Mon Jan 5 23:25:20 2015 UTC ()
Update to 1.8.14:

D-Bus 1.8.14 (2015-01-05)
==

The “40lb of roofing nails” release.

Security hardening:

• Do not allow calls to UpdateActivationEnvironment from uids other than
  the uid of the dbus-daemon. If a system service installs unsafe
  security policy rules that allow arbitrary method calls
  (such as CVE-2014-8148) then this prevents memory consumption and
  possible privilege escalation via UpdateActivationEnvironment.

  We believe that in practice, privilege escalation here is avoided
  by dbus-daemon-launch-helper sanitizing its environment; but
  it seems better to be safe.

• Do not allow calls to UpdateActivationEnvironment or the Stats interface
  on object paths other than /org/freedesktop/DBus. Some system services
  install unsafe security policy rules that allow arbitrary method calls
  to any destination, method and interface with a specified object path;
  while less bad than allowing arbitrary method calls, these security
  policies are still harmful, since dbus-daemon normally offers the
  same API on all object paths and other system services might behave
  similarly.

Other fixes:

• Add missing initialization so GetExtendedTcpTable doesn't crash on
  Windows Vista SP0 (fd.o #77008, Илья А. Ткаченко)


(wiz)
diff -r1.76 -r1.77 pkgsrc/sysutils/dbus/Makefile
diff -r1.61 -r1.62 pkgsrc/sysutils/dbus/distinfo
cvs diff -r1.76 -r1.77 pkgsrc/sysutils/dbus/Makefile (switch to unified diff)

--- pkgsrc/sysutils/dbus/Makefile 2014/12/01 10:59:40 1.76
+++ pkgsrc/sysutils/dbus/Makefile 2015/01/05 23:25:20 1.77
@@ -1,114 +1,114 @@ @@ -1,114 +1,114 @@
1# $NetBSD: Makefile,v 1.76 2014/12/01 10:59:40 wiz Exp $ 1# $NetBSD: Makefile,v 1.77 2015/01/05 23:25:20 wiz Exp $
2 2
3DISTNAME= dbus-1.8.12 3DISTNAME= dbus-1.8.14
4CATEGORIES= sysutils 4CATEGORIES= sysutils
5MASTER_SITES= http://dbus.freedesktop.org/releases/dbus/ 5MASTER_SITES= http://dbus.freedesktop.org/releases/dbus/
6 6
7MAINTAINER= pkgsrc-users@NetBSD.org 7MAINTAINER= pkgsrc-users@NetBSD.org
8HOMEPAGE= http://www.freedesktop.org/Software/dbus 8HOMEPAGE= http://www.freedesktop.org/Software/dbus
9COMMENT= Message bus system 9COMMENT= Message bus system
10LICENSE= gnu-gpl-v2 10LICENSE= gnu-gpl-v2
11 11
12CONFLICTS+= dbus-glib<0.71 12CONFLICTS+= dbus-glib<0.71
13CONFLICTS+= py26-dbus<0.71 13CONFLICTS+= py26-dbus<0.71
14CONFLICTS+= py27-dbus<0.71 14CONFLICTS+= py27-dbus<0.71
15 15
16GNU_CONFIGURE= YES 16GNU_CONFIGURE= YES
17USE_TOOLS+= gmake msgfmt pkg-config 17USE_TOOLS+= gmake msgfmt pkg-config
18USE_LIBTOOL= YES 18USE_LIBTOOL= YES
19 19
20PKGCONFIG_OVERRIDE= dbus-1.pc.in 20PKGCONFIG_OVERRIDE= dbus-1.pc.in
21 21
22BUILD_DEFS+= VARBASE 22BUILD_DEFS+= VARBASE
23 23
24OWN_DIRS_PERMS+= ${VARBASE}/db/dbus ${DBUS_USER} ${DBUS_GROUP} 0755 24OWN_DIRS_PERMS+= ${VARBASE}/db/dbus ${DBUS_USER} ${DBUS_GROUP} 0755
25SPECIAL_PERMS+= libexec/dbus-daemon-launch-helper ${REAL_ROOT_USER} ${DBUS_GROUP} 4511 25SPECIAL_PERMS+= libexec/dbus-daemon-launch-helper ${REAL_ROOT_USER} ${DBUS_GROUP} 4511
26 26
27SMF_METHODS= dbus 27SMF_METHODS= dbus
28SMF_NAME= dbus 28SMF_NAME= dbus
29 29
30.include "../../mk/bsd.prefs.mk" 30.include "../../mk/bsd.prefs.mk"
31 31
32CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q} 32CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q}
33CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q} 33CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR:Q}
34 34
35CONFIGURE_ARGS_GROUPS= enable disable with without 35CONFIGURE_ARGS_GROUPS= enable disable with without
36 36
37.if ${OPSYS} == "Darwin" 37.if ${OPSYS} == "Darwin"
38CONFIGURE_ARGS+= --with-session-socket-dir=/tmp 38CONFIGURE_ARGS+= --with-session-socket-dir=/tmp
39.endif 39.endif
40 40
41CONFIGURE_ARGS.Linux= abstract-sockets selinux 41CONFIGURE_ARGS.Linux= abstract-sockets selinux
42CONFIGURE_ARGS.docs= doxygen-docs xml-docs 42CONFIGURE_ARGS.docs= doxygen-docs xml-docs
43 43
44CONFIGURE_ARGS.without+= init-scripts 44CONFIGURE_ARGS.without+= init-scripts
45CONFIGURE_ARGS.disable= ansi 45CONFIGURE_ARGS.disable= ansi
46CONFIGURE_ARGS.disable+= console-owner-file 46CONFIGURE_ARGS.disable+= console-owner-file
47CONFIGURE_ARGS.disable+= ${CONFIGURE_ARGS.docs} 47CONFIGURE_ARGS.disable+= ${CONFIGURE_ARGS.docs}
48CONFIGURE_ARGS.enable= checks static 48CONFIGURE_ARGS.enable= checks static
49### 49###
50### XXX the spawn test hangs, and some of these tests may be bogus 50### XXX the spawn test hangs, and some of these tests may be bogus
51### 51###
52#.if !empty(PKGSRC_RUN_TEST:M[Yy][Ee][Ss]) 52#.if !empty(PKGSRC_RUN_TEST:M[Yy][Ee][Ss])
53#PKG_OPTIONS.dbus+= debug 53#PKG_OPTIONS.dbus+= debug
54#TEST_TARGET= check 54#TEST_TARGET= check
55#.endif 55#.endif
56 56
57CONFIGURE_ARGS.with= dbus-user=${DBUS_USER} 57CONFIGURE_ARGS.with= dbus-user=${DBUS_USER}
58CONFIGURE_ARGS.with+= test-socket-dir=${WRKDIR:Q} 58CONFIGURE_ARGS.with+= test-socket-dir=${WRKDIR:Q}
59 59
60PTHREAD_AUTO_VARS= yes 60PTHREAD_AUTO_VARS= yes
61 61
62.if ${OPSYS} == "Linux" 62.if ${OPSYS} == "Linux"
63PLIST.linux= yes 63PLIST.linux= yes
64.else 64.else
65CONFIGURE_ARGS.disable+=\ 65CONFIGURE_ARGS.disable+=\
66 ${CONFIGURE_ARGS.Linux} 66 ${CONFIGURE_ARGS.Linux}
67.endif 67.endif
68 68
69PLIST_VARS+= linux 69PLIST_VARS+= linux
70 70
71CONFIGURE_ARGS+=\ 71CONFIGURE_ARGS+=\
72 ${CONFIGURE_ARGS_GROUPS:@.g.@ \ 72 ${CONFIGURE_ARGS_GROUPS:@.g.@ \
73 ${CONFIGURE_ARGS.${.g.}:@.a.@ \ 73 ${CONFIGURE_ARGS.${.g.}:@.a.@ \
74 --${.g.}-${.a.} \ 74 --${.g.}-${.a.} \
75 @} \ 75 @} \
76 @:M*} 76 @:M*}
77 77
78MAKE_DIRS= ${PKG_SYSCONFDIR}/dbus-1/event.d 78MAKE_DIRS= ${PKG_SYSCONFDIR}/dbus-1/event.d
79MAKE_DIRS+= ${PKG_SYSCONFDIR}/dbus-1/system.d 79MAKE_DIRS+= ${PKG_SYSCONFDIR}/dbus-1/system.d
80MAKE_DIRS+= ${PKG_SYSCONFDIR}/dbus-1/session.d 80MAKE_DIRS+= ${PKG_SYSCONFDIR}/dbus-1/session.d
81 81
82EGDIR= ${PREFIX}/share/examples/dbus 82EGDIR= ${PREFIX}/share/examples/dbus
83CONF_FILES= ${EGDIR}/session.conf ${PKG_SYSCONFDIR}/dbus-1/session.conf 83CONF_FILES= ${EGDIR}/session.conf ${PKG_SYSCONFDIR}/dbus-1/session.conf
84CONF_FILES+= ${EGDIR}/system.conf ${PKG_SYSCONFDIR}/dbus-1/system.conf 84CONF_FILES+= ${EGDIR}/system.conf ${PKG_SYSCONFDIR}/dbus-1/system.conf
85 85
86RCD_SCRIPTS= dbus 86RCD_SCRIPTS= dbus
87 87
88PKG_GROUPS_VARS+= DBUS_GROUP 88PKG_GROUPS_VARS+= DBUS_GROUP
89PKG_USERS_VARS+= DBUS_USER 89PKG_USERS_VARS+= DBUS_USER
90 90
91PKG_GROUPS= ${DBUS_GROUP} 91PKG_GROUPS= ${DBUS_GROUP}
92PKG_USERS= ${DBUS_USER}:${DBUS_GROUP} 92PKG_USERS= ${DBUS_USER}:${DBUS_GROUP}
93PKG_GECOS.${DBUS_USER}= System message bus 93PKG_GECOS.${DBUS_USER}= System message bus
94PKG_HOME.${DBUS_USER}= ${VARBASE}/run/dbus 94PKG_HOME.${DBUS_USER}= ${VARBASE}/run/dbus
95 95
96FILES_SUBST+= DBUS_USER=${DBUS_USER} 96FILES_SUBST+= DBUS_USER=${DBUS_USER}
97FILES_SUBST+= DBUS_GROUP=${DBUS_GROUP} 97FILES_SUBST+= DBUS_GROUP=${DBUS_GROUP}
98 98
99BUILDLINK_TRANSFORM+= rm:-Wl,--gc-sections 99BUILDLINK_TRANSFORM+= rm:-Wl,--gc-sections
100# Package tries to use these if gcc accepts them, but that doesn't 100# Package tries to use these if gcc accepts them, but that doesn't
101# mean that we universally can *run* the executables 101# mean that we universally can *run* the executables
102BUILDLINK_TRANSFORM+= rm:-fPIE 102BUILDLINK_TRANSFORM+= rm:-fPIE
103BUILDLINK_TRANSFORM+= rm:-pie 103BUILDLINK_TRANSFORM+= rm:-pie
104 104
105.if ${OPSYS} == "OpenBSD" 105.if ${OPSYS} == "OpenBSD"
106BUILDLINK_TRANSFORM+= rm:-lrt 106BUILDLINK_TRANSFORM+= rm:-lrt
107.endif 107.endif
108 108
109.include "options.mk" 109.include "options.mk"
110 110
111.include "../../mk/pthread.buildlink3.mk" 111.include "../../mk/pthread.buildlink3.mk"
112.include "../../devel/gettext-lib/buildlink3.mk" 112.include "../../devel/gettext-lib/buildlink3.mk"
113.include "../../textproc/expat/buildlink3.mk" 113.include "../../textproc/expat/buildlink3.mk"
114.include "../../mk/bsd.pkg.mk" 114.include "../../mk/bsd.pkg.mk"
cvs diff -r1.61 -r1.62 pkgsrc/sysutils/dbus/distinfo (switch to unified diff)

--- pkgsrc/sysutils/dbus/distinfo 2014/12/01 10:59:40 1.61
+++ pkgsrc/sysutils/dbus/distinfo 2015/01/05 23:25:20 1.62
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1$NetBSD: distinfo,v 1.61 2014/12/01 10:59:40 wiz Exp $ 1$NetBSD: distinfo,v 1.62 2015/01/05 23:25:20 wiz Exp $
2 2
3SHA1 (dbus-1.8.12.tar.gz) = 9dc3003a53892b41eb61ade20051aba57be1b4b1 3SHA1 (dbus-1.8.14.tar.gz) = d0b84d6d7af47b8cad7f55befee8e9001daefe01
4RMD160 (dbus-1.8.12.tar.gz) = 21c658eef3d9505389771474f71f6dd3655ee27c 4RMD160 (dbus-1.8.14.tar.gz) = 3ffea8e91e91b8cd6c31a89fd4786fa99288eabd
5Size (dbus-1.8.12.tar.gz) = 1864609 bytes 5Size (dbus-1.8.14.tar.gz) = 1866141 bytes
6SHA1 (patch-aa) = 0c3d145979e3b2358261c9f7f34701d02eb6ecd4 6SHA1 (patch-aa) = 0c3d145979e3b2358261c9f7f34701d02eb6ecd4
7SHA1 (patch-ak) = 6d05ebde29acb3f6cb6f577dd2f2b734f590e8dd 7SHA1 (patch-ak) = 6d05ebde29acb3f6cb6f577dd2f2b734f590e8dd
8SHA1 (patch-al) = 57d08196e9daf49eb6bda2b30f019ce2cad77c6f 8SHA1 (patch-al) = 57d08196e9daf49eb6bda2b30f019ce2cad77c6f
9SHA1 (patch-am) = 8c794ff8b0981e90243ee20c26ae1ecc72e68de8 9SHA1 (patch-am) = 8c794ff8b0981e90243ee20c26ae1ecc72e68de8
10SHA1 (patch-ba) = f9126faf18cd19e897865748ebea1011fe516225 10SHA1 (patch-ba) = f9126faf18cd19e897865748ebea1011fe516225
11SHA1 (patch-bus_dir-watch-kqueue.c) = 86a1f0f78b4d16d8ab29d351057885d8001dd39c 11SHA1 (patch-bus_dir-watch-kqueue.c) = 86a1f0f78b4d16d8ab29d351057885d8001dd39c
12SHA1 (patch-configure) = 08fb6cc6e9bc9f23825a6a0f2b8b241169d1cda7 12SHA1 (patch-configure) = 08fb6cc6e9bc9f23825a6a0f2b8b241169d1cda7
13SHA1 (patch-dbus_dbus-sysdeps-unix.c) = 043e7bf03686f51faf763f87f43e00308b29571e 13SHA1 (patch-dbus_dbus-sysdeps-unix.c) = 043e7bf03686f51faf763f87f43e00308b29571e
14SHA1 (patch-dbus_dbus-sysdeps-util-unix.c) = 9c967cdac585220a3e65443dc9642e7d4478567c 14SHA1 (patch-dbus_dbus-sysdeps-util-unix.c) = 9c967cdac585220a3e65443dc9642e7d4478567c