• Remove some unused files from the git repository
(fd.o #103420, Simon McVittie)
-
-D-Bus 1.11.22 (2017-10-23)
-==========================
-
-The “fire surface” release.
-
-This is the first release-candidate for the 1.12.0 stable release.
-
-Build-time configuration changes:
-
-• When building for Windows with Autotools, setting the WINDRES variable
- no longer works to select a non-standard resource compiler. Use
- libtool's standard RC variable instead, for example
- "./configure RC=i686-w64-mingw32-windres"
-
-Dependencies:
-
-• Builds done using CMake now require CMake 3.0.2.
-
-Enhancements:
-
-• When building for Windows, improve quality of metadata in
- libdbus-1-3.dll (fd.o #103015, Ralf Habacker)
-
-Fixes:
-
-• Fix a typo "uint 16" in dbus-send(1) man page
- (fd.o #103075, David King)
-
-• When building for Windows, libdbus-1-3.dll always includes version
- information. Previously, this was missing if using CMake and any
- non-MSVC compiler. (fd.o #103015, Ralf Habacker)
-
-• Fix the build with MSVC, which regressed with the #102558 fix in
- 1.11.20. (fd.o #102558, Ralf Habacker)
-
-Internal changes:
-
-• Simplify Windows resource embedding
- (fd.o #103015, Simon McVittie)
-
-D-Bus 1.11.20 (2017-10-03)
-==
-
-The “wraith stun” release.
-
-Build-time configuration changes:
-
-• The --enable-abstract-sockets and --disable-abstract-sockets options
- no longer exist. Support for Linux's abstract AF_UNIX sockets is now
- unconditionally enabled on Linux and disabled everywhere else.
- (fd.o #34905, Simon McVittie)
-
-Enhancements:
-
-• Make slower tests less likely to time out, and improve diagnostics if
- tests do time out (fd.o #103009, Simon McVittie)
-
-• On Windows, don't compile an unused stub implementation of
- _dbus_set_signal_handler() (fd.o #103010, Simon McVittie)
-
-Fixes:
-
-• Be more careful to save and restore errno in POSIX async signal
- handlers (fd.o #103010, Simon McVittie)
-
-• On Windows, embed a manifest in dbus-update-activation-environment.exe
- so that the heuristics used for UAC do not assume it needs elevated
- privileges due to its name containing "update"
- (fd.o #102558, Ralf Habacker)
-
-• On Windows with Automake, embed version information in libdbus-1,
- as was meant to happen in all versions since 2009
- (fd.o #103015, Simon McVittie)
-
-D-Bus 1.11.18 (2017-09-25)
-==
-
-The “vampire conquistador” release.
-
-Build-time configuration changes:
-
-• By default, dbus-daemon on Unix no longer checks for flag files
- /var/run/console/${username} created by the obsolete pam_console and
- pam_foreground PAM modules when deciding whether ${username} is
- currently at the console. The old default behaviour can be restored
- by specifying --with-console-auth-dir=/var/run/console in the
- recommended Autotools build system, or
- -DDBUS_CONSOLE_AUTH_DIR=/var/run/console in CMake. This feature is
- now deprecated, and will be removed in dbus 1.13 unless feedback via
- fd.o #101629 indicates that this would be problematic.
- (fd.o #101629, Simon McVittie)
-
-• LSB-style init scripts for Red Hat and Slackware, and a non-LSB init
- script for Cygwin, are no longer provided in the upstream dbus
- source. We recommend that distributors who support non-systemd service
- management should maintain their own init scripts or other service
- manager integration as part of their downstream packaging, similar to
- the way Debian distributes a Debian-specific LSB init script for dbus.
-
- The systemd unit continues to be maintained as part of the upstream
- dbus source, because it receives regular testing and maintenance.
-
- (fd.o #101706, Simon McVittie)
-
-• The process ID file created by the system bus is no longer influenced
- by the --with-init-scripts=redhat configure option or the presence of
- /etc/redhat-release at build time. If your OS's init script or other
- service management relies on the Red Hat-style pid file, it can be
- restored by specifying --with-system-pid-file=/run/messagebus.pid at
- configure time or using the <pidfile> directive in bus configuration.
-
- Note that the upstream-supplied systemd unit runs dbus-daemon with
- the --nopidfile option, so it does not normally write a pid file,
- regardless of whether the OS is Red-Hat-derived or not.
-
- (fd.o #101706, Simon McVittie)
-
-Enhancements:
-
-• <allow> and <deny> rules in dbus-daemon configuration can now
- include send_broadcast="true" or send_broadcast="false", which make
- the rule only match broadcast signals, or only match messages that
- are not broadcast signals, respectively.
- (fd.o #29853, Simon McVittie)
-
-• <allow> and <deny> rules can now be configured to apply only to
- messages with or without Unix file descriptors attached. This would
- typically be used in rules like these:
- <allow send_destination="..." max_unix_fds="0"/>
- <deny send_destination="..." min_unix_fds="1"/>
- <deny receive_sender="..." min_unix_fds="1"/>
- but can also be used to set a nonzero upper limit on the number of
- file descriptors:
- <allow send_destination="..." max_unix_fds="4"/>
- (fd.o #101848, Simon McVittie)
-
-• On Unix platforms, the DBUS_COOKIE_SHA1 authentication mechanism
- now respects the HOME environment variable on the client side, and
- on the server side when the uid attempting to connect is the same
- as the uid of the server. This allows the automated tests to pass in
- environments where the user's "official" home directory in /etc/passwd
- is nonexistent, such as Debian autobuilders.
- (fd.o #101960, Simon McVittie)
-
-Fixes:
-
-• When parsing dbus-daemon configuration, tell Expat not to use
- cryptographic-quality entropy as a salt for its hash tables: we trust
- the configuration files, so we are not concerned about algorithmic
- complexity attacks via hash table collisions. This prevents
- dbus-daemon --system from holding up the boot process (and causing
- early-boot system services like systemd, logind, networkd to time
- out) on entropy-starved embedded systems.
- (fd.o #101858, Simon McVittie)
-
-• Avoid a -Werror=declaration-after-statement build failure on Solaris
- (fd.o #102145, Alan Coopersmith)
-
-• On Unix platform, drop DBUS_SYSTEM_LOG_INFO messages from LOG_NOTICE
- to LOG_INFO, matching how we use this log level in practice
- (fd.o #102686, Simon McVittie)
-
-D-Bus 1.11.16 (2017-07-27)
-==
-
-The “south facing garden” release.
-
-Build-time configuration changes:
-
-• The Autotools build system now supports varying ${runstatedir}
- independently of ${localstatedir}, if using an Autoconf version
- that has that feature; version 2.70 will eventually have this, but
- many Linux distributions add it to version 2.69 as a patch.
- A typical use is to set prefix=/usr, sysconfdir=/etc, localstatedir=/var
- and runstatedir=/run. (fd.o #101569, Simon McVittie)
-
-Enhancements:
-
-• New APIs DBUS_MESSAGE_ITER_INIT_CLOSED, dbus_message_iter_init_closed()
- and dbus_message_iter_abandon_container_if_open() simplify the
- single-exit-point ("goto out") style of resource cleanup. The API
- documentation around DBusMessageIter and containers has also been
- clarified. (fd.o #101568, Simon McVittie)
-
-Fixes:
-
-• Fix the implementation of re-enabling a timeout (again) so that its
- countdown is always restarted as intended. (fd.o #95619,
- Michal Koutný)
-
-• Make the dbus-daemon's Properties interface, as introduced in 1.11.14,
- available to all users on the system bus (fd.o #101700, Simon McVittie)
-
-• dbus_message_iter_append_basic() no longer leaks memory if it fails to
- append a file descriptor to a message. (fd.o #101568, Simon McVittie)
-
-• dbus_message_iter_open_container() no longer leaks memory if it runs out
- of memory. (fd.o #101568, Simon McVittie)
-
-• dbus_message_append_args_valist() no longer leaks memory if given an
- unsupported type. This situation is still considered to be a programming
- error which needs to be corrected by the user of libdbus.
- (fd.o #101568, Simon McVittie)
-
-• dbus_message_iter_append_basic() and dbus_message_iter_open_container()
- will no longer report that their arguments were invalid if they run out
- of memory at exactly the wrong time. (fd.o #101568, Simon McVittie)
-
-• Ensure that tests fail if they would otherwise have tried to connect to
- the real session bus (fd.o #101698, Simon McVittie)
-
-• Make build-time tests cope with finding Python 3, but not Python 2
- (fd.o #101716, Simon McVittie)
-
-Internal changes relevant to dbus developers:
-
-• DBusVariant is a new mechanism to copy single values from a message into
- a buffer without copying the entire message (fd.o #101568, Simon McVittie)
-
-• DBUS_SYSTEM_LOG_FATAL has been replaced by DBUS_SYSTEM_LOG_ERROR.
- Logging an ERROR message does not make the process exit; the caller
- is responsible for calling abort() or exit(), whichever is more appropriate.
- (fd.o #101568, Simon McVittie)
-
-• Better test coverage (fd.o #101568, Simon McVittie)
-
-D-Bus 1.11.14 (2017-06-29)
-==
-
-The “irrational fear of bees” release.
-
-Dependencies:
-
-• Expat >= 2.1.0 is always required
-• libselinux >= 2.0.86 is required if SELinux support is enabled
-• GLib >= 2.40 is required if full test coverage is enabled
-
-Build-time configuration changes:
-
-• We now use pkg-config to find libexpat in Autotools builds. This requires
- Expat 2.1.0 (March 2012) or later. In particular, this should remove the
- need to configure with LDFLAGS=-L/usr/local/lib on OpenBSD, which can
- itself cause compilation failures.
-
- As with all pkg-config-based configure checks, you can use
- PKG_CONFIG_PATH=/whatever/lib/pkgconfig to find expat.pc in a
- non-standard prefix, or EXPAT_CFLAGS="-I/whatever/include" and
- EXPAT_LIBS="-L/whatever/lib -lexpat" to avoid needing a .pc file
- at all.
