pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/emulators/suse131_libdbus
Module Name: pkgsrc
Committed By: obache
Date: Thu Dec 4 12:18:31 UTC 2014
Modified Files:
pkgsrc/emulators/suse131_libdbus: Makefile distinfo
Log Message:
Bump suse131_libdbus PKGREVISION to 5.
openSUSE Recommended Update: dbus-1
______________________________________________________________________________
Announcement ID: openSUSE-RU-2014:1548-1
Rating: moderate
References:
Affected Products:
openSUSE 13.2
openSUSE 13.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This recommended update for dbus-1 fixes the following issues:
- Update to 1.8.12:
+ Partially revert the CVE-2014-3639 patch by increasing the default
authentication timeout on the system bus from 5 seconds back to 30
seconds, since this has been reported to cause boot regressions for
some users, mostly with parallel boot (systemd) on slower hardware. On
fast systems where local users are considered particularly hostile,
administrators can return to the 5 second timeout (or any other value
in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
<busconfig> <limit name="auth_timeout">5000</limit> </busconfig>
(fdo#86431)
+ Add a message in syslog/the Journal when the auth_timeout is exceeded
(fdo#86431)
+ Send back an AccessDenied error if the addressed recipient is not
allowed to receive a message (and in builds with assertions enabled,
don't assert under the same conditions). (fdo#86194)
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/emulators/suse131_libdbus/Makefile
cvs rdiff -u -r1.5 -r1.6 pkgsrc/emulators/suse131_libdbus/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index