1. 12 Jun, 2015 4 commits
  2. 11 Feb, 2015 1 commit
  3. 10 Feb, 2015 1 commit
  4. 06 Feb, 2015 2 commits
  5. 04 Feb, 2015 3 commits
  6. 03 Feb, 2015 1 commit
  7. 31 Jan, 2015 1 commit
  8. 30 Jan, 2015 1 commit
    • Simon McVittie's avatar
      Relax the triggers from interest to interest-noawait (Closes: #771989; mitigates: #776063) · bcc9fe91
      Simon McVittie authored
      This is not strictly correct, because the purpose of the triggers is to
      set up the .conf, .service files for system services before those services
      satisfy dependencies. However, it mitigates #776063 (apt getting into
      a stuck state during upgrades), and should in principle be redundant
      anyway, because dbus-daemon is meant to use inotify to keep up with
      configuration changes. See #771989, #776063 for details.
      bcc9fe91
  9. 02 Jan, 2015 3 commits
  10. 23 Dec, 2014 1 commit
    • Simon McVittie's avatar
      preinst: partially revert change from 1.8.12-2 · 88afb46f
      Simon McVittie authored
      * preinst: partially revert change from 1.8.12-2. It seems that the
        preinst is too late to add a useful dpkg-statoverride entry: dpkg has
        already loaded the statoverride database by this point, and if we add
        the entry in the preinst, dpkg-statoverride won't run and have
        its --update side-effect in the postinst. (Closes: #773107, #773838)
      * postinst: don't run dpkg-statoverride with 2>/dev/null: in the unlikely
        event that it fails for a reason other than "not overridden" (which
        results in silently exiting 1), we'll want to know about it.
      88afb46f
  11. 21 Dec, 2014 1 commit
    • Simon McVittie's avatar
      Make dbus-daemon-launch-helper permissions more robust (Closes: #773107) · c3963adc
      Simon McVittie authored
      * postinst: use dpkg-statoverride to set the permissions for
        dbus-daemon-launch-helper (expected to be 04754 root:messagebus)
        as suggested in Policy §10.9. This avoids a temporarily broken state
        when an upgraded dbus is unpacked but not yet configured (Closes: #773107)
      * preinst: opportunistically set up the same dpkg-statoverride entry
        if the group already exists, to avoid the same broken state during
        upgrades from older versions without needing Pre-Depends: adduser
      * postrm: delete the dpkg-statoverride entry on purge
      c3963adc
  12. 24 Nov, 2014 3 commits
  13. 06 Nov, 2014 7 commits
  14. 06 Oct, 2014 4 commits
  15. 30 Sep, 2014 1 commit
  16. 22 Sep, 2014 1 commit
  17. 16 Sep, 2014 1 commit
  18. 15 Sep, 2014 4 commits
    • Simon McVittie's avatar
    • Simon McVittie's avatar
      New upstream release fixes several security issues · 9faacc93
      Simon McVittie authored
        - CVE-2014-3635: do not accept an extra fd in cmsg padding,
          avoiding a buffer overrun in dbus-daemon or system services
        - CVE-2014-3636: reduce maximum number of file descriptors
           per message from 1024 to 16, to avoid two separate denial-of-service
           attacks that could cause system services to be dropped from the bus
        - CVE-2014-3637: time out connections that have a
           partially-sent message containing a file descriptor, so that
           malicious processes cannot use self-referential file descriptors
           to make a connection that will never close
        - CVE-2014-3638: reduce maximum number of pending replies
          per connection to avoid algorithmic complexity DoS
        - CVE-2014-3639: reduce timeout for authentication and
          do not accept() new connections when all unauthenticated connection
          slots are in use, so that malicious processes cannot prevent new
          connections to the system bus
      9faacc93
    • Simon McVittie's avatar
      Merge tag 'upstream/1.8.8' · 29f7b361
      Simon McVittie authored
      Upstream version 1.8.8
      29f7b361
    • Simon McVittie's avatar
      Imported Upstream version 1.8.8 · 403920f7
      Simon McVittie authored
      403920f7