Merge branch 'dbus-1.8'

Conflicts: NEWS configure.ac
author: Simon McVittie <simon.mcvittie@collabora.co.uk> 2014-11-06 20:59:57 +0000
committer: Simon McVittie <simon.mcvittie@collabora.co.uk> 2014-11-06 20:59:57 +0000
commit: 51a609c8ba56b77aac23a2aa4be367a37adfda13 (patch)
tree: 6c89955fef7a75e571a43d5cb6ec055ec9cdfe55 /NEWS
parent: cec244b5961e64e85d2f59fde40ecb1a4e9c93cc (diff)
parent: fc50a44527cf083da913533360ce4644cd69b243 (diff)
download: dbus-51a609c8ba56b77aac23a2aa4be367a37adfda13.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 8133c47d..299f7503 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,13 @@ D-Bus 1.9.2 (UNRELEASED)
 
 The “structurally unsound flapjack” release.
 
+Security fixes:
+
+• Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536
+  so that CVE-2014-3636 part A cannot exhaust the system bus'
+  file descriptors, completing the incomplete fix in 1.8.8.
+  (CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy)
+
 Enhancements:
 
 • D-Bus Specification version 0.25
author	Simon McVittie <simon.mcvittie@collabora.co.uk>	2014-11-06 20:59:57 +0000
committer	Simon McVittie <simon.mcvittie@collabora.co.uk>	2014-11-06 20:59:57 +0000
commit	51a609c8ba56b77aac23a2aa4be367a37adfda13 (patch)
tree	6c89955fef7a75e571a43d5cb6ec055ec9cdfe55 /NEWS
parent	cec244b5961e64e85d2f59fde40ecb1a4e9c93cc (diff)
parent	fc50a44527cf083da913533360ce4644cd69b243 (diff)
download	dbus-51a609c8ba56b77aac23a2aa4be367a37adfda13.tar.gz