Accepted dbus 1.2.1-5 (source all i386)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 10 Jan 2009 21:43:16 +0000
Source: dbus
Binary: dbus dbus-x11 libdbus-1-3 dbus-1-doc libdbus-1-dev
Architecture: source all i386
Version: 1.2.1-5
Distribution: unstable
Urgency: high
Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers@lists.alioth.debian.org>
Changed-By: Simon McVittie <smcv@debian.org>
Description:
dbus - simple interprocess messaging system
dbus-1-doc - simple interprocess messaging system (documentation)
dbus-x11 - simple interprocess messaging system (X11 deps)
libdbus-1-3 - simple interprocess messaging system
libdbus-1-dev - simple interprocess messaging system (development headers)
Closes: 503532 508032
Changes:
dbus (1.2.1-5) unstable; urgency=high
.
[ Sjoerd Simons ]
* debian/patches/CVE-2008-4311.patch:
+ Added, Fixes CVE-2008-4311. A mistake in the default configuration for
the system bus (system.conf) which made the default policy for both sent
and received messages effectively *allow*, and not deny as intended. This
patch fixes the send side permissions (Closes: #503532, #508032)
* Urgency high for the security fix
.
[ Simon McVittie ]
* Rename CVE-*.patch to prefix them with a sequence number so it's clear
what order they should apply in
* Add 51-CVE-2008-4311-but-allow-signals.patch, cherry-picked from upstream
git commit d899734475: after fixing CVE-2008-4311, re-allow emitting
signals
* debian/patches/3[0-4]*.patch, cherry-picked from upstream git (see patches
for commit IDs): add logging when permission to send a message is denied
* debian/patches/35-syslog-h.patch: #include <syslog.h> to fix compilation
with the logging patches applied
* Add myself to Uploaders
Checksums-Sha1:
c6bbeaf6adaf8bfaab2c29a3673ae06f13bdc27b 1538 dbus_1.2.1-5.dsc
d6487cdd1e7642d4e8c85b70c22194f65485dc09 38407 dbus_1.2.1-5.diff.gz
5322db4f0b383668cb103c7bd8bb0f3f2adbb388 1822318 dbus-1-doc_1.2.1-5_all.deb
33ca15975f3c69d5cfb633b5ab17b335c836ef07 229016 dbus_1.2.1-5_i386.deb
bfde3c36e2e14b97af81953b710f51c40d1e4d7b 63448 dbus-x11_1.2.1-5_i386.deb
0f96acf34bd4fe478d3b7edeb12a2200c6e18b5c 147732 libdbus-1-3_1.2.1-5_i386.deb
006669638cb49e7c067d0fb7bfecde44ed1fcc3f 235596 libdbus-1-dev_1.2.1-5_i386.deb
Checksums-Sha256:
4e93374fe27ff43852fa38ddad38238192f9f0a3bedecb62d15d988368320cfb 1538 dbus_1.2.1-5.dsc
a7e86a2034de58e1d5b41f963b27c791386b59269a9204ff988045eb889d9905 38407 dbus_1.2.1-5.diff.gz
0d6ffcb9ac4855d220f8bf4038c9ba8f03e247bba7943ada83cbdc1c12385070 1822318 dbus-1-doc_1.2.1-5_all.deb
00820f2ee73ce296adb5980a6a1862b0ea6e28c9a524cb70b951a2f1c0bacd2c 229016 dbus_1.2.1-5_i386.deb
645a4e5841ee3e3fbe9907233ddc8ea3f8a302e98633e11051edb85bcb6c2aa3 63448 dbus-x11_1.2.1-5_i386.deb
c96b6e2b0b32a40f12075eb34d5d820f0d01414cc3d5942e440aac26e66fbb8d 147732 libdbus-1-3_1.2.1-5_i386.deb
08167b75a3de06f592e778593393244ed280d26e391f4373f21c7ad5148e28bc 235596 libdbus-1-dev_1.2.1-5_i386.deb
Files:
52f7ccdff41e06473f6156268b37e3fa 1538 devel optional dbus_1.2.1-5.dsc
5c3158b6e63b83d717f5dd8081b44e5c 38407 devel optional dbus_1.2.1-5.diff.gz
65d3cb630ada231a1b09b991da64bf0c 1822318 doc optional dbus-1-doc_1.2.1-5_all.deb
f3b65b62ff6d67379d0aef23bba5d5d6 229016 devel optional dbus_1.2.1-5_i386.deb
868e7115ced3c6196c0e8bc249afa37e 63448 x11 optional dbus-x11_1.2.1-5_i386.deb
e20b7d548c4d4ef9407d83726ab62ffa 147732 libs optional libdbus-1-3_1.2.1-5_i386.deb
37a6786eb691800198fb81941e016a8b 235596 libdevel optional libdbus-1-dev_1.2.1-5_i386.deb
-----BEGIN PGP SIGNATURE-----
iD8DBQFJaSXuWSc8zVUw7HYRApELAJ9xeiYY+SKB2YSEkGS1wMNkoKnMUACg5wvH
QlPFufHhxIR4RrQCTVVcljU=
=X1ZZ
-----END PGP SIGNATURE-----
Accepted:
dbus-1-doc_1.2.1-5_all.deb
to pool/main/d/dbus/dbus-1-doc_1.2.1-5_all.deb
dbus-x11_1.2.1-5_i386.deb
to pool/main/d/dbus/dbus-x11_1.2.1-5_i386.deb
dbus_1.2.1-5.diff.gz
to pool/main/d/dbus/dbus_1.2.1-5.diff.gz
dbus_1.2.1-5.dsc
to pool/main/d/dbus/dbus_1.2.1-5.dsc
dbus_1.2.1-5_i386.deb
to pool/main/d/dbus/dbus_1.2.1-5_i386.deb
libdbus-1-3_1.2.1-5_i386.deb
to pool/main/d/dbus/libdbus-1-3_1.2.1-5_i386.deb
libdbus-1-dev_1.2.1-5_i386.deb
to pool/main/d/dbus/libdbus-1-dev_1.2.1-5_i386.deb
Reply to: