summaryrefslogtreecommitdiff
path: root/NEWS
diff options
context:
space:
mode:
authorSimon McVittie <simon.mcvittie@collabora.co.uk>2011-06-10 18:57:42 +0100
committerSimon McVittie <simon.mcvittie@collabora.co.uk>2011-06-10 18:57:42 +0100
commit6519a1f77c61d753d4c97efd6e15630eb275336e (patch)
tree816d13406ac63588c20a544a5b4615ae091bb9b2 /NEWS
parent4df3e187b482a2bf2230c36c4b1c7bc4d439d51a (diff)
_dbus_header_byteswap: change the first byte of the message, not just the struct member
This has been wrong approximately forever, for instance see: http://lists.freedesktop.org/archives/dbus/2007-March/007357.html Bug: https://bugs.freedesktop.org/show_bug.cgi?id=38120 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629938 Reviewed-by: Will Thompson <will.thompson@collabora.co.uk> Backported: from dbus-1.4, c3223ba6c401ba81df1305851312a47c485e6cd7
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS10
1 files changed, 10 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 3bee8c40..be5c0144 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,13 @@
+D-Bus 1.2.28 (UNRELEASED)
+==
+
+• Byte-swap foreign-endian messages correctly, preventing a long-standing
+ local DoS if foreign-endian messages are relayed through the dbus-daemon
+ (fd.o #38120, Debian #629938, no CVE number yet; Simon McVittie)
+
+• Use AC_TRY_COMPILE in configure to avoid a symlink attack in /tmp
+ during compilation
+
D-Bus 1.2.26 (21 December 2010)
==