pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/sysutils/dbus add a patch from upstream to fix a possi...
details: https://anonhg.NetBSD.org/pkgsrc/rev/176c1eb14614
branches: trunk
changeset: 539263:176c1eb14614
user: drochner <drochner%pkgsrc.org@localhost>
date: Sun Mar 02 13:21:07 2008 +0000
description:
add a patch from upstream to fix a possible security bypass
(CVE-2008-0595), bump PKGREVISION
diffstat:
sysutils/dbus/Makefile | 4 +-
sysutils/dbus/distinfo | 3 +-
sysutils/dbus/patches/patch-ah | 50 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 54 insertions(+), 3 deletions(-)
diffs (82 lines):
diff -r 4a304a01870f -r 176c1eb14614 sysutils/dbus/Makefile
--- a/sysutils/dbus/Makefile Sun Mar 02 13:13:48 2008 +0000
+++ b/sysutils/dbus/Makefile Sun Mar 02 13:21:07 2008 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.26 2008/02/08 23:15:16 bjs Exp $
+# $NetBSD: Makefile,v 1.27 2008/03/02 13:21:07 drochner Exp $
#
DISTNAME= dbus-1.0.2
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= sysutils
MASTER_SITES= http://dbus.freedesktop.org/releases/dbus/
diff -r 4a304a01870f -r 176c1eb14614 sysutils/dbus/distinfo
--- a/sysutils/dbus/distinfo Sun Mar 02 13:13:48 2008 +0000
+++ b/sysutils/dbus/distinfo Sun Mar 02 13:21:07 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.19 2008/02/21 01:42:13 tnn Exp $
+$NetBSD: distinfo,v 1.20 2008/03/02 13:21:07 drochner Exp $
SHA1 (dbus-1.0.2.tar.gz) = 2870efd6ea0b5b0d14e52195f560238a74bb1e0e
RMD160 (dbus-1.0.2.tar.gz) = d5eddfb058c4c026d4a9f091ad90abcc6e54861a
@@ -7,3 +7,4 @@
SHA1 (patch-ab) = 2fce79e3114fa5f345094e61d2513a9eb232c57a
SHA1 (patch-ac) = eae0564535d36cb0082dd2e66d74fea808800d4e
SHA1 (patch-ag) = 469993db97a74da50c61449454c02c8a7c69e7bd
+SHA1 (patch-ah) = db8ce2de1f1f9aa06804eacb9a7f264eb3187f36
diff -r 4a304a01870f -r 176c1eb14614 sysutils/dbus/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/sysutils/dbus/patches/patch-ah Sun Mar 02 13:21:07 2008 +0000
@@ -0,0 +1,50 @@
+$NetBSD: patch-ah,v 1.1 2008/03/02 13:21:07 drochner Exp $
+
+--- bus/policy.c.orig 2006-12-11 20:21:22.000000000 +0100
++++ bus/policy.c
+@@ -931,9 +931,19 @@ bus_client_policy_check_can_send (BusCli
+
+ if (rule->d.send.interface != NULL)
+ {
+- if (dbus_message_get_interface (message) != NULL &&
+- strcmp (dbus_message_get_interface (message),
+- rule->d.send.interface) != 0)
++ /* The interface is optional in messages. For allow rules, if the message
++ * has no interface we want to skip the rule (and thus not allow);
++ * for deny rules, if the message has no interface we want to use the
++ * rule (and thus deny).
++ */
++ dbus_bool_t no_interface;
++
++ no_interface = dbus_message_get_interface (message) == NULL;
++
++ if ((no_interface && rule->allow) ||
++ (!no_interface &&
++ strcmp (dbus_message_get_interface (message),
++ rule->d.send.interface) != 0))
+ {
+ _dbus_verbose (" (policy) skipping rule for different interface\n");
+ continue;
+@@ -1117,9 +1127,19 @@ bus_client_policy_check_can_receive (Bus
+
+ if (rule->d.receive.interface != NULL)
+ {
+- if (dbus_message_get_interface (message) != NULL &&
+- strcmp (dbus_message_get_interface (message),
+- rule->d.receive.interface) != 0)
++ /* The interface is optional in messages. For allow rules, if the message
++ * has no interface we want to skip the rule (and thus not allow);
++ * for deny rules, if the message has no interface we want to use the
++ * rule (and thus deny).
++ */
++ dbus_bool_t no_interface;
++
++ no_interface = dbus_message_get_interface (message) == NULL;
++
++ if ((no_interface && rule->allow) ||
++ (!no_interface &&
++ strcmp (dbus_message_get_interface (message),
++ rule->d.receive.interface) != 0))
+ {
+ _dbus_verbose (" (policy) skipping rule for different interface\n");
+ continue;
Home |
Main Index |
Thread Index |
Old Index