Bug#858635: unblock (pre-approval): dbus/1.10.18-1 with #857660 fixed
On Wed, 05 Apr 2017 at 13:23:00 +0000, Niels Thykier wrote:
> I am fine with it including it in stretch (at least assuming it is done
> prior to the stretch release).
Here's an updated debdiff. An upstream bug reported an invalid memory
access in one of the tests, and the fix seemed low-risk (it only
touches test code), so I added that in; I hope that's OK. I can revert
it if you really want me to.
This is now on its way through unstable.
(The added .gitignore is because dbus/1.10.16-1 was built with different
gbp-buildpackage settings, and doesn't affect binary packages at all.)
S
diffstat for dbus-1.10.16 dbus-1.10.18
Makefile.in | 2 +-
NEWS | 16 +++++++++++++++-
bus/bus.c | 40 ++++++++++++++++++++++++++--------------
configure | 26 +++++++++++++-------------
configure.ac | 4 ++--
debian/.gitignore | 22 ++++++++++++++++++++++
debian/changelog | 11 +++++++++++
test/corrupt.c | 11 +++++++----
8 files changed, 97 insertions(+), 35 deletions(-)
diff -Nru dbus-1.10.16/bus/bus.c dbus-1.10.18/bus/bus.c
--- dbus-1.10.16/bus/bus.c 2015-09-30 15:48:40.000000000 +0100
+++ dbus-1.10.18/bus/bus.c 2017-03-22 09:32:31.000000000 +0000
@@ -931,6 +931,27 @@
!_dbus_pipe_is_stdout_or_stderr (print_pid_pipe))
_dbus_pipe_close (print_pid_pipe, NULL);
+ /* Here we change our credentials if required,
+ * as soon as we've set up our sockets and pidfile.
+ * This must be done before initializing LSMs, so that the netlink
+ * monitoring thread started by avc_init() will not lose CAP_AUDIT_WRITE
+ * when the main thread calls setuid().
+ * https://bugs.freedesktop.org/show_bug.cgi?id=92832
+ */
+ if (context->user != NULL)
+ {
+ if (!_dbus_change_to_daemon_user (context->user, error))
+ {
+ _DBUS_ASSERT_ERROR_IS_SET (error);
+ goto failed;
+ }
+ }
+
+ /* Auditing should be initialized before LSMs, so that the LSMs are able
+ * to log audit-events that happen during their initialization.
+ */
+ bus_audit_init (context);
+
if (!bus_selinux_full_init ())
{
bus_context_log (context, DBUS_SYSTEM_LOG_FATAL, "SELinux enabled but D-Bus initialization failed; check system log\n");
@@ -950,6 +971,11 @@
"AppArmor D-Bus mediation is enabled\n");
}
+ /* When SELinux is used, this must happen after bus_selinux_full_init()
+ * so that it has access to the access vector cache, which is required
+ * to process <associate/> elements.
+ * http://lists.freedesktop.org/archives/dbus/2008-October/010491.html
+ */
if (!process_config_postinit (context, parser, error))
{
_DBUS_ASSERT_ERROR_IS_SET (error);
@@ -962,20 +988,6 @@
parser = NULL;
}
- /* Here we change our credentials if required,
- * as soon as we've set up our sockets and pidfile
- */
- if (context->user != NULL)
- {
- if (!_dbus_change_to_daemon_user (context->user, error))
- {
- _DBUS_ASSERT_ERROR_IS_SET (error);
- goto failed;
- }
- }
-
- bus_audit_init (context);
-
dbus_server_free_data_slot (&server_data_slot);
return context;
diff -Nru dbus-1.10.16/configure dbus-1.10.18/configure
--- dbus-1.10.16/configure 2017-02-16 13:47:19.000000000 +0000
+++ dbus-1.10.18/configure 2017-04-05 16:25:13.000000000 +0100
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for dbus 1.10.16.
+# Generated by GNU Autoconf 2.69 for dbus 1.10.18.
#
# Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=dbus>.
