Overview Repositories Revisions Requests Users Attributes Meta

D-Bus Message Bus System

Edit Package dbus-1

D-Bus is a message bus system, a simple way for applications to talk to
one another. D-Bus supplies both a system daemon and a
per-user-login-session daemon. Also, the message bus is built on top of
a general one-to-one message passing framework, which can be used by
any two apps to communicate directly (without going through the message
bus daemon).

  • Developed at Base:System
  • Sources inherited from project openSUSE:Factory
  • 6 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:42:Factory-Candidates-Check/dbus-1 && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
baselibs.conf 0000000173 173 Bytes
dbus-1-devel-doc.changes 0000147968 145 KB
dbus-1-devel-doc.spec 0000005257 5.13 KB
dbus-1-x11.changes 0000148819 145 KB
dbus-1-x11.spec 0000004214 4.12 KB
dbus-1.14.4.tar.xz 0001368196 1.3 MB
dbus-1.14.4.tar.xz.asc 0000000833 833 Bytes
dbus-1.changes 0000150811 147 KB
dbus-1.desktop 0000000131 131 Bytes
dbus-1.keyring 0000009549 9.33 KB
dbus-1.spec 0000010336 10.1 KB
feature-suse-do-autolaunch.patch 0000000928 928 Bytes
feature-suse-log-deny.patch 0000000396 396 Bytes
feature-suse-refuse-manual-start-stop.patch 0000000367 367 Bytes
messagebus.conf 0000000070 70 Bytes
Revision 175 (latest revision is 180)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1031295 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 175) 
- update to 1.14.4 (bsc#1204111, CVE-2022-42010, 
                    bsc#1204112, CVE-2022-42011,
                    bsc#1204113, CVE-2022-42012):
  This is a security update for the dbus 1.14.x stable branch, fixing
  denial-of-service issues (CVE-2022-42010, -42011, -42012) and applying
  security hardening (dbus#416).
  Behaviour changes:
  * On Linux, dbus-daemon and other uses of DBusServer now create a
     path-based Unix socket, unix:path=..., when asked to listen on a
     unix:tmpdir=... address. This makes unix:tmpdir=... equivalent to
     unix:dir=... on all platforms.
     Previous versions would have created an abstract socket, unix:abstract=...,
     in this situation.
     This change primarily affects the well-known session bus when run via
     dbus-launch(1) or dbus-run-session(1). The user bus, enabled by configuring
     dbus with --enable-user-session and running it on a systemd system,
     already used path-based Unix sockets and is unaffected by this change.
     This behaviour change prevents a sandbox escape via the session bus socket
     in sandboxing frameworks that can share the network namespace with the host
     system, such as Flatpak.
     This change might cause a regression in situations where the abstract socket
     is intentionally shared between the host system and a chroot or container,
     such as some use-cases of schroot(1). That regression can be resolved by
     using a bind-mount to share either the D-Bus socket, or the whole /tmp
     directory, with the chroot or container.
     (dbus#416, Simon McVittie)
  * Denial of service fixes:
    - Evgeny Vereshchagin discovered several ways in which an authenticated
      local attacker could cause a crash (denial of service) in
      dbus-daemon --system or a custom DBusServer. In uncommon configurations
Comments 0
openSUSE Build Service is sponsored by
Places