D-Bus Message Bus System
D-Bus is a message bus system, a simple way for applications to talk to
one another. D-Bus supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).
- Developed at Base:System
- Sources inherited from project openSUSE:Factory
-
6
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:42:Factory-Candidates-Check/dbus-1 && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
baselibs.conf | 0000000173 173 Bytes | |
dbus-1-devel-doc.changes | 0000147968 145 KB | |
dbus-1-devel-doc.spec | 0000005257 5.13 KB | |
dbus-1-x11.changes | 0000148819 145 KB | |
dbus-1-x11.spec | 0000004214 4.12 KB | |
dbus-1.14.4.tar.xz | 0001368196 1.3 MB | |
dbus-1.14.4.tar.xz.asc | 0000000833 833 Bytes | |
dbus-1.changes | 0000150811 147 KB | |
dbus-1.desktop | 0000000131 131 Bytes | |
dbus-1.keyring | 0000009549 9.33 KB | |
dbus-1.spec | 0000010336 10.1 KB | |
feature-suse-do-autolaunch.patch | 0000000928 928 Bytes | |
feature-suse-log-deny.patch | 0000000396 396 Bytes | |
feature-suse-refuse-manual-start-stop.patch | 0000000367 367 Bytes | |
messagebus.conf | 0000000070 70 Bytes |
Revision 175 (latest revision is 180)
Dominique Leuenberger (dimstar_suse)
accepted
request 1031295
from
Dirk Mueller (dirkmueller)
(revision 175)
- update to 1.14.4 (bsc#1204111, CVE-2022-42010, bsc#1204112, CVE-2022-42011, bsc#1204113, CVE-2022-42012): This is a security update for the dbus 1.14.x stable branch, fixing denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying security hardening (dbus#416). Behaviour changes: * On Linux, dbus-daemon and other uses of DBusServer now create a path-based Unix socket, unix:path=..., when asked to listen on a unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to unix:dir=... on all platforms. Previous versions would have created an abstract socket, unix:abstract=..., in this situation. This change primarily affects the well-known session bus when run via dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring dbus with --enable-user-session and running it on a systemd system, already used path-based Unix sockets and is unaffected by this change. This behaviour change prevents a sandbox escape via the session bus socket in sandboxing frameworks that can share the network namespace with the host system, such as Flatpak. This change might cause a regression in situations where the abstract socket is intentionally shared between the host system and a chroot or container, such as some use-cases of schroot(1). That regression can be resolved by using a bind-mount to share either the D-Bus socket, or the whole /tmp directory, with the chroot or container. (dbus#416, Simon McVittie) * Denial of service fixes: - Evgeny Vereshchagin discovered several ways in which an authenticated local attacker could cause a crash (denial of service) in dbus-daemon --system or a custom DBusServer. In uncommon configurations
Comments 0