Prepare 1.8.6 in advancedbus-1.8.6

2 files changed, 19 insertions, 4 deletions

diff --git a/NEWS b/NEWS
index 48d3e9b0..0944bf42 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,22 @@
-D-Bus 1.8.6 (UNRELEASED)
+D-Bus 1.8.6 (2014-06-02)
 ==
 
-Fixes:
+Security fixes:
+
+• On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently drop
+  the message. This prevents an attack in which a malicious client can
+  make dbus-daemon disconnect a system service, which is a local
+  denial of service.
+  (fd.o #80163, CVE-2014-3532; Alban Crequy)
+
+• Track remaining Unix file descriptors correctly when more than one
+  message in quick succession contains fds. This prevents another attack
+  in which a malicious client can make dbus-daemon disconnect a system
+  service.
+  (fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
+  Simon McVittie, Alban Crequy)
+
+Other fixes:
 
 • When dbus-launch --exit-with-session starts a dbus-daemon but then cannot
   attach to a session, kill the dbus-daemon as intended
diff --git a/configure.ac b/configure.ac
index 13d0aa94..8ffbb5c3 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
 
 m4_define([dbus_major_version], [1])
 m4_define([dbus_minor_version], [8])
-m4_define([dbus_micro_version], [5])
+m4_define([dbus_micro_version], [6])
 m4_define([dbus_version],
           [dbus_major_version.dbus_minor_version.dbus_micro_version])
 AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])
@@ -37,7 +37,7 @@ LT_CURRENT=11
 
 ## increment any time the source changes; set to
 ##  0 if you increment CURRENT
-LT_REVISION=5
+LT_REVISION=6
 
 ## increment if any interfaces have been added; set to 0
 ## if any interfaces have been changed or removed. removal has