-
- (fd.o #69801, Simon McVittie)
-
-• Similarly, we now use pkg-config to find libselinux. Version 2.0.86
- is required due to the removal of explicit refcounting for SIDs.
- (fd.o #100912, Laurent Bigonville)
-
-Behaviour changes:
-
-• Previously, /etc/machine-id could be copied to /var/lib/dbus/machine-id
- as a side-effect of a sufficiently privileged process merely reading the
- machine ID. It is no longer copied as a side-effect of reading.
- Running dbus-uuidgen --ensure, which should be done after installing dbus,
- continues to copy /etc/machine-id to /var/lib/dbus/machine-id if the
- former exists and the latter does not.
- (fd.o #101257, Simon McVittie)
-
-• The undocumented Verbose interface, and the GetAllMatchRules method on
- the undocumented Stats interface, must now be used via the object path
- /org/freedesktop/DBus. Previously, they existed on all object paths.
- (fd.o #101257, Simon McVittie)
-
-• AddMatch() with a match rule containing eavesdrop='true' will now fail
- unless called by either the same user as the dbus-daemon, or Unix uid 0
- (root), matching the restrictions applied to the newer BecomeMonitor()
- method. On the session bus this has no practical effect. On the system
- bus this will prevent certain configurations that already did not
- work well in practice. (fd.o #101567, Simon McVittie)
-
-Enhancements:
-
-• D-Bus Specification version 0.31
- · Don't require implementation-specific search paths to be lowest
- priority
- · Correct regex syntax for optionally-escaped bytes in addresses so it
- includes hyphen-minus, forward slash and underscore as intended
- · Describe all message bus methods in the same section
- · Clarify the correct object path for method calls to the message bus
- (/org/freedesktop/DBus, DBUS_PATH_DBUS in the reference implementation)
- · Document that the message bus implements Introspectable, Peer and
- Properties
- · Add new Features and Interfaces properties for message bus
- feature-discovery
- · Add unix:dir=..., which resembles unix:tmpdir=... but never uses
- abstract sockets
- · Don't require eavesdrop='true' to be accepted from connections not
- sufficiently privileged to use it successfully
- · Formally deprecate eavesdropping in favour of BecomeMonitor
- (fd.o #99825, #100686, #100795, #101256, #101257, #101567;
- Simon McVittie, Tom Gundersen)
-
-• Implement the Properties and Peer interfaces in dbus-daemon
- (fd.o #101257, Simon McVittie)
-
-• New function dbus_try_get_local_machine_id() is like
- dbus_get_local_machine_id(), but returning a DBusError. Other code
- that needs the machine ID will now report a recoverable error (instead
- of logging to stderr and aborting) if no machine ID is available.
- Generating a machine ID is still considered to be a required part of
- installing dbus correctly. (fd.o #13194, Simon McVittie)
-
-• Implement GetConnectionSELinuxSecurityContext("org.freedesktop.DBus")
- (fd.o #101315, Laurent Bigonville)
-
-• Avoid deprecated API calls when using SELinux
- (fd.o #100912, Laurent Bigonville)
-
-• Switch a test from the deprecated g_test_trap_fork() to
- g_test_trap_subprocess(), for Windows support and better robustness
- on Unix (fd.o #101362, Simon McVittie)
-
-• On systemd systems, if ${localstatedir}/lib/dbus/machine-id doesn't exist,
- instruct systemd-tmpfiles to make it a symbolic link to /etc/machine-id.
- This prevents the two files from going out of sync on stateless or live
- images without needing to run dbus-uuidgen, and supports older D-Bus
- implementations that do not necessarily read /etc/machine-id themselves.
- (fd.o #101570, Simon McVittie)
-
-• Implement unix:dir=..., which resembles unix:tmpdir=... but never uses
- abstract sockets. This is preferable when used with Linux containers.
- (fd.o #101567, Simon McVittie)
-
-Fixes:
-
-• Fix a reference leak when blocking on a pending call on a connection
- that has been disconnected (fd.o #101481, Shin-ichi MORITA)
-
-• Don't put timestamps in the Doxygen-generated documentation,
- or hard-code the build directory into builds with embedded tests,
- for reproducible builds (fd.o #100692, Simon McVittie)
-
-• Fix some integration test issues (fd.o #100686, Simon McVittie)
-
-• Fix memory leaks in the tests (fd.o #101257, Simon McVittie)
-
-• If we somehow get an autolaunch address with multiple semicolon-separated
- components, and they don't work, don't invalidly "pile up" errors
- (fd.o #101257, Simon McVittie)
-
-Documentation:
-
-• Update git URIs in HACKING document to sync up with cgit.freedesktop.org
- (fd.o #100715, Simon McVittie)
-
-D-Bus 1.11.12 (2017-04-07)
-==
-
-The “it's something humans do” release.
-
-Enhancements:
-
-• The session dbus-daemon now supports transient .service files
- in $XDG_RUNTIME_DIR/dbus-1/services. Unlike the other standard
- service directories, this directory is not monitored with inotify
- or similar, and the service files must be named exactly
- ${bus_name}.service. (fd.o #99825, Simon McVittie)
-
-• dbus can be configured with --enable-relocation when building with
- Autotools, or with -DDBUS_RELOCATABLE=ON when building with cmake,
- to make the pkg-config metadata relocatable. This is useful for
- non-standard prefixes, and in particular for Windows installations.
- However, it is not recommended for system-wide installations into
- /usr, because it interferes with pkg-config's ability to filter out
- compiler default linker directories.
-
- With Autotools, the default is --enable-relocation when building
- for Windows or --disable-relocation otherwise. With CMake, the default
- is -DDBUS_RELOCATABLE=ON.
-
- (fd.o #99721; Ralf Habacker, Simon McVittie)
-
-• Users of CMake ≥ 2.6 can now link to libdbus without providing their
- own FindDBus.cmake macros, whether dbus was compiled with Autotools
- or with CMake. See the end of README.cmake for more information.
- (fd.o #99721; Ralf Habacker, Simon McVittie)
-
-Fixes:
-
-• Always read service file directories in the intended order
- (fd.o #99825, Simon McVittie)
-
-• When tests are skipped, don't try to kill nonexistent process 0
- (fd.o #99825, Simon McVittie)
-
-• Avoid valgrind false positives (fd.o #88808, Philip Withnall)
-
-• Fix a harmless read overflow and some memory leaks in a unit test
- (fd.o #100568, Philip Withnall)
-
-• Fix some typos in test code
- (fd.o #99999, Coverity #141876, #141877; Philip Withnall)
-
-• Clarify the roles of /etc/dbus-1/s*.d and /usr/share/dbus-1/s*.d
- in documentation (fd.o #99901, Philip Withnall)
-
-• Fix and enable compiler warnings related to -Wswitch
- (fd.o #98191; Thomas Zimmermann, Simon McVittie)
-
-• Fix writing off the end of a fd_set when testing with valgrind
- (fd.o #99839, Philip Withnall)
-
-D-Bus 1.11.10 (2017-02-16)
-==
-
-The “purple hair gives you telekinesis?” release.
-
-Dependencies:
-
-• AppArmor support requires at least libapparmor 2.8.95, reduced
- from 2.10 in previous versions. One test requires 2.10 and is
- skipped if building with an older version.
-
-Enhancements:
-
-• Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian
- stable and Debian testing in addition to the older Ubuntu that is
- the default (fd.o #98889, Simon McVittie)
-
-• Avoid some deprecated CMake functions (fd.o #99586, Ralf Habacker)
-
-• Silence many -Wswitch-enum and -Wswitch-default warnings
- (fd.o #98191; Thomas Zimmermann, Simon McVittie)
-
-• Install a sysusers.d snippet so `dbus-daemon --system` can be used
- with an unpopulated /etc (fd.o #99162, Lennart Poettering)
-
-• Install pkg-config metadata on Unix even if building with CMake
- (fd.o #99752, Ralf Habacker)
-
-• Exclude auth mechanisms from REJECTED message if they are supported
- in the code but but configured to be disallowed (fd.o #99621,
- Ralf Habacker)
-
-Fixes:
-
-• Prevent symlink attacks in the nonce-tcp transport on Unix that could
- allow an attacker to overwrite a file named "nonce", in a directory
- that the user running dbus-daemon can write, with a random value
- known only to the user running dbus-daemon. This is unlikely to be
- exploitable in practice, particularly since the nonce-tcp transport
- is really only useful on Windows.
-
- On Unix systems we strongly recommend using only the unix: and systemd:
- transports, together with EXTERNAL authentication. These are the only
- transports and authentication mechanisms enabled by default.
-
- (fd.o #99828, Simon McVittie)
-
-• Avoid symlink attacks in the "embedded tests", which are not enabled
- by default and should never be enabled in production builds of dbus.
- (fd.o #99828, Simon McVittie)
-
-• Fix the implementation of re-enabling a timeout so that its
- countdown is restarted as intended, instead of continually
- decreasing. (fd.o #95619; Michal Koutný, Simon McVittie)
-
-• When receiving a message with file descriptors, do not start reading
- the beginning of the next message, so that only one such message
- is processed at a time. In conjunction with the fix for #95619
- this means that processes sending many file descriptors, such as
- systemd-logind on a system that receives very rapid ssh connections,
- are not treated as abusive and kicked off the bus. Revert the previous
- workaround that special-cased uid 0.
- (fd.o #95263, LP#1591411; Simon McVittie)
-
-• Do not require TMPDIR, TEMP or TMP to be set when cross-compiling
- for Windows with CMake (fd.o #99586, Ralf Habacker)
-
-• Do not set Unix-specific variables when targeting Windows
- (fd.o #99586, Ralf Habacker)
-
-• Install Unix executables to ${CMAKE_INSTALL_PREFIX}/bin as intended,
- not ${CMAKE_INSTALL_PREFIX}/lib (fd.o #99752, Ralf Habacker)
-
-• Use relative install locations in CMake on Unix to respect DESTDIR,
- and use GNU-style install layout (fd.o #99721, #99752; Ralf Habacker)
-
-• Install dbus-arch-deps.h correctly when using CMake
- (fd.o #99586, #99721; Ralf Habacker)
-
-• Improve argument validation for `dbus-test-tool spam`
- (ffd.o #99693, Coverity #54759; Philip Withnall)
-
-• Don't shift by a negative integer if a hash table becomes monstrously
- large (fd.o #99641, Coverity #54682; Philip Withnall)
-
-• Don't leak LSM label if dbus-daemon runs out of memory when dealing with
- a new connection (fd.o #99612, Coverity #141058; Philip Withnall)
-
-• Remove an unnecessary NULL check
- (fd.o #99642, Coverity #141062; Philip Withnall)
-
-• Improve error handling in unit tests and dbus-send
- (fd.o #99643, #99694, #99712, #99722, #99723, #99724, #99758,
- #99759, #99793, Coverity #54688, #54692, #54693, #54697, #54701,
- #54710, #54711, #54714, #54715, #54718, #54721, #54724, #54726,
- #54730, #54740, #54822, #54823, #54824, #54825; Philip Withnall)
-
-• Do not print verbose messages' timestamps to stderr if the actual message
- has been redirected to the Windows debug port (fd.o #99749, Ralf Habacker)
-
-D-Bus 1.11.8 (2016-11-28)
-==
-
-The “panics in the face of breakfast foods” release.
-
-Build-time configuration:
-
-• The new --enable-debug configure option provides an easy way to
- enable debug symbols, disable optimization and/or enable profiling.
-
-• The --enable-compile-warnings configure option can be used to control
- compiler warnings.
-
-• The --disable-compiler-optimisations configure option is no longer
- supported. Use --enable-debug=yes or CFLAGS=-O0 instead.
-
-Enhancements:
-
-• D-Bus Specification version 0.30
- · Define the jargon term "activation" more clearly
- · Define the jargon term "auto-starting", which is one form of activation
- · Document the optional SystemdService key in service files
- · Use versioned interface and bus names in most examples
- · Clarify intended behaviour of Properties.GetAll
- (fd.o #36190, fd.o #98671; Philip Withnall, Simon McVittie)
-
-• Fix and enable a lot of compiler warnings to improve future code
- quality. This might incidentally also fix some environment variable
- accesses on OS X.
- · In particular, printf-style functions in the libdbus API are now annotated
- with __attribute__((__format__(__printf__, *, *))) when compiling with
- gcc or clang. This might make printf bugs in other software visible
- at compile time.
- (fd.o #97357, fd.o #98192, fd.o #98195, fd.o #98658;
- Thomas Zimmermann, Simon McVittie)
-
-• When running with AppArmor mediation (for example using Ubuntu's patched
- Linux kernel), clients can no longer auto-start services unless they would
- have been able to send the auto-starting message to the service after it
- starts. StartServiceByName() is unaffected, and continues to be allowed by
- default in AppArmor's <abstractions/dbus-strict> and
- <abstractions/dbus-session-strict>. (fd.o #98666, Simon McVittie)
-
-Fixes:
-
-• Work around an undesired effect of the fix for CVE-2014-3637
- (fd.o #80559), in which processes that frequently send fds, such as
- logind during a flood of new PAM sessions, can get disconnected for
- continuously having at least one fd "in flight" for too long;
- dbus-daemon interprets that as a potential denial of service attack.
- The workaround is to disable that check for uid 0 process such as
- logind, with a message in the system log. The bug remains open while
- we look for a more general solution.
- (fd.o #95263, LP#1591411; Simon McVittie)
-
-• Don't run the test test-dbus-launch-x11.sh if X11 autolaunching
- was disabled at compile time. That test is not expected to work
- in that configuration. (fd.o #98665, Simon McVittie)
-
-D-Bus 1.11.6 (2016-10-10)
-==
-
-The “darkly whimsical” release.
-
-Security fixes:
-
-• Do not treat ActivationFailure message received from root-owned systemd
- name as a format string. In principle this is a security vulnerability,
- but we do not believe it is exploitable in practice, because only
- privileged processes can own the org.freedesktop.systemd1 bus name, and
- systemd does not appear to send activation failures that contain "%".
-
- Please note that this probably *was* exploitable in dbus versions
- older than 1.6.30, 1.8.16 and 1.9.10 due to a missing check which at
- the time was only thought to be a denial of service vulnerability
- (CVE-2015-0245). If you are still running one of those versions,
- patch or upgrade immediately.
-
- (fd.o #98157, Simon McVittie)
-
-Enhancements:
-
-• D-Bus Specification version 0.29
- · Recommend not using '/' for object paths (fd.o #37095, Philip Withnall)
- · Allow <annotation> in <arg> elements (fd.o #86162, Philip Withnall)
-
-• Log to syslog when we exceed various anti-DoS limits, and add test
- coverage for them (fd.o #86442, Simon McVittie)
-
-• Improve syslog handling so that _dbus_warn() and similar warnings
- go to syslog, add dbus-daemon --syslog|--nosyslog|--syslog-only options,
- and log to syslog (instead of /dev/null) when dbus-daemon is started by
- dbus-launch. (fd.o #97009, Simon McVittie)
-
-• Install introspect.dtd and busconfig.dtd to ${datadir}/xml/dbus-1
- (fd.o #89011, Philip Withnall)
-
-• When logging messages about service activation, mention which peer
- requested the activation (fd.o #68212, Philip Withnall)
-
-• On Linux, mention the LSM label (if available) whenever we print
- debug information about a peer (fd.o #68212, Philip Withnall)
-
-Other fixes:
-
-• Harden dbus-daemon against malicious or incorrect ActivationFailure
- messages by rejecting them if they do not come from a privileged
- process, or if systemd activation is not enabled
- (fd.o #98157, Simon McVittie)
-
-• Avoid undefined behaviour when setting reply serial number without going
- via union DBusBasicValue (fd.o #98035, Marc Mutz)
-
-• Fix CMake build for Unix platforms that do not have -lrt, such as Android,
- or that do need -lsocket, such as QNX (fd.o #94096, Ralf Habacker)
-
-• autogen.sh: fail cleanly if autoconf fails (Simon McVittie)
-
-D-Bus 1.11.4 (2016-08-15)
-==
-
-The “copper pickaxe” release.
-
-Dependencies:
-
-• Building from git (but not from tarballs) now requires
- macros from the GNU Autoconf Archive, for example the autoconf-archive
- package in Debian or Fedora derivatives.
-
-Build-time configuration:
-
-• The option to enable coverage instrumentation has changed from
- --enable-compiler-coverage to --enable-code-coverage.
-
-Enhancements:
-
-• D-Bus Specification version 0.28
- · Clarify some details of serialization (fd.o #93382, Philip Withnall)
-
-• Increase listen() backlog of AF_UNIX sockets to the maximum possible,
- minimizing failed connections under heavy load
- (fd.o #95264, Lennart Poettering)
-
-• Add a new dbus-launch --exit-with-x11 option (fd.o #39197, Simon McVittie)
-
-• Use the same regression tests for subprocess starting on Unix and Windows
- (fd.o #95191, Ralf Habacker)
-
-• Print timestamps and thread IDs in verbose messages
- (fd.o #95191, Ralf Habacker)
-
-• On Unix, unify the various places that reopen stdin, stdout and/or stderr
- pointing to /dev/null (fd.o #97008, Simon McVittie)
-
-• Use AX_CODE_COVERAGE instead of our own COMPILER_COVERAGE
- (fd.o #88922, Thomas Zimmermann)
-
-Fixes:
-
-• On Windows, fix a memory leak in replacing the installation prefix
- (fd.o #95191, Ralf Habacker)
-
-• On Linux, when dbus-daemon is run with reduced susceptibility to the
- OOM killer (typically via systemd), do not let child processes inherit
- that setting (fd.o #32851; Kimmo Hämäläinen, WaLyong Cho)
-
-• On Unix, make dbus-launch and dbus-daemon --fork work as intended
- even if a parent process incorrectly starts them with stdin, stdout
- and/or stderr closed (fd.o #97008, Simon McVittie)
-
-• Output valid shell syntax in ~/.dbus/session-bus/ if the bus address
- contains a semicolon (fd.o #94746, Thiago Macieira)
-
-• Fix memory leaks and thread safety in subprocess starting on Windows
- (fd.o #95191, Ralf Habacker)
-
-• Stop test-dbus-daemon incorrectly failing on platforms that cannot
- discover the process ID of clients (fd.o #96653, Руслан Ижбулатов)
-
-• In tests that exercise correct handling of crashing D-Bus services,
- suppress Windows crash handler (fd.o #95155; Yiyang Fei, Ralf Habacker)
-
-• Explicitly check for stdint.h (Ioan-Adrian Ratiu)
-
-• In tests, add an invalid DBusAuthState to avoid undefined behaviour
- in some test cases (fd.o #93909, Nick Lewycky)
-
-• Add assertions to reassure a static analysis tool
- (fd.o #93210, Deepika Aggarwal)
-
-• Be explicit about enum comparison when loading XML
- (fd.o #93205, Deepika Aggarwal)
-
-• update-activation-environment: produce better diagnostics on error
- (fd.o #96653, Simon McVittie)
-
-• Avoid various compiler warnings with gcc 6
- (fd.o #97282; Thomas Zimmermann, Simon McVittie)
-
-• On Unix when configured to use the system log, report as "dbus-daemon",
- not as "dbus" (fd.o #97009, Simon McVittie)
-
-• During unit tests, reduce the amount we write to the system log
- (fd.o #97009, Simon McVittie)
-
-D-Bus 1.11.2 (2016-03-07)
-==
-
-The “pneumatic drill vs. Iron Maiden” release.
-
-Fixes:
-
-• Enable "large file support" on systems where it exists: dbus-daemon
- is not expected to open large files, but it might need to stat files
- that happen to have large inode numbers (fd.o #93545, Hongxu Jia)
-
-• Eliminate padding inside DBusMessageIter on 64-bit platforms,
- which might result in a pedantic C compiler not copying the entire contents
- of a DBusMessageIter; statically assert that this is not an ABI change
- in practice (fd.o #94136, Simon McVittie)
-
-• Document dbus-test-tool echo --sleep-ms=N instead of incorrect --sleep=N
- (fd.o #94244, Dmitri Iouchtchenko)
-
-• Correctly report test failures in C tests from run-test.sh
- (fd.o #93379; amit tewari, Simon McVittie)
-
-• When tests are enabled, run all the marshal-validate tests, not just
- the even-numbered ones (fd.o #93908, Nick Lewycky)
-
-• Correct the expected error from one marshal-validate test, which was
- previously not run due to the above bug (fd.o #93908, Simon McVittie)
-
-• Fix compilation under CMake when embedded tests are disabled
- (fd.o #94094, eric.hyer)
-
-Internal changes:
-
-• Fix all -Wpointer-sign (signed/unsigned mismatch) warnings, and enable the
- warning (fd.o #93069; Ralf Habacker, Simon McVittie)
-
-• When building with CMake, use the same gcc/clang warnings as under Autotools,
- or MSVC warnings that are broadly similar (fd.o #93069, Ralf Habacker)
-
-• test/name-test: make C tests produce TAP output and run them directly, not
- via run-test.sh (fd.o #92899, Simon McVittie)
-
-• Under CMake when cross-compiling for Windows on Unix, run the tests
- under Wine even if binfmt_misc support is not available
- (fd.o #88966, Ralf Habacker)
-
-• The DBUS_USE_TEST_BINARY environment variable is no longer used by builds with
- embedded tests; DBUS_TEST_DBUS_LAUNCH replaces it (fd.o #92899, Simon McVittie)
-
-• Factor out some functions that will be needed in future for a Windows
- implementation of dbus-run-session (fd.o #92899, Ralf Habacker)
-
-D-Bus 1.11.0 (2015-12-02)
-==
-
-The “peppermint deer” release.
-
-Dependencies:
-
-• On non-Windows platforms, dbus now requires an <inttypes.h> that defines
- C99 constants such as PRId64 and PRIu64.
-
-Enhancements:
-
-• D-Bus Specification version 0.27
- · Specify that services should not reply if NO_REPLY_EXPECTED was used
- (fd.o #75749, Lars Uebernickel)
-
-• Add a script to do continuous-integration builds, and metadata to run it
- on travis-ci.org. To use this, clone the dbus git repository on GitHub
- and set it up with travis-ci.org; the only special setting needed is
- "only build branches with a .travis.yml". (fd.o #93194, Simon McVittie)
-
-• If dbus-daemon is run with --systemd-activation, do not require
- org.freedesktop.systemd1.service to exist (fd.o #93194, Simon McVittie)
-
-Fixes:
-
-• Re-order dbus-daemon startup so that on SELinux systems, the thread
- that reads AVC notifications retains the ability to write to the
- audit log (fd.o #92832, Laurent Bigonville)
-
-• Print 64-bit integers on non-GNU Unix platforms (fd.o #92043, Natanael Copa)
-
-• When using the Monitoring interface, match messages' destinations
- (fd.o #92074, Simon McVittie)
-
-• On Linux with systemd, stop installing a reference to the obsolete
- dbus.target, and enable dbus.socket statically (fd.o #78412, #92402;
- Simon McVittie)
-
-• On Windows, when including configuration files with <include> or
- <includedir>, apply the same relocation as for the Exec paths
- in .service files (fd.o #92028, Simon McVittie)
-
-• Add support for backtraces on Windows (fd.o #92721, Ralf Habacker)
-
-• Fix many -Wpointer-sign warnings (fd.o #93069, Ralf Habacker)
-
-D-Bus 1.10.6 (2015-12-01)
-==
-
-The “marzipan beetles” release.
-
-Fixes:
-
-• On Unix when running tests as root, don't assert that root and
- the dbus-daemon user can still call UpdateActivationEnvironment;
- assert that those privileged users can call BecomeMonitor instead
- (fd.o #93036, Simon McVittie)
-
-• On Windows, fix a memory leak in the autolaunch transport (fd.o #92899,
- Simon McVittie)
-
-• On Windows Autotools builds, don't run tests that rely on
- dbus-run-session and other Unix-specifics (fd.o #92899, Simon McVittie)
-
-D-Bus 1.10.4 (2015-11-17)
-==
-
-The “Frostburn Canyon” release.
-
-Enhancements:
-
-• GetConnectionCredentials, GetConnectionUnixUser and
- GetConnectionUnixProcessID with argument "org.freedesktop.DBus"
- will now return details of the dbus-daemon itself. This is required
- to be able to call SetEnvironment on systemd.
- (fd.o #92857, Jan Alexander Steffens)
-
-Fixes:
-
-• Make UpdateActivationEnvironment always fail with AccessDenied on the
- system bus. Previously, it was possible to configure it so root could
- call it, but the environment variables were not actually used,
- because the launch helper would discard them.
- (fd.o #92857, Jan Alexander Steffens)
-
-• On Unix with --systemd-activation on a user bus, make
- UpdateActivationEnvironment pass on its arguments to systemd's
- SetEnvironment method, solving inconsistency between the environments
- used for traditional activation and systemd user-service activation.
- (fd.o #92857, Jan Alexander Steffens)
-
-• On Windows, don't crash if <syslog/> or --syslog is used
- (fd.o #92538, Ralf Habacker)
-
-• On Windows, fix a memory leak when setting a DBusError from a Windows
- error (fd.o #92721, Ralf Habacker)
-
-• On Windows, don't go into infinite recursion if we abort the process
- with backtraces enabled (fd.o #92721, Ralf Habacker)
-
-• Fix various failing tests, variously on Windows and cross-platform:
- · don't test system.conf features (users, groups) that only make sense
- on the system bus, which is not supported on Windows
- · don't call _dbus_warn() when we skip a test, since it is fatal
- · fix computation of expected <standard_session_servicedirs/>
- · when running TAP tests, translate newlines to Unix format, fixing
- cross-compiled tests under Wine on Linux
- · don't stress-test refcounting under Wine, where it's really slow
- · stop assuming that a message looped-back to the test will be received
- immediately
- · skip some system bus tests on Windows since they make no sense there
- (fd.o #92538, fd.o #92721; Ralf Habacker, Simon McVittie)
-
-D-Bus 1.10.2 (2015-10-26)
-==
-
-The “worst pies in London” release.
-
-Fixes:
-
-• Correct error handling for activation: if there are multiple attempts
- to activate the same service and it fails immediately, the first attempt
- would get the correct reply, but the rest would time out. We now send
- the same error reply to each attempt. (fd.o #92200, Simon McVittie)
-
-• If BecomeMonitor is called with a syntactically invalid match rule,
- don't crash with an assertion failure, fixing a regression in 1.9.10.
- This was not exploitable as a denial of service, because the check
- for a privileged user is done first. (fd.o #92298, Simon McVittie)
-
-• On Linux with --enable-user-session, add the bus address to the
- environment of systemd services for better backwards compatibility
- (fd.o #92612, Jan Alexander Steffens)
-
-• On Windows, fix the logic for replacing the installation prefix
- in service files' Exec lines (fd.o #83539; Milan Crha, Simon McVittie)
-
-• On Windows, if installed in the conventional layout with ${prefix}/etc
- and ${prefix}/share, use relative paths between bus configuration files
- to allow the tree to be relocated (fd.o #92028, Simon McVittie)
-
-• Make more of the regression tests pass in Windows builds (fd.o #92538,
- Simon McVittie)
-
-D-Bus 1.10.0 (2015-08-25)
-==
-
-The “0x20” release.
-
-This is a new stable branch, recommended for use in OS distributions.
-
-Fixes since 1.9.20:
-
-• distribute test/tap-test.sh.in, even if the tarball was built without
- tests enabled (fd.o #91684, Simon McVittie)
-• work around a fd leak in libcap-ng < 0.7.7 (fd.o #91684, Simon McVittie)
-
-Summary of major changes since 1.8.0:
-
-• The basic setup for the well-known system and session buses is
- now done in read-only files in ${datadir} (normally /usr/share).
- See the NEWS entry for 1.9.18 for details.
-
-• AppArmor integration has been merged, with features similar to the
- pre-existing SELinux integration. It is mostly compatible with the
- patches previously shipped by Ubuntu, with one significant change:
- Ubuntu's GetConnectionAppArmorSecurityContext method has been superseded
- by GetConnectionCredentials and was not included.
-
-• The --enable-user-session configure option can be enabled
- by OS integrators intending to use systemd to provide a session bus
- per user (in effect, treating all concurrent graphical and non-graphical
- login sessions as one large session).
-
-• The new listenable address mode "unix:runtime=yes" listens on
- $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the systemd
- user session. libdbus and "dbus-launch --autolaunch" will connect to
- this address by default. GLib ≥ 2.45.3 and sd-bus ≥ 209 have a
- matching default.
-
-• All executables are now dynamically linked to libdbus-1.
- Previously, some executables, most notably dbus-daemon, were statically
- linked to a specially-compiled variant of libdbus. This results in
- various private functions in the _dbus namespace being exposed by the
- shared library. These are not API, and must not be used outside
- the dbus source tree.
-
-• On platforms with ELF symbol versioning, all public symbols
- are versioned LIBDBUS_1_3.
-
-New bus APIs:
-
-• org.freedesktop.DBus.GetConnectionCredentials returns
- LinuxSecurityLabel where supported
-• org.freedesktop.DBus.Monitoring interface (privileged)
- · BecomeMonitor method supersedes match rules with eavesdrop=true,
- which are now deprecated
-• org.freedesktop.DBus.Stats interface (semi-privileged)
- · now enabled by default
- · new GetAllMatchRules method
-• org.freedesktop.DBus.Verbose interface (not normally compiled)
- · toggles the effect of DBUS_VERBOSE
-
-New executables:
-
-• dbus-test-tool
-• dbus-update-activation-environment
-
-New optional dependencies:
-
-• The systemd: pseudo-transport requires libsystemd or libsd-daemon
-• Complete documentation requires Ducktype and yelp-tools
-• Full test coverage requires GLib 2.36 and PyGI
-• AppArmor integration requires libapparmor and optionally libaudit
-
-Dependencies removed:
-
-• dbus-glib
-
-D-Bus 1.9.20 (2015-08-06)
-==
-
-The “Remember Tomorrow” release.
-
-This is a release-candidate for D-Bus 1.10.0. OS distribution vendors
-should test it.
-
-Fixes:
-
-• Don't second-guess what the ABI of poll() is, allowing it to be used
- on Integrity RTOS and other unusual platforms (fd.o #90314;
- Rolland Dudemaine, Simon McVittie)
-
-• Don't duplicate audit subsystem integration if AppArmor and SELinux are
- both enabled (fd.o #89225, Simon McVittie)
-
-• Log audit events for AppArmor/SELinux policy violations whenever
- we have CAP_AUDIT_WRITE, even if not the system bus
- (fd.o #83856, Laurent Bigonville)
-
-D-Bus 1.9.18 (2015-07-21)
-==
-
-The “Pirate Elite” release.
-
-Configuration changes:
-
-• The basic setup for the well-known system and session buses is now done
- in read-only files in ${datadir}, moving a step closer to systems
- that can operate with an empty /etc directory. In increasing order
- of precedence:
-
- · ${datadir}/dbus-1/s*.conf now perform the basic setup such as setting
- the default message policies.
- · ${sysconfdir}/dbus-1/s*.conf are now optional. By default
- dbus still installs a trivial version of each, for documentation
- purposes; putting configuration directives in these files is deprecated.
- · ${datadir}/dbus-1/s*.d/ are now available for third-party software
- to install "drop-in" configuration snippets (any packages
- using those directories should explicitly depend on at least this
- version of dbus).
- · ${sysconfdir}/dbus-1/s*.d/ are also still available for sysadmins
- or third-party software to install "drop-in" configuration snippets
- · ${sysconfdir}/dbus-1/s*-local.conf are still available for sysadmins'
- overrides
-
- ${datadir} is normally /usr/share, ${sysconfdir} is normally /etc,
- and "s*" refers to either system or session as appropriate.
-
- (fd.o #89280, Dimitri John Ledkov)
-
-Fixes:
-
-• Fix a memory leak when GetConnectionCredentials() succeeds
- (fd.o #91008, Jacek Bukarewicz)
-
-• Ensure that dbus-monitor does not reply to messages intended for others,
- resulting in its own disconnection (fd.o #90952, Simon McVittie)
-
-D-Bus 1.9.16 (2015-05-14)
-==
-
-The “titanium barns” release.
-
-Dependencies:
-
-• Automake 1.13 is now required when compiling from git or modifying
- the build system.
-
-Security hardening:
-
-• On Unix platforms, change the default configuration for the session bus
- to only allow EXTERNAL authentication (secure kernel-mediated
- credentials-passing), as was already done for the system bus.
-
- This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
- unpredictable pseudo-random numbers.
-
- If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
- in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
- NFS or similar, you will need to reconfigure the session bus to accept
- DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration
- is not recommended.
-
- (fd.o #90414, Simon McVittie)
-
-• When asked for random numbers for DBUS_COOKIE_SHA1, the nonce-tcp:
- transport, UUIDs or any other reason, fail if we cannot obtain entropy
- (from /dev/urandom or CryptGenRandom()) or an out-of-memory condition
- occurs, instead of silently falling back to low-entropy pseudorandom
- numbers from rand(). (fd.o #90414; Simon McVittie, Ralf Habacker)
-
-Enhancements:
-
-• Add dbus_message_iter_get_element_count()
- (fd.o #30350; Christian Dywan, Simon McVittie)
-
-• Introduce new internal DBusSocket and DBusPollable types so we can
- stop treating the Windows SOCKET type as if it was int. DBusSocket
- is specifically a socket, cross-platform. DBusPollable is whatever
- _dbus_poll() can act on, i.e. a fd on Unix or a SOCKET on Windows.
- (fd.o #89444; Ralf Habacker, Simon McVittie)
-
-• All regression tests now output TAP <https://testanything.org/>
- (fd.o #89846, Simon McVittie)
-
-• Internal APIs consistently use signed values for timestamps
- (fd.o #18494, Peter McCurdy)
-
-• Improve diagnostics when UpdateActivationEnvironment calls are rejected
- (fd.o #88812, Simon McVittie)
-
-• Clean up a lot of compiler warnings
- (fd.o #17289, fd.o #89284; Ralf Habacker, Simon McVittie)
-
-Fixes:
-
-• Add locking to DBusCounter's reference count and notify function
- (fd.o #89297, Adrian Szyndela)
-
-• Ensure that DBusTransport's reference count is protected by the
- corresponding DBusConnection's lock (fd.o #90312, Adrian Szyndela)
-
-• Correctly release DBusServer mutex before early-return if we run out
- of memory while copying authentication mechanisms (fd.o #90021,
- Ralf Habacker)
-
-• Make dbus-test-tool and dbus-update-activation-environment portable
- to Windows (fd.o #90089, Ralf Habacker)
-
-• Correctly initialize all fields of DBusTypeReader (fd.o #90021;
- Ralf Habacker, Simon McVittie)
-
-• Fix some missing \n in verbose (debug log) messages (fd.o #90004,
- Ralf Habacker)
-
-• Clean up some memory and fd leaks in test code and tools
- (fd.o #90021, Ralf Habacker)
-
-• Fix a NULL dereference if the dbus-daemon cannot read a configuration
- directory for a reason that is not ENOENT (fd.o #90021, Ralf Habacker)
-
-• CMake generates a versioned shared library even if the revision is 0,
- as it usually is on the development branch. (fd.o #89450, Ralf Habacker)
-
-D-Bus 1.9.14 (2015-03-02)
-==
-
-The “don't stand in the poison cloud” release.
-
-Dependencies:
-
-• dbus-daemon and dbus-daemon-launch-helper now require libdbus. They
- were previously linked to a static version of libdbus.
-
-• The tests no longer require dbus-glib in order to exercise the libdbus
- shared library; they are always linked to libdbus now.
-
-Build-time configuration:
-
-• The new --enable-user-session option, off by default, can be enabled
- by OS integrators intending to use systemd to provide a session bus
- per user (in effect, treating all concurrent graphical and non-graphical
- login sessions as one large session)
-
-Enhancements:
-
-• All executables are now linked dynamically to libdbus.
- (fd.o #83115; Bertrand SIMONNET, Simon McVittie, Ralf Habacker)
-
-• On platforms that support them (GNU libc and possibly others),
- libdbus now has versioned symbols for its public API.
- All public symbols (visible in the header files) are currently
- versioned as LIBDBUS_1_3; private symbols starting with _dbus or
- dbus_internal have a version that changes with each release, and
- must not be used by applications. (also fd.o #83115)
-
-• New listenable address mode "unix:runtime=yes" which listens on
- a real filesystem (non-abstract) socket $XDG_RUNTIME_DIR/bus
- (fd.o #61303; Colin Walters, Alexander Larsson, Simon McVittie)
-
-• Add optional systemd units for a per-user bus listening on
- $XDG_RUNTIME_DIR/bus (fd.o #61301; Simon McVittie, Colin Walters)
-
-• On Unix platforms, both libdbus and "dbus-launch --autolaunch"
- default to connecting to $XDG_RUNTIME_DIR/bus if it is a socket
- (also fd.o #61301)
-
-• New dbus-update-activation-environment tool uploads environment
- variables to "dbus-daemon --session" and optionally "systemd --user",
- primarily as a way to keep the per-user bus compatible with
- distributions' existing X11 login scripts (also fd.o #61301)
-
-• <includedir/> elements in dbus-daemon configuration are now silently
- ignored if the directory does not exist. (fd.o #89280, Dimitri John Ledkov)
-
-• Add microsecond-resolution timestamps to the default output of
- dbus-monitor and dbus-send (fd.o #88896; Ralf Habacker, Simon McVittie)
-
-Fixes:
-
-• Fix a race condition in the 'monitor' test introduced in 1.9.10
- (fd.o #89222, Simon McVittie)
-
-D-Bus 1.9.12 (2015-02-19)
-==
-
-The “monster lasagna” release.
-
-Dependencies:
-
-• Ducktype and yelp-tools are now required to build complete documentation
- (they are optional for normal builds).
-
-Enhancements:
-
-• D-Bus Specification version 0.26
- · GetConnectionCredentials can return LinuxSecurityLabel or WindowsSID
- · document the BecomeMonitor method
-
-• On Linux, add LinuxSecurityLabel to GetConnectionCredentials
- (fd.o #89041; Tyler Hicks, Simon McVittie)
-
-• On Linux, add support for AppArmor mediation of message sending and
- receiving and name ownership (paralleling existing SELinux mediation
- support), and eavesdropping (a new check, currently AppArmor-specific)
- (fd.o #75113; John Johansen, Tyler Hicks, Simon McVittie)
-
-• In dbus-send and dbus-monitor, pretty-print \0-terminated bytestrings
- that have printable ASCII contents; we previously only did this for
- unterminated bytestrings (fd.o #89109, Simon McVittie)
-
-• Add a guide to designing good D-Bus APIs (fd.o #88994, Philip Withnall)
-
-• On Windows, add WindowsSID to GetConnectionCredentials
- (fd.o #54445, Ralf Habacker)
-
-• Improve clarity of dbus-monitor --profile output and add more columns
- (fd.o #89165, Ralf Habacker)
-
-• Add a man page for dbus-test-tool, and build it under CMake as well
- as Autotools (fd.o#89086, Simon McVittie)
-
-• If dbus-daemon was compiled with --enable-verbose, add a D-Bus API
- to control it at runtime, overriding the DBUS_VERBOSE environment variable
- (fd.o #88896, Ralf Habacker)
-
-Fixes:
-
-• Reduce the number of file descriptors used in the fd-passing test,
- avoiding failure under the default Linux fd limit, and automatically
- skip it if the rlimit is too small (fd.o #88998, Simon McVittie)
-
-D-Bus 1.9.10 (2015-02-09)
-==
-
-The “sad cyborgs” release.
-
-Security fixes merged from 1.8.16:
-
-• Do not allow non-uid-0 processes to send forged ActivationFailure
- messages. On Linux systems with systemd activation, this would
- allow a local denial of service: unprivileged processes could
- flood the bus with these forged messages, winning the race with
- the actual service activation and causing an error reply
- to be sent back when service auto-activation was requested.
- This does not prevent the real service from being started,
- so the attack only works while the real service is not running.
- (CVE-2015-0245, fd.o #88811; Simon McVittie)
-
-Enhancements:
-
-• The new Monitoring interface in the dbus-daemon lets dbus-monitor and
- similar tools receive messages without altering the security properties
- of the system bus, by calling the new BecomeMonitor method on a
- private connection. This bypasses the normal <allow> and <deny> rules
- entirely, so to preserve normal message-privacy assumptions, only root
- is allowed to do this on the system bus. Restricted environments,
- such as Linux with LSMs, should lock down access to the Monitoring
- interface. (fd.o #46787, Simon McVittie)
-
-• dbus-monitor uses BecomeMonitor to capture more traffic, if the
- dbus-daemon supports it and access permissions allow it.
- It still supports the previous approach ("eavesdropping" match rules)
- for compatibility with older bus daemons. (fd.o #46787, Simon)
-
-• dbus-monitor can now log the message stream as binary data for later
- analysis, with either no extra framing beyond the normal D-Bus headers,
- or libpcap-compatible framing treating each D-Bus message
- as a captured packet. (fd.o #46787, Simon)
-
-Other fixes:
-
-• Fix some CMake build regressions (fd.o #88964, Ralf Habacker)
-
-• On Unix, forcibly terminate regression tests after 60 seconds to
- prevent them from blocking continuous integration frameworks
- (fd.o #46787, Simon)
-
-D-Bus 1.9.8 (2015-02-03)
-==
-
-The “all the types of precipitation” release.
-
-Dependencies:
-
-• full test coverage now requires GLib 2.36
-• full test coverage now requires PyGI (PyGObject 3,
- "import gi.repository.GObject") instead of the
- obsolete PyGObject 2 ("import gobject")
-
-Enhancements:
-
-• add GLib-style "installed tests" (fd.o #88810, Simon McVittie)
-
-• better regression test coverage, including systemd activation
- (fd.o #57952, #88810; Simon McVittie)
-
-Fixes:
-
-• fatal errors correctly make the dbus-daemon exit even if <syslog/> is
- turned off (fd.o #88808, Simon McVittie)
-
-• TCP sockets on Windows no longer fail to listen approximately 1 time
- in 256, caused by a logic error that should have always made it fail but
- was mitigated by incorrect endianness for the port number
- (fd.o #87999, Ralf Habacker)
-
-• fix some Windows build failures (fd.o #88009, #88010; Ralf Habacker)
-
-• on Windows, allow up to 8K connections to the dbus-daemon instead of the
- previous 64, completing a previous fix which only worked under
- Autotools (fd.o #71297, Ralf Habacker)
-
-• on Windows, if the IP family is unspecified only use IPv4,
- to mitigate IPv6 not working correctly (fd.o #87999, Ralf Habacker)
-
-• fix some unlikely memory leaks on OOM (fd.o #88087, Simon McVittie)
-
-• lcov code coverage analysis works again (fd.o #88808, Simon McVittie)
-
-• fix an unused function error with --disable-embedded-tests (fd.o #87837,
- Thiago Macieira)
-
-D-Bus 1.9.6 (2015-01-05)
-==
-
-The “I do have a bread knife” release.
-
-Security hardening:
-
-• Do not allow calls to UpdateActivationEnvironment from uids other than
- the uid of the dbus-daemon. If a system service installs unsafe
- security policy rules that allow arbitrary method calls
- (such as CVE-2014-8148) then this prevents memory consumption and
- possible privilege escalation via UpdateActivationEnvironment.
-
- We believe that in practice, privilege escalation here is avoided
- by dbus-daemon-launch-helper sanitizing its environment; but
- it seems better to be safe.
-
-• Do not allow calls to UpdateActivationEnvironment or the Stats interface
- on object paths other than /org/freedesktop/DBus. Some system services
- install unsafe security policy rules that allow arbitrary method calls
- to any destination, method and interface with a specified object path;
- while less bad than allowing arbitrary method calls, these security
- policies are still harmful, since dbus-daemon normally offers the
- same API on all object paths and other system services might behave
- similarly.
-
-Other fixes:
-
-• Add missing initialization so GetExtendedTcpTable doesn't crash on
- Windows Vista SP0 (fd.o #77008, Илья А. Ткаченко)
-
-D-Bus 1.9.4 (2014-11-24)
-==
-
-The “extra-sturdy caramel” release.
-
-Fixes:
-
-• Partially revert the CVE-2014-3639 patch by increasing the default
- authentication timeout on the system bus from 5 seconds back to 30
- seconds, since this has been reported to cause boot regressions for
- some users, mostly with parallel boot (systemd) on slower hardware.
-
- On fast systems where local users are considered particularly hostile,
- administrators can return to the 5 second timeout (or any other value
- in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
-
- <busconfig>
- <limit name="auth_timeout">5000</limit>
- </busconfig>
-
- (fd.o #86431, Simon McVittie)
-
-• Add a message in syslog/the Journal when the auth_timeout is exceeded
- (fd.o #86431, Simon McVittie)
-
-• Send back an AccessDenied error if the addressed recipient is not allowed
- to receive a message (and in builds with assertions enabled, don't
- assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
-
-D-Bus 1.9.2 (2014-11-10)
-==
-
-The “structurally unsound flapjack” release.
-
-Security fixes:
-
-• Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536
- so that CVE-2014-3636 part A cannot exhaust the system bus'
- file descriptors, completing the incomplete fix in 1.8.8.
- (CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy)
-
-Enhancements:
-
-• D-Bus Specification version 0.25
- · new value 'const' for EmitsChangedSignal annotation
- (fd.o #72958, Lennart Poettering)
- · new ALLOW_INTERACTIVE_AUTHORIZATION flag, for PolicyKit and similar
- (fd.o #83449; Lennart Poettering, Simon McVittie)
- · annotate table of types with reserved/basic/container, and for
- basic types, fixed/string-like
- · clarify arbitrary limits by quoting them in mebibytes
-
-• New API: add accessors for the ALLOW_INTERACTIVE_AUTHORIZATION flag
- (fd.o #83449, Simon McVittie)
-
-• Add dbus-test-tool, a D-Bus swiss army knife with multiple subcommands,
- useful for debugging and performance testing:
- · dbus-test-tool spam: send repeated messages
- · dbus-test-tool echo: send an empty reply for all method calls
- · dbus-test-tool black-hole: do not reply to method calls
- (fd.o #34140; Alban Crequy, Simon McVittie, Will Thompson)
-
-• Add support for process ID in credentials-passing on NetBSD
- (fd.o #69702, Patrick Welche)
-
-• Add an example script to find potentially undesired match rules
- (fd.o #84598, Alban Crequy)
-
-• Document the central assumption that makes our use of credentials-passing
- secure (fd.o #83499, Simon McVittie)
-
-• Replace the dbus-glib section of the tutorial with a GDBus recommendation,
- and add some links to GDBus and QtDBus documentation (fd.o #25140,
- Simon McVittie)
-
-Fixes:
-
-• Use a less confusing NoReply message when disconnected with a reply pending
- (fd.o #76112, Simon McVittie)
-
-• Make the .pc file relocatable by letting pkg-config do all variable
- expansion itself (fd.o #75858, Руслан Ижбулатов)
-
-• Fix a build failure on platforms with kqueue, which regressed in 1.9.0
- (fd.o #85563, Patrick Welche)
-
-• Consistently save errno after socket calls (fd.o #83625, Simon McVittie)
-
-• In dbus-spawn, when the grandchild process exits due to a failed exec(),
- do not lose the exec() errno (fd.o #24821, Simon McVittie)
-
-• Do not fail the tests if a parent process has leaked non-close-on-exec
- file descriptors to us (fd.o #73689, fd.o #83899; Simon McVittie)
-
-• Do not fail the tests on Unix platforms with incomplete
- credentials-passing support, but do fail if we can't pass credentials
- on a platform where it is known to work: Linux, FreeBSD, OpenBSD, NetBSD
- (fd.o #69702, Simon McVittie)
-
-• Detect accept4, dirfd, inotify_init1, pipe2, and Unix fd passing
- when building with cmake, and expand test coverage there
- (fd.o #73689; Ralf Habacker, Simon McVittie)
-
-D-Bus 1.9.0 (2014-10-01)
-==
-
-The “tiered cheeses” release.
-
-Requirements:
-
-• Support for the systemd: (LISTEN_FDS) pseudo-transport on Linux now
- requires either the libsystemd or libsd-daemon shared library, dropping the
- embedded convenience copy of sd-daemon (fd.o #71818, Simon)
-
-Build-time configuration changes:
-
-• The Stats interface is now enabled by default, and locked-down to
- root-only on the system bus. Configure with --disable-stats
- to disable it altogether on memory- or disk-constrained systems,
- or see ${docdir}/examples/ to open it up to non-root users on the
- system bus or restrict access on the session bus.
- (fd.o #80759; Simon McVittie, Alban Crequy)
-
-• The CMake build system now builds the same shared library name as Autotools
- on at least Linux and Windows:
- - on Linux (and perhaps other Unix platforms), it previously built
- libdbus-1.so, but now builds libdbus-1.so.3.* with development
- symlink libdbus-1.so and SONAME/symlink libdbus-1.so.3
- - on Windows, it previously built either libdbus-1.dll (release) or
- libdbus-1d.dll (debug), but now builds libdbus-1-3.dll, copied to
- libdbus-1.dll for compatibility with older applications.
- (fd.o #74117, Ralf Habacker)
-
-Enhancements:
-
-• D-Bus Specification version 0.24
- · document how to quote match rules (fd.o #24307, Simon McVittie)
- · explicitly say that most message types never expect a reply
- regardles of whether they have NO_REPLY_EXPECTED
- (fd.o #75749, Simon McVittie)
-
-• on Unix platforms, disable Nagle's algorithm on TCP connections to improve
- initial latency (fd.o #75544, Matt Hoosier)
-
-• use backtrace() if it is in -lexecinfo instead of libc, as on NetBSD
- (fd.o #69702, Patrick Welche)
-
-• in dbus-monitor, print more information about file descriptors
- (fd.o #80603, Alban Crequy)
-
-• do not install system bus configuration if built for Windows
- (fd.o #83583; Ralf Habacker, Simon McVittie)
-
-• Add GetAllMatchRules to the Stats interface (fd.o #24307, Alban Crequy)
-
-• Add a regression test for file descriptor passing (fd.o #83622,
- Simon McVittie)
-
-Fixes:
-
-• fix an incorrect error message if a Unix socket path is too long
- (fd.o #73887, Antoine Jacoutot)
-
-• in an MSYS/Cygwin environment, pass Unix-style filenames to xmlto,
- fixing documentation generation (fd.o #75860, Руслан Ижбулатов)
-
-• in Unix with X11, avoid giving dbus-launch a misleading argv[0]
- in ps(1) (fd.o #69716, Chengwei Yang)
-
-• avoid calling poll() with timeout < -1, which is considered invalid
- on FreeBSD and NetBSD (fd.o #78480, Jaap Boender)
-
-• be portable to BSD-derived platforms where O_CLOEXEC is unavailable in libc
- (like Mac OS X 10.6), or available in libc but unsupported by the kernel
- (fd.o #77032; rmvsxop, OBATA Akio, Patrick Welche)
-
-• Fix include path for test/internal/*.c with cmake (Ralf Habacker)
-
-• Documentation improvements
- (fd.o #80795, #84313; Thomas Haller, Sebastian Rasmussen)
-
-• in dbus-monitor, do not leak file descriptors that we have monitored
- (fd.o #80603, Alban Crequy)
-
-• Set the close-on-exec flag for the inotify file descriptor, even
- if built with CMake or older libc (fd.o #73689, Simon McVittie)
-
-• Remove some LGPL code from the Windows dbus-daemon
- (fd.o #57272, Ralf Habacker)
-
-D-Bus 1.8.8 (2014-09-16)
-==
-
-The "smashy smashy egg man" release.
-
-Security fixes:
-
-• Do not accept an extra fd in the padding of a cmsg message, which
- could lead to a 4-byte heap buffer overrun.
- (CVE-2014-3635, fd.o #83622; Simon McVittie)
-
-• Reduce default for maximum Unix file descriptors passed per message
- from 1024 to 16, preventing a uid with the default maximum number of
- connections from exhausting the system bus' file descriptors under
- Linux's default rlimit. Distributors or system administrators with a
- more restrictive fd limit may wish to reduce these limits further.
-
- Additionally, on Linux this prevents a second denial of service
- in which the dbus-daemon can be made to exceed the maximum number
- of fds per sendmsg() and disconnect the process that would have
- received them.
- (CVE-2014-3636, fd.o #82820; Alban Crequy)
-
-• Disconnect connections that still have a fd pending unmarshalling after
- a new configurable limit, pending_fd_timeout (defaulting to 150 seconds),
- removing the possibility of creating an abusive connection that cannot be
- disconnected by setting up a circular reference to a connection's
- file descriptor.
- (CVE-2014-3637, fd.o #80559; Alban Crequy)
-
-• Reduce default for maximum pending replies per connection from 8192 to 128,
- mitigating an algorithmic complexity denial-of-service attack
- (CVE-2014-3638, fd.o #81053; Alban Crequy)
-
-• Reduce default for authentication timeout on the system bus from
- 30 seconds to 5 seconds, avoiding denial of service by using up
- all unauthenticated connection slots; and when all unauthenticated
- connection slots are used up, make new connection attempts block
- instead of disconnecting them.
- (CVE-2014-3639, fd.o #80919; Alban Crequy)
-
-Other fixes:
-
-• Check for libsystemd from systemd >= 209, falling back to
- the older separate libraries if not found (Umut Tezduyar Lindskog,
- Simon McVittie)
-
-• On Linux, use prctl() to disable core dumps from a test executable
- that deliberately raises SIGSEGV to test dbus-daemon's handling
- of that condition (fd.o #83772, Simon McVittie)
-
-• Fix compilation with --enable-stats (fd.o #81043, Gentoo #507232;
- Alban Crequy)
-
-• Improve documentation for running tests on Windows (fd.o #41252,
- Ralf Habacker)
-
-D-Bus 1.8.6 (2014-06-02)
-==
-
-Security fixes:
-
-• On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently drop
- the message. This prevents an attack in which a malicious client can
- make dbus-daemon disconnect a system service, which is a local
- denial of service.
- (fd.o #80163, CVE-2014-3532; Alban Crequy)
-
-• Track remaining Unix file descriptors correctly when more than one
- message in quick succession contains fds. This prevents another attack
- in which a malicious client can make dbus-daemon disconnect a system
- service.
- (fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
- Simon McVittie, Alban Crequy)
-
-Other fixes:
-
-• When dbus-launch --exit-with-session starts a dbus-daemon but then cannot
- attach to a session, kill the dbus-daemon as intended
- (fd.o #74698, Роман Донченко)
-
-D-Bus 1.8.4 (2014-06-10)
-==
-
-Security fix:
-
-• Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service
- flaw in dbus-daemon, part of the reference implementation of D-Bus.
- Additionally, in highly unusual environments the same flaw could lead to
- a side channel between processes that should not be able to communicate.
- (CVE-2014-3477, fd.o #78979)
-
-D-Bus 1.8.2 (2014-04-30)
-==
-
-The “nobody wants red” release.
-
-Enhancements:
-
-• in the CMake build system, add some hints for Linux users cross-compiling
- Windows D-Bus binaries to be able to run tests under Wine
- (fd.o #41252, Ralf Habacker)
-
-• add Documentation key to dbus.service (fd.o #77447, Cameron Norman)
-
-Fixes:
-
-• in "dbus-uuidgen --ensure", try to copy systemd's /etc/machine-id
- to /var/lib/dbus/machine-id instead of generating an entirely new ID
- (fd.o #77941, Simon McVittie)
-
-• if dbus-launch receives an X error very quickly, do not kill
- unrelated processes (fd.o #74698, Роман Донченко)
-
-• on Windows, allow up to 8K connections to the dbus-daemon, instead of the
- previous 64 (fd.o #71297; Cristian Onet, Ralf Habacker)
-
-• cope with \r\n newlines in regression tests, since on Windows,
- dbus-daemon.exe uses text mode (fd.o #75863, Руслан Ижбулатов)
-
-D-Bus 1.8.0 (2014-01-20)
-==
-
-The “Wolverine distrusts my printer” release.
-
-This starts a new stable branch. The 1.6.x branch is now considered to be
-outdated, and will only receive fixes for serious bugs such as security
-flaws. The 1.4.x and 1.2.x branches no longer have upstream support and
-are unlikely to get any more releases, but if distributors still need to
-support them, please share security patches via upstream.
-
-Summary of changes since 1.6.x:
-
-• libdbus always behaves as if dbus_threads_init_default() had been called
- (thread-safety by default)
-• new dbus-run-session tool, replacing certain misuses of dbus-launch
-• dbus-monitor can talk to outdated versions of dbus-daemon again
-• new org.freedesktop.DBus.GetConnectionCredentials method
-• GetConnectionUnixProcessID also works correctly on Windows, returning
- the Windows process ID
-• GetConnectionWindowsSID returns the correct SID on Windows
-• expat is required, libxml2 can no longer be used as a substitute
-• the userDB cache is required, and cannot be disabled
-• a 64-bit integer type (either int, long, long long or _int64) is required
-• better systemd-journald integration on Linux
-• fixed long-standing fd and array leaks when failing to parse a message
-• fixed referenced-but-never-freed parent nodes (effectively memory leaks)
- when using certain object-path allocation patterns, notably in Avahi
-• better defaults for Windows support
-• better CMake support
-• better portability to mingw32, FreeBSD, NetBSD, QNX and Hurd
-• the source language for the man pages is now Docbook XML
-
-Enhancements since 1.7.10:
-
-• Enhance the CMake build system to check for GLib and compile/run
- a subset of the regression tests (fd.o #41252, #73495; Ralf Habacker)
-
-Fixes since 1.7.10:
-
-• don't rely on va_copy(), use DBUS_VA_COPY() wrapper (fd.o #72840,
- Ralf Habacker)
-
-• fix compilation of systemd journal support on older systemd versions where
- sd-journal.h doesn't include syslog.h (fd.o #73455, Ralf Habacker)
-
-• fix compilation on older MSVC versions by including stdlib.h
- (fd.o #73455, Ralf Habacker)
-
-• Allow <allow_anonymous/> to appear in an included configuration file
- (fd.o #73475, Matt Hoosier)
-
-Test behaviour changes since 1.7.10:
-
-• If the tests crash with an assertion failure, they no longer default to
- blocking for a debugger to be attached. Set DBUS_BLOCK_ON_ABORT in the
- environment if you want the old behaviour.
-
-• To improve debuggability, the dbus-daemon and dbus-daemon-eavesdrop tests
- can be run with an external dbus-daemon by setting
- DBUS_TEST_DAEMON_ADDRESS in the environment. Test-cases that require
- an unusually-configured dbus-daemon are skipped.
-
-D-Bus 1.7.10 (2014-01-06)
-==
-
-The “weighted companion cube” release.
-
-This is a release candidate for D-Bus 1.8.
-
-D-Bus Specification 0.23:
-
-• don't require messages with no INTERFACE to be dispatched
- (fd.o #68597, Simon McVittie)
-
-• document "tcp:bind=..." and "nonce-tcp:bind=..." (fd.o #72301,
- Chengwei Yang)
-
-• define "listenable" and "connectable" addresses, and discuss
- the difference (fd.o #61303, Simon McVittie)
-
-Enhancements:
-
-• support printing Unix file descriptors in dbus-send, dbus-monitor
- (fd.o #70592, Robert Ancell)
-
-• don't install systemd units if --disable-systemd is given
- (fd.o #71818, Chengwei Yang)
-
-Fixes:
-
-• don't leak memory on out-of-memory while listing activatable or
- active services (fd.o #71526, Radoslaw Pajak)
-
-• fix undefined behaviour in a regression test (fd.o #69924, DreamNik)
-
-• escape Unix socket addresses correctly (fd.o #46013, Chengwei Yang)
-
-• on SELinux systems, don't assume that SECCLASS_DBUS, DBUS__ACQUIRE_SVC
- and DBUS__SEND_MSG are numerically equal to their values in the
- reference policy (fd.o #88719, osmond sun)
-
-• define PROCESS_QUERY_LIMITED_INFORMATION if missing from MinGW < 4 headers
- (fd.o #71366, Matt Fischer)
-
-• define WIN32_LEAN_AND_MEAN to avoid conflicts between winsock.h and
- winsock2.h (fd.o #71405, Matt Fischer)
-
-• do not return failure from _dbus_read_nonce() with no error set,
- preventing a potential crash (fd.o #72298, Chengwei Yang)
-
-• on BSD systems, avoid some O(1)-per-process memory and fd leaks in kqueue,
- preventing test failures (fd.o #69332, fd.o #72213; Chengwei Yang)
-
-• fix warning spam on Hurd by not trying to set SO_REUSEADDR on Unix sockets,
- which doesn't do anything anyway on at least Linux and FreeBSD
- (fd.o #69492, Simon McVittie)
-
-• fix use of TCP sockets on FreeBSD and Hurd by tolerating EINVAL from
- sendmsg() with SCM_CREDS (retrying with plain send()), and looking
- for credentials more correctly (fd.o #69492, Simon McVittie)
-
-• ensure that tests run with a temporary XDG_RUNTIME_DIR to avoid
- getting mixed up in XDG/systemd "user sessions" (fd.o #61301,
- Simon McVittie)
-
-• refresh cached policy rules for existing connections when bus
- configuration changes (fd.o #39463, Chengwei Yang)
-
-D-Bus 1.7.8 (2013-11-01)
-==
-
-The “extreme hills” release.
-
-Dependencies:
-
-• If systemd support is enabled, libsystemd-journal is now required.
-
-Enhancements:
-
-• When activating a non-systemd service under systemd, annotate its
- stdout/stderr with its bus name in the Journal. Known limitation:
- because the socket is opened before forking, the process will still be
- logged as if it had dbus-daemon's process ID and user ID.
- (fd.o #68559, Chengwei Yang)
-
-• Document more configuration elements in dbus-daemon(1)
- (fd.o #69125, Chengwei Yang)
-
-Fixes:
-
-• Don't leak string arrays or fds if dbus_message_iter_get_args_valist()
- unpacks them and then encounters an error (fd.o #21259, Chengwei Yang)
-
-• If compiled with libaudit, retain CAP_AUDIT_WRITE so we can write
- disallowed method calls to the audit log, fixing a regression in 1.7.6
- (fd.o #49062, Colin Walters)
-
-• path_namespace='/' in match rules incorrectly matched nothing; it
- now matches everything. (fd.o #70799, Simon McVittie)
-
-D-Bus 1.7.6 (2013-10-09)
-==
-
-The “CSI Shrewsbury” release.
-
-Build-time configuration changes:
-
-• Directory change notification via dnotify on Linux is no longer
- supported; it hadn't compiled successfully since 2010 in any case.
- If you don't have inotify (Linux) or kqueue (*BSD), you will need
- to send SIGHUP to the dbus-daemon when its configuration changes.
- (fd.o #33001, Chengwei Yang)
-
-• Compiling with --disable-userdb-cache is no longer supported;
- it didn't work since at least 2008, and would lead to an extremely
- slow dbus-daemon even it worked. (fd.o #15589, #17133, #66947;
- Chengwei Yang)
-
-• The DBUS_DISABLE_ASSERTS CMake option didn't actually disable most
- assertions. It has been renamed to DBUS_DISABLE_ASSERT to be consistent
- with the Autotools build system. (fd.o #66142, Chengwei Yang)
-
-• --with-valgrind=auto enables Valgrind instrumentation if and only if
- valgrind headers are available. The default is still --with-valgrind=no.
- (fd.o #56925, Simon McVittie)
-
-Dependencies:
-
-• Platforms with no 64-bit integer type are no longer supported.
- (fd.o #65429, Simon McVittie)
-
-• GNU make is now (documented to be) required. (fd.o #48277, Simon McVittie)
-
-• Full test coverage no longer requires dbus-glib, although the tests do not
- exercise the shared library (only a static copy) if dbus-glib is missing.
- (fd.o #68852, Simon McVittie)
-
-Enhancements:
-
-• D-Bus Specification 0.22
- · Document GetAdtAuditSessionData() and
- GetConnectionSELinuxSecurityContext() (fd.o #54445, Simon)
- · Fix example .service file (fd.o #66481, Chengwei Yang)
- · Don't claim D-Bus is "low-latency" (lower than what?), just
- give factual statements about it supporting async use
- (fd.o #65141, Justin Lee)
- · Document the contents of .service files, and the fact that
- system services' filenames are constrained
- (fd.o #66608; Simon McVittie, Chengwei Yang)
-
-• Be thread-safe by default on all platforms, even if
- dbus_threads_init_default() has not been called. For compatibility with
- older libdbus, library users should continue to call
- dbus_threads_init_default(): it is harmless to do so.
- (fd.o #54972, Simon McVittie)
-
-• Add GetConnectionCredentials() method (fd.o #54445, Simon)
-
-• New API: dbus_setenv(), a simple wrapper around setenv().
- Note that this is not thread-safe. (fd.o #39196, Simon)
-
-• Add dbus-send --peer=ADDRESS (connect to a given peer-to-peer connection,
- like --address=ADDRESS in previous versions) and dbus-send --bus=ADDRESS
- (connect to a given bus, like dbus-monitor --address=ADDRESS).
- dbus-send --address still exists for backwards compatibility,
- but is no longer documented. (fd.o #48816, Andrey Mazo)
-
-• Windows-specific:
- · "dbus-daemon --nofork" is allowed on Windows again. (fd.o #68852,
- Simon McVittie)
-
-Fixes:
-
-• Avoid an infinite busy-loop if a signal interrupts waitpid()
- (fd.o #68945, Simon McVittie)
-
-• Clean up memory for parent nodes when objects are unexported
- (fd.o #60176, Thomas Fitzsimmons)
-
-• Make dbus_connection_set_route_peer_messages(x, FALSE) behave as
- documented. Previously, it assumed its second parameter was TRUE.
- (fd.o #69165, Chengwei Yang)
-
-• Escape addresses containing non-ASCII characters correctly
- (fd.o #53499, Chengwei Yang)
-
-• Document <servicedir> search order correctly (fd.o #66994, Chengwei Yang)
-
-• Don't crash on "dbus-send --session / x.y.z" which regressed in 1.7.4.
- (fd.o #65923, Chengwei Yang)
-
-• If malloc() returns NULL in _dbus_string_init() or similar, don't free
- an invalid pointer if the string is later freed (fd.o #65959, Chengwei Yang)
-
-• If malloc() returns NULL in dbus_set_error(), don't va_end() a va_list
- that was never va_start()ed (fd.o #66300, Chengwei Yang)
-
-• fix build failure with --enable-stats (fd.o #66004, Chengwei Yang)
-
-• fix a regression test on platforms with strict alignment (fd.o #67279,
- Colin Walters)
-
-• Avoid calling function parameters "interface" since certain Windows headers
- have a namespace-polluting macro of that name (fd.o #66493, Ivan Romanov)
-
-• Assorted Doxygen fixes (fd.o #65755, Chengwei Yang)
-
-• Various thread-safety improvements to static variables (fd.o #68610,
- Simon McVittie)
-
-• Make "make -j check" work (fd.o #68852, Simon McVittie)
-
-• Fix a NULL pointer dereference on an unlikely error path
- (fd.o #69327, Sviatoslav Chagaev)
-
-• Improve valgrind memory pool tracking (fd.o #69326,
- Sviatoslav Chagaev)
-
-• Don't over-allocate memory in dbus-monitor (fd.o #69329,
- Sviatoslav Chagaev)
-
-• dbus-monitor can monitor dbus-daemon < 1.5.6 again
- (fd.o #66107, Chengwei Yang)
-
-• Unix-specific:
- · If accept4() fails with EINVAL, as it can on older Linux kernels
- with newer glibc, try accept() instead of going into a busy-loop.
- (fd.o #69026, Chengwei Yang)
- · If socket() or socketpair() fails with EINVAL or EPROTOTYPE