb2334a4a11a747f651ef968455456769 87868 libdbus-1-3-udeb_1.8.8-1_amd64.udeb
 1ca54882c8da0f5bac6e965bc935ee1d7c445191e32fc5343801669c245b4f0c 1323732 dbus-1-doc_1.8.8-1_all.deb
 87740a153438d937d1c1d6c9003ac3d68bc6528bec14a0da336e96cbf3451520 204268 libdbus-1-dev_1.8.8-1_amd64.deb
 fdc7b15af58d603671b803e03a0c0d13e1e270f0a9208c714ff8ac44d666f95a 6112394 dbus-1-dbg_1.8.8-1_amd64.deb
Files:
 8fe4ecb42972479c73b77dd776414d8b 284876 admin standard dbus_1.8.8-1_amd64.deb
 2591b23b8104404d985e5ba863253640 141936 debian-installer extra dbus-udeb_1.8.8-1_amd64.udeb
 6848e36c63315b3e790138f6a8145ce7 69316 x11 optional dbus-x11_1.8.8-1_amd64.deb
 88214f536c1668c15a11d4351213186c 165812 libs optional libdbus-1-3_1.8.8-1_amd64.deb
 7b3ffe29d98623a1ad5a9c78b830965a 87868 debian-installer extra libdbus-1-3-udeb_1.8.8-1_amd64.udeb
 7c9c54ae9d02aee9906c47b05798a1e5 1323732 doc optional dbus-1-doc_1.8.8-1_all.deb
 14352e5a11b2055a4ca160ec4eb0d826 204268 libdevel optional libdbus-1-dev_1.8.8-1_amd64.deb
 5e167f609643e6a0cfe5f3adeba999bb 6112394 debug extra dbus-1-dbg_1.8.8-1_amd64.deb
 c71fc89e3f6a91547df8e9bf467b9d07 2886 admin optional dbus_1.8.8-1.dsc
 b9f4a18ee3faa1e07c04aa1d83239c43 1864881 admin optional dbus_1.8.8.orig.tar.gz
 4775b276b8f617c13a6e96080f88e8f0 36048 admin optional dbus_1.8.8-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIVAwUBVBhg/03o/ypjx8yQAQidqBAAhhKUNvPD9jYLD7J8PuqiagQ29ZnqFJzg
hZt0Ob7zaj/OyCaZkvon9Ke5rWEWu7zl2RpgJwuTIBK9oDripAzif/+tEisJ4WUY
OIt2e79ykFAAdTbm0g/8x1ronp1/YPWs6jMIy6VNay7arT69Bc17NyP29XOG3Was
9pbxUbMJ4mIdbHiy+Qb/8T6+/FrlQFWbcVEqbGgRrIl0uNdKnrfAgKLN4n92u5TE
xT41yxTRKDwlPLMuR9zozYHkesjILsun06kJG7+8ZGmCtjDw2bLdk23h0d9HEcO6
gV+VGJBFJim+sE2J56NLSu6R8HQTg4X+rT0URY8FxXIsLdGizgfzPO+MLmOj2lYI
QhWOpMgGF+y2I/+JGckEyMZ4WKh/MX7Z0mvswEYMWfW7BT/aZ2fuyin3PmEq9sER
mhg1NDHnmSY4u1G+hkgzWR0xWJQGkvyPwYa7AVppg0bnIuGO+j0llHICXd4uwskY
EWawTXQ2TTpVH5LqZdinAld+SjmX+6GEtg8FKoe8U3b0OKDFKIlcwdnrc23ATB/3
umvAAv5fVl743EFG0r6mG9mA2KDKnRtnoOJ0riqnQVeRgXH51hMyfuvkWMFABoMl
UaRs0dgGN2XzbLq+OapvELQU2c2h8jMocDqC4zKUwXE3BV8uATuuMCF2xyDb/ULO
xoC1PRabNuE=
=lxGn
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.



More information about the Pkg-utopia-maintainers mailing list