dbus (1.10.6-1ubuntu3.1) xenial-security; urgency=medium * SECURITY UPDATE: arbitrary code execution or denial of service via format string vulnerability (likely limited to uid 0 only) - debian/patches/format_string.patch: do not use non-literal format string in bus/activation.c. - No CVE number -- Marc Deslauriers Wed, 12 Oct 2016 08:33:00 -0400 dbus (1.10.6-1ubuntu3) xenial; urgency=medium * debian/dbus.preinst: divert the dbus-daemon-launch-helper if upgrading from < 1.9.4-2~. This will make sure we keep the setuid bit during upgrade. (LP: #1555237) * debian/dbus.postinst: remove diversion. -- Mathieu Trudel-Lapierre Thu, 31 Mar 2016 15:07:46 -0400 dbus (1.10.6-1ubuntu2) xenial; urgency=medium * dont-stop-dbus.patch: Disallow manual (re)starts, as we don't (want to) stop D-Bus on shutdown. (LP: #1540282) * debian/rules: Don't start D-Bus on package installation, as that doesn't work any more with the above. Instead, start dbus.socket in postinst, which will then start D-Bus on demand after package installation. -- Martin Pitt Thu, 11 Feb 2016 12:58:02 +0100 dbus (1.10.6-1ubuntu1) xenial; urgency=low * Merge with Debian, remaining changes: - Add upstart jobs; Upstart is still supported for the system init. + Add debian/dbus.upstart and dbus.user-session.upstart - Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service unit (see patch header and upstream bug for details). Fixes various causes of shutdown hangs, particularly with remote file systems. (LP: #1438612) - aa-get-connection-apparmor-security-context.patch: This is not intended for upstream inclusion. It implements a bus method (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor security context but upstream D-Bus has recently added a generic way of getting a connection's security credentials (GetConnectionCredentials). Ubuntu should carry this patch until packages in the archive are moved over to the new, generic method of getting a connection's credentials. -- Iain Lane Thu, 03 Dec 2015 16:19:34 +0000 dbus (1.10.6-1) unstable; urgency=medium * New upstream stable release 1.10.6 - fixes regression tests when run as root (Closes: #806305) * When removing dbus.target.wants (for #757913), do not fail if it does not exist. This should fix FTBFS on non-Linux kernels, and in stage1 Linux builds (Closes: #805513) * debian/libdbus-1-3.symbols.in: use a regex for private symbols, so that this packaging can be used for snapshots of dbus where DEB_VERSION_UPSTREAM does not necessarily match Autoconf's VERSION -- Simon McVittie Tue, 01 Dec 2015 19:15:47 +0000 dbus (1.10.4-1ubuntu2) xenial; urgency=medium * debian/patches/0001-uid-permissions-test-don-t-assert-that-root-can-Upda.patch: Take patch from fd.o bug #119997 to resolve 'root' test failure - root can no longer call UpdateActivationEnvironment. Check using BecomeMonitor that root and messagebus are privileged. -- Iain Lane Mon, 23 Nov 2015 12:51:40 +0000 dbus (1.10.4-1ubuntu1) xenial; urgency=low * Merge with Debian, remaining changes: - Add upstart jobs; Upstart is still supported for the system init. + Add debian/dbus.upstart and dbus.user-session.upstart - Add debian/patches/dont-stop-dbus.patch: Don't stop D-Bus in the service unit (see patch header and upstream bug for details). Fixes various causes of shutdown hangs, particularly with remote file systems. (LP: #1438612) - aa-get-connection-apparmor-security-context.patch: This is not intended for upstream inclusion. It implements a bus method (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor security context but upstream D-Bus has recently added a generic way of getting a connection's security credentials (GetConnectionCredentials). Ubuntu should carry this patch until packages in the archive are moved over to the new, generic method of getting a connection's credentials. * debian/rules, debian/dbus.install: Modify upstart session job installation to use dh-exec instead of editing debian/rules -- Iain Lane Thu, 19 Nov 2015 12:19:17 +0000 dbus (1.10.4-1) unstable; urgency=medium * New upstream stable release 1.10.4 * prerm: clean up /etc/dbus-1/s*.conf compat symlinks on remove. We only remove them if they match what the package sets up, so we do not need to distinguish between remove and purge. * prerm: also clean up /etc/dbus-1/s*.conf symlinks before downgrading to a version << 1.10.2-1, so that the dbus-daemon will not fail to reload or start after the downgrade. Please note that downgrading packages remains an unsupported action. (Closes: #804183) * postrm: clean up /etc/dbus-1/s*.conf on purge, even if their targets do not match what is expected (Closes: #803441) * dbus.install: use dh-exec to mark systemd-related files for [linux-any], instead of constructing dbus.install programmatically * dbus-1-dbg.links: use dh-exec instead of sh * Stop installing dbus.target.wants/dbus.socket, since dbus.target no longer exists in systemd. sockets.target covers that, and is part of the DefaultDependencies anyway (Closes: #757913) * Simplify dh_install override, and remove dh_link override altogether, by using dh-exec -- Simon McVittie Tue, 17 Nov 2015 21:58:01 +0000 dbus (1.10.2-1) unstable; urgency=medium * New upstream stable release 1.10.2 * Touch /var/run/reboot-required on upgrade, even if neither reboot-notifier nor update-notifier-common is installed. Various other tools look for this file. (Closes: #799396) * Allow dbus-daemon (<< 1.9.18) to reload bus setup and configuration again (follow-up for #793519). This means that if an upgrade from jessie to stretch pulls in a new system service, dbus-daemon will load the configuration that allows that system service to work, even before the system has been rebooted to use the new dbus-daemon. - if /etc/dbus-1/s*.conf have been modified, move them to /etc/dbus-1/s*.conf.dpkg-bak; if not, delete them - patch /usr/share/dbus-1/s*.conf to include /etc/dbus-1/s*.conf.dpkg-bak instead of /etc/dbus-1/s*.conf - add new symlinks /etc/dbus-1/s*.conf -> /usr/share/dbus-1/s*.conf so that the old dbus-daemon will load the new bus setup * Remove Breaks and upgrade code for versions older than oldstable -- Simon McVittie Mon, 26 Oct 2015 13:37:05 +0000 dbus (1.10.0-3) unstable; urgency=medium * Put the entire debug build in an arch-specific directory, so dbus-1-dbg can continue to be Multi-Arch: same (Closes: #798748) * Record that Iain's change in 1.10.0-1 closed #796165 -- Simon McVittie Tue, 15 Sep 2015 10:56:19 +0100 # For older changelog entries, run 'apt-get changelog libdbus-1-3'