#
@@ -591,8 +591,8 @@
# Identity of this package.
PACKAGE_NAME='dbus'
PACKAGE_TARNAME='dbus'
-PACKAGE_VERSION='1.10.16'
-PACKAGE_STRING='dbus 1.10.16'
+PACKAGE_VERSION='1.10.18'
+PACKAGE_STRING='dbus 1.10.18'
PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=dbus'
PACKAGE_URL=''
@@ -1553,7 +1553,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures dbus 1.10.16 to adapt to many kinds of systems.
+\`configure' configures dbus 1.10.18 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1628,7 +1628,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of dbus 1.10.16:";;
+ short | recursive ) echo "Configuration of dbus 1.10.18:";;
esac
cat <<\_ACEOF
@@ -1841,7 +1841,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-dbus configure 1.10.16
+dbus configure 1.10.18
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2617,7 +2617,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by dbus $as_me 1.10.16, which was
+It was created by dbus $as_me 1.10.18, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3560,7 +3560,7 @@
# Define the identity of the package.
PACKAGE='dbus'
- VERSION='1.10.16'
+ VERSION='1.10.18'
cat >>confdefs.h <<_ACEOF
@@ -3860,7 +3860,7 @@
## increment any time the source changes; set to
## 0 if you increment CURRENT
-LT_REVISION=10
+LT_REVISION=11
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has
@@ -3875,8 +3875,8 @@
DBUS_MAJOR_VERSION=1
DBUS_MINOR_VERSION=10
-DBUS_MICRO_VERSION=16
-DBUS_VERSION=1.10.16
+DBUS_MICRO_VERSION=18
+DBUS_VERSION=1.10.18
@@ -24925,7 +24925,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by dbus $as_me 1.10.16, which was
+This file was extended by dbus $as_me 1.10.18, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -24991,7 +24991,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-dbus config.status 1.10.16
+dbus config.status 1.10.18
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -Nru dbus-1.10.16/configure.ac dbus-1.10.18/configure.ac
--- dbus-1.10.16/configure.ac 2017-02-16 13:46:56.000000000 +0000
+++ dbus-1.10.18/configure.ac 2017-04-05 16:23:18.000000000 +0100
@@ -3,7 +3,7 @@
m4_define([dbus_major_version], [1])
m4_define([dbus_minor_version], [10])
-m4_define([dbus_micro_version], [16])
+m4_define([dbus_micro_version], [18])
m4_define([dbus_version],
[dbus_major_version.dbus_minor_version.dbus_micro_version])
AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])
@@ -38,7 +38,7 @@
## increment any time the source changes; set to
## 0 if you increment CURRENT
-LT_REVISION=10
+LT_REVISION=11
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has
diff -Nru dbus-1.10.16/debian/changelog dbus-1.10.18/debian/changelog
--- dbus-1.10.16/debian/changelog 2017-02-16 14:21:41.000000000 +0000
+++ dbus-1.10.18/debian/changelog 2017-04-05 20:07:19.000000000 +0100
@@ -1,3 +1,14 @@
+dbus (1.10.18-1) unstable; urgency=medium
+
+ * New upstream stable release
+ - On SELinux systems, make sure the thread that reads AVC
+ notifications retains the ability to write the audit log
+ (Closes: #857660)
+ - Fix a read overflow and some memory leaks in a unit test
+ (no effect on production systems)
+
+ -- Simon McVittie <smcv@debian.org> Wed, 05 Apr 2017 20:07:19 +0100
+
dbus (1.10.16-1) unstable; urgency=medium
* New upstream release
diff -Nru dbus-1.10.16/debian/.gitignore dbus-1.10.18/debian/.gitignore
--- dbus-1.10.16/debian/.gitignore 1970-01-01 01:00:00.000000000 +0100
+++ dbus-1.10.18/debian/.gitignore 2017-04-05 20:07:19.000000000 +0100
@@ -0,0 +1,22 @@
+/*.debhelper
+/*.debhelper.log
