diff options
author | Simon McVittie <smcv@collabora.com> | 2020-07-02 10:25:13 +0100 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2020-07-02 10:25:13 +0100 |
commit | 38fe525fd7b1ba511d270aef5261a3b96db8c099 (patch) | |
tree | c9f1b90dad653c22807ba247dbce65c6bd2672de | |
parent | dc94fe3d31adf72259adc31f343537151a6c0bdd (diff) | |
download | dbus-38fe525fd7b1ba511d270aef5261a3b96db8c099.tar.gz |
Update NEWS
Signed-off-by: Simon McVittie <smcv@collabora.com>
-rw-r--r-- | NEWS | 21 |
1 files changed, 20 insertions, 1 deletions
@@ -13,7 +13,26 @@ the dbus-security mailing list on lists.freedesktop.org. dbus 1.10.32 (UNRELEASED) == -... +The “technically a venom” release. + +Maybe security fixes: + +• On Unix, avoid a use-after-free if two usernames have the same + numeric uid. In older versions this could lead to a crash (denial of + service) or other undefined behaviour, possibly including incorrect + authorization decisions if <policy group=...> is used. + Like Unix filesystems, D-Bus' model of identity cannot distinguish + between users of different names with the same numeric uid, so this + configuration is not advisable on systems where D-Bus will be used. + Thanks to Daniel Onaca. + (dbus#305, dbus!166; Simon McVittie) + +Other fixes: + +• On Solaris and its derivatives, if a cmsg header is truncated, ensure + that we do not overrun the buffer used for fd-passing, even if the + kernel tells us to. + (dbus#304, dbus!165; Andy Fiddaman) dbus 1.10.30 (2020-06-02) == |