[pkgsrc/trunk]: pkgsrc/sysutils/dbus dbus: update to 1.12.16.

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/e25955bae2d3
branches:  trunk
changeset: 335044:e25955bae2d3
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Tue Jun 11 20:04:23 2019 +0000

description:
dbus: update to 1.12.16.

dbus 1.12.16 (2019-06-11)
=========================

The ?tree cat? release.

Security fixes:

? CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
  authentication for identities that differ from the user running the
  DBusServer. Previously, a local attacker could manipulate symbolic
  links in their own home directory to bypass authentication and connect
  to a DBusServer with elevated privileges. The standard system and
  session dbus-daemons in their default configuration were immune to this
  attack because they did not allow DBUS_COOKIE_SHA1, but third-party
  users of DBusServer such as Upstart could be vulnerable.
  Thanks to Joe Vennix of Apple Information Security.
  (dbus#269, Simon McVittie)

diffstat:

 sysutils/dbus/Makefile |   4 ++--
 sysutils/dbus/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (30 lines):

diff -r c4464eb19882 -r e25955bae2d3 sysutils/dbus/Makefile
--- a/sysutils/dbus/Makefile    Tue Jun 11 17:13:16 2019 +0000
+++ b/sysutils/dbus/Makefile    Tue Jun 11 20:04:23 2019 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.117 2019/05/20 11:45:37 wiz Exp $
+# $NetBSD: Makefile,v 1.118 2019/06/11 20:04:23 wiz Exp $
 
-DISTNAME=      dbus-1.12.14
+DISTNAME=      dbus-1.12.16
 CATEGORIES=    sysutils
 MASTER_SITES=  http://dbus.freedesktop.org/releases/dbus/
 
diff -r c4464eb19882 -r e25955bae2d3 sysutils/dbus/distinfo
--- a/sysutils/dbus/distinfo    Tue Jun 11 17:13:16 2019 +0000
+++ b/sysutils/dbus/distinfo    Tue Jun 11 20:04:23 2019 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.91 2019/05/20 11:45:37 wiz Exp $
+$NetBSD: distinfo,v 1.92 2019/06/11 20:04:23 wiz Exp $
 
-SHA1 (dbus-1.12.14.tar.gz) = 2b467bf0fcaed883343e291f4a4e7f8c2ff5e0ef
-RMD160 (dbus-1.12.14.tar.gz) = cee108fa927e7230e86218eaa3f4d249332d1826
-SHA512 (dbus-1.12.14.tar.gz) = b5707a9b429683995a44ba1c61acd402f8c3f2bd867fffc46506583c67dac864c262ce3e7310f653cf3a78fa1a9cae7326a62d244a2b515f613bad274d1826c6
-Size (dbus-1.12.14.tar.gz) = 2091526 bytes
+SHA1 (dbus-1.12.16.tar.gz) = 06e3412a7d9c7e345bfcfb027016c634e20f7ece
+RMD160 (dbus-1.12.16.tar.gz) = fb9c2f01d3068600cb43eae05ccd687878a31e4f
+SHA512 (dbus-1.12.16.tar.gz) = 27ae805170e9515a8bb0fba5f29d414edc70e3b6b28b7b65bbea47035b8eafa9ac4820cdc92645be6035f6748f8aa45679e1ffc84ba74a64859a3056d318b9bb
+Size (dbus-1.12.16.tar.gz) = 2093296 bytes
 SHA1 (patch-ak) = 4535584537a22a2e42824fe45e2d75253b484147
 SHA1 (patch-al) = ffaa8f224c3dd6a97ffa42fe2e9ca924160fa68c
 SHA1 (patch-am) = ed334bc76911c9db9f5472c58fb762c56255c5b4