+/*.substvars
+/.debhelper/
+/autoreconf.after
+/autoreconf.before
+/build-*/
+/dbus-1-dbg/
+/dbus-1-doc/
+/dbus-tests/
+/dbus-udeb/
+/dbus-user-session/
+/dbus-x11/
+/dbus/
+/debhelper-build-stamp
+/files
+/libdbus-1-3-udeb/
+/libdbus-1-3.symbols
+/libdbus-1-3/
+/libdbus-1-dev/
+/tmp-udeb/
+/tmp/
diff -Nru dbus-1.10.16/Makefile.in dbus-1.10.18/Makefile.in
--- dbus-1.10.16/Makefile.in 2017-02-16 13:47:18.000000000 +0000
+++ dbus-1.10.18/Makefile.in 2017-04-05 16:25:13.000000000 +0100
@@ -234,7 +234,7 @@
$(top_srcdir)/bus/systemd-user/dbus.service.in \
$(top_srcdir)/bus/systemd-user/dbus.socket.in AUTHORS COPYING \
ChangeLog INSTALL NEWS README build-aux/compile \
- build-aux/config.guess build-aux/config.sub \
+ build-aux/config.guess build-aux/config.sub build-aux/depcomp \
build-aux/install-sh build-aux/ltmain.sh build-aux/missing
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION)
diff -Nru dbus-1.10.16/NEWS dbus-1.10.18/NEWS
--- dbus-1.10.16/NEWS 2017-02-16 14:11:55.000000000 +0000
+++ dbus-1.10.18/NEWS 2017-04-05 16:24:03.000000000 +0100
@@ -1,3 +1,17 @@
+D-Bus 1.10.18 (2017-04-05)
+==
+
+The “can't handle a self-referential paradox” release.
+
+Fixes:
+
+• Re-order dbus-daemon startup so that on SELinux systems, the thread
+ that reads AVC notifications retains the ability to write to the
+ audit log (fd.o #92832, Debian #857660; Laurent Bigonville)
+
+• Fix a harmless read overflow and some memory leaks in a unit test
+ (fd.o #100568, Philip Withnall)
+
D-Bus 1.10.16 (2017-02-16)
==
@@ -24,7 +38,7 @@
On Unix systems we strongly recommend using only the unix: and systemd:
transports, together with EXTERNAL authentication. These are the only
- transports and authentication mechanisms enabled by default,
+ transports and authentication mechanisms enabled by default.
(fd.o #99828, Simon McVittie)
diff -Nru dbus-1.10.16/test/corrupt.c dbus-1.10.18/test/corrupt.c
--- dbus-1.10.16/test/corrupt.c 2015-09-30 15:48:40.000000000 +0100
+++ dbus-1.10.18/test/corrupt.c 2017-04-05 16:22:43.000000000 +0100
@@ -99,14 +99,16 @@
gconstpointer addr G_GNUC_UNUSED)
{
dbus_bool_t have_mem;
+ char *address = NULL;
g_assert (f->server_conn == NULL);
- f->client_conn = dbus_connection_open_private (
- dbus_server_get_address (f->server), &f->e);
+ address = dbus_server_get_address (f->server);
+ f->client_conn = dbus_connection_open_private (address, &f->e);
assert_no_error (&f->e);
g_assert (f->client_conn != NULL);
test_connection_setup (f->ctx, f->client_conn);
+ dbus_free (address);
while (f->server_conn == NULL)
{
@@ -271,7 +273,6 @@
int fd;
char *blob;
const gchar *arg = not_a_dbus_message;
- const gchar * const *args = &arg;
int blob_len;
DBusMessage *message;
dbus_bool_t mem;
@@ -283,7 +284,7 @@
/* Append 0xFF bytes, so that the length of the body when byte-swapped
* is 0xFF000000, which is invalid */
mem = dbus_message_append_args (message,
- DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, &args, 0xFF,
+ DBUS_TYPE_ARRAY, DBUS_TYPE_BYTE, &arg, 0xFF,
DBUS_TYPE_INVALID);
g_assert (mem);
mem = dbus_message_marshal (message, &blob, &blob_len);
@@ -353,6 +354,7 @@
{
if (f->client_conn != NULL)
{
+ test_connection_shutdown (f->ctx, f->client_conn);
dbus_connection_close (f->client_conn);
dbus_connection_unref (f->client_conn);
f->client_conn = NULL;
@@ -360,6 +362,7 @@
if (f->server_conn != NULL)
{
+ test_connection_shutdown (f->ctx, f->server_conn);
dbus_connection_close (f->server_conn);
dbus_connection_unref (f->server_conn);
f->server_conn = NULL;
Reply to: