diff options
| author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-14 14:50:24 +0100 |
|---|---|---|
| committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-14 14:50:24 +0100 |
| commit | 6986e22be176a981f40c075cbabba32b70daeb3f (patch) | |
| tree | 86fe6d2479291b0777c256ace108c5ebdaf5caf4 | |
| parent | b57223d7014a1d1b70a9ca783d35b03d5f07124f (diff) | |
| download | dbus-6986e22be176a981f40c075cbabba32b70daeb3f.tar.gz | |
1.9.16
| -rw-r--r-- | NEWS | 14 | ||||
| -rw-r--r-- | configure.ac | 6 |
2 files changed, 11 insertions, 9 deletions
@@ -1,4 +1,4 @@ -D-Bus 1.9.16 (UNRELEASED) +D-Bus 1.9.16 (2015-05-14) == Security hardening: @@ -8,11 +8,7 @@ Security hardening: credentials-passing), as was already done for the system bus. This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly - unpredictable pseudo-random numbers; under certain circumstances - (/dev/urandom unreadable or malloc() returns NULL), dbus could - fall back to using rand(), which does not have the desired unpredictability. - The fallback to rand() has not been changed in this stable-branch since - the necessary code changes for correct error-handling are rather intrusive. + unpredictable pseudo-random numbers. If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using @@ -22,6 +18,12 @@ Security hardening: (fd.o #90414, Simon McVittie) +• When asked for random numbers for DBUS_COOKIE_SHA1, the nonce-tcp: + transport, UUIDs or any other reason, fail if we cannot obtain entropy + (from /dev/urandom or CryptGenRandom()) or an out-of-memory condition + occurs, instead of silently falling back to low-entropy pseudorandom + numbers from rand(). (fd.o #90414; Simon McVittie, Ralf Habacker) + Enhancements: • Add dbus_message_iter_get_element_count() diff --git a/configure.ac b/configure.ac index d1d26b8d..ecc89258 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ([2.63]) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [9]) -m4_define([dbus_micro_version], [15]) +m4_define([dbus_micro_version], [16]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus]) @@ -34,7 +34,7 @@ AC_DEFINE_UNQUOTED(DBUS_DAEMON_NAME,"dbus-daemon",[Name of executable]) # ## increment if the interface has additions, changes, removals. -LT_CURRENT=16 +LT_CURRENT=17 ## increment any time the source changes; set to ## 0 if you increment CURRENT @@ -43,7 +43,7 @@ LT_REVISION=0 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has ## precedence over adding, so set to 0 if both happened. -LT_AGE=13 +LT_AGE=14 AC_SUBST(LT_CURRENT) AC_SUBST(LT_REVISION) |