summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimon McVittie <simon.mcvittie@collabora.co.uk>2014-09-15 12:43:04 +0100
committerSimon McVittie <simon.mcvittie@collabora.co.uk>2014-09-15 12:43:04 +0100
commit28cba657857141962278eef619cbd1d629c18208 (patch)
tree845930d1fee3574afcca7037b93fd1fdd81a1c74
parentee11ec12566afda5dee8a3a834274421a20661de (diff)
downloaddbus-28cba657857141962278eef619cbd1d629c18208.tar.gz
Prepare 1.8.8 (embargoed until tomorrow)dbus-1.8.8
-rw-r--r--NEWS42
-rw-r--r--configure.ac4
2 files changed, 42 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index bfab7cbc..b10ab4f7 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,45 @@
-D-Bus 1.8.8 (UNRELEASED)
+D-Bus 1.8.8 (2014-09-16)
==
-Fixes:
+The "smashy smashy egg man" release.
+
+Security fixes:
+
+• Do not accept an extra fd in the padding of a cmsg message, which
+ could lead to a 4-byte heap buffer overrun.
+ (CVE-2014-3635, fd.o #83622; Simon McVittie)
+
+• Reduce default for maximum Unix file descriptors passed per message
+ from 1024 to 16, preventing a uid with the default maximum number of
+ connections from exhausting the system bus' file descriptors under
+ Linux's default rlimit. Distributors or system administrators with a
+ more restrictive fd limit may wish to reduce these limits further.
+
+ Additionally, on Linux this prevents a second denial of service
+ in which the dbus-daemon can be made to exceed the maximum number
+ of fds per sendmsg() and disconnect the process that would have
+ received them.
+ (CVE-2014-3636, fd.o #82820; Alban Crequy)
+
+• Disconnect connections that still have a fd pending unmarshalling after
+ a new configurable limit, pending_fd_timeout (defaulting to 150 seconds),
+ removing the possibility of creating an abusive connection that cannot be
+ disconnected by setting up a circular reference to a connection's
+ file descriptor.
+ (CVE-2014-3637, fd.o #80559; Alban Crequy)
+
+• Reduce default for maximum pending replies per connection from 8192 to 128,
+ mitigating an algorithmic complexity denial-of-service attack
+ (CVE-2014-3638, fd.o #81053; Alban Crequy)
+
+• Reduce default for authentication timeout on the system bus from
+ 30 seconds to 5 seconds, avoiding denial of service by using up
+ all unauthenticated connection slots; and when all unauthenticated
+ connection slots are used up, make new connection attempts block
+ instead of disconnecting them.
+ (CVE-2014-3639, fd.o #80919; Alban Crequy)
+
+Other fixes:
• Check for libsystemd from systemd >= 209, falling back to
the older separate libraries if not found (Umut Tezduyar Lindskog,
diff --git a/configure.ac b/configure.ac
index 8a530b29..2d4624c7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
m4_define([dbus_major_version], [1])
m4_define([dbus_minor_version], [8])
-m4_define([dbus_micro_version], [7])
+m4_define([dbus_micro_version], [8])
m4_define([dbus_version],
[dbus_major_version.dbus_minor_version.dbus_micro_version])
AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])
@@ -37,7 +37,7 @@ LT_CURRENT=11
## increment any time the source changes; set to
## 0 if you increment CURRENT
-LT_REVISION=6
+LT_REVISION=7
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has