New upstream bugfix release
- Hardening: lock down the session bus to only allow EXTERNAL auth by default, the same as the system bus. This avoids allowing DBUS_COOKIE_SHA1, which can end up using a predictable random source on systems where /dev/urandom is unavailable or dbus-daemon runs out of memory. See the upstream NEWS for more details.
Showing with 11 additions and 0 deletions