diff options
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 22 |
1 files changed, 20 insertions, 2 deletions
@@ -1,7 +1,25 @@ -D-Bus 1.6.28 (UNRELEASED) +D-Bus 1.6.28 (2014-11-24) == -... +Regression fix backported from 1.8.12: + +• Partially revert the CVE-2014-3639 patch by increasing the default + authentication timeout on the system bus from 5 seconds back to 30 + seconds, since this has been reported to cause boot regressions for + some users, mostly with parallel boot (systemd) on slower hardware. + + On fast systems where local users are considered particularly hostile, + administrators can return to the 5 second timeout (or any other value + in milliseconds) by saving this as /etc/dbus-1/system-local.conf: + + <busconfig> + <limit name="auth_timeout">5000</limit> + </busconfig> + + (fd.o #86431, Simon McVittie) + +• Add a message in syslog/the Journal when the auth_timeout is exceeded + (fd.o #86431, Simon McVittie) D-Bus 1.6.26 (2014-11-10) == |