diff options
| author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2014-09-15 12:43:04 +0100 |
|---|---|---|
| committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2014-09-15 12:43:04 +0100 |
| commit | 28cba657857141962278eef619cbd1d629c18208 (patch) | |
| tree | 845930d1fee3574afcca7037b93fd1fdd81a1c74 | |
| parent | ee11ec12566afda5dee8a3a834274421a20661de (diff) | |
Prepare 1.8.8 (embargoed until tomorrow)dbus-1.8.8
| -rw-r--r-- | NEWS | 42 | ||||
| -rw-r--r-- | configure.ac | 4 |
2 files changed, 42 insertions, 4 deletions
@@ -1,7 +1,45 @@ -D-Bus 1.8.8 (UNRELEASED) +D-Bus 1.8.8 (2014-09-16) == -Fixes: +The "smashy smashy egg man" release. + +Security fixes: + +• Do not accept an extra fd in the padding of a cmsg message, which + could lead to a 4-byte heap buffer overrun. + (CVE-2014-3635, fd.o #83622; Simon McVittie) + +• Reduce default for maximum Unix file descriptors passed per message + from 1024 to 16, preventing a uid with the default maximum number of + connections from exhausting the system bus' file descriptors under + Linux's default rlimit. Distributors or system administrators with a + more restrictive fd limit may wish to reduce these limits further. + + Additionally, on Linux this prevents a second denial of service + in which the dbus-daemon can be made to exceed the maximum number + of fds per sendmsg() and disconnect the process that would have + received them. + (CVE-2014-3636, fd.o #82820; Alban Crequy) + +• Disconnect connections that still have a fd pending unmarshalling after + a new configurable limit, pending_fd_timeout (defaulting to 150 seconds), + removing the possibility of creating an abusive connection that cannot be + disconnected by setting up a circular reference to a connection's + file descriptor. + (CVE-2014-3637, fd.o #80559; Alban Crequy) + +• Reduce default for maximum pending replies per connection from 8192 to 128, + mitigating an algorithmic complexity denial-of-service attack + (CVE-2014-3638, fd.o #81053; Alban Crequy) + +• Reduce default for authentication timeout on the system bus from + 30 seconds to 5 seconds, avoiding denial of service by using up + all unauthenticated connection slots; and when all unauthenticated + connection slots are used up, make new connection attempts block + instead of disconnecting them. + (CVE-2014-3639, fd.o #80919; Alban Crequy) + +Other fixes: • Check for libsystemd from systemd >= 209, falling back to the older separate libraries if not found (Umut Tezduyar Lindskog, diff --git a/configure.ac b/configure.ac index 8a530b29..2d4624c7 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ([2.63]) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [8]) -m4_define([dbus_micro_version], [7]) +m4_define([dbus_micro_version], [8]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus]) @@ -37,7 +37,7 @@ LT_CURRENT=11 ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=6 +LT_REVISION=7 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has |