diff options
authorSimon McVittie <>2020-06-02 11:57:44 +0100
committerSimon McVittie <>2020-06-02 11:57:44 +0100
commit4004bfcc3245edccaba1ee0b78d0cc948418d6a6 (patch)
parent7131a48004afab19926474547b50f046d12a4581 (diff)
Prepare 1.10.30dbus-1.10.30
Signed-off-by: Simon McVittie <>
2 files changed, 32 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index f445d060..9b33a786 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,35 @@
-dbus 1.10.30 (UNRELEASED)
+dbus 1.10.x end-of-life plans
+The dbus 1.10.x branch was originally released in 2015. It currently
+receives security-fix releases whenever necessary, but it is planned to
+reach end-of-life status at the end of Debian 9's official security
+support (approximately July 2020). If you are a dbus downstream
+maintainer in a long-lived OS distribution and you want to use the
+upstream dbus-1.10 git branch as a place to share backported security
+fixes with other distributions, please contact the dbus maintainers via
+the dbus-security mailing list on
+dbus 1.10.30 (2020-06-02)
+The “centaur bus” release.
+Denial of service fixes:
+• CVE-2020-12049: If a message contains more file descriptors than can
+ be sent, close those that did get through before reporting error.
+ Previously, a local attacker could cause the system dbus-daemon (or
+ another system service with its own DBusServer) to run out of file
+ descriptors, by repeatedly connecting to the server and sending fds that
+ would get leaked.
+ Thanks to Kevin Backhouse of GitHub Security Lab.
+ (dbus#294, GHSL-2020-057; Simon McVittie)
+Other fixes:
+• Fix a crash when the dbus-daemon is terminated while one or more
+ monitors are active (dbus#291, dbus!140; Simon McVittie)
dbus 1.10.28 (2019-06-11)
diff --git a/ b/
index 0ff4f955..ee3da6a9 100644
--- a/
+++ b/
@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
m4_define([dbus_major_version], [1])
m4_define([dbus_minor_version], [10])
-m4_define([dbus_micro_version], [29])
+m4_define([dbus_micro_version], [30])
@@ -38,7 +38,7 @@ LT_CURRENT=17
## increment any time the source changes; set to
## 0 if you increment CURRENT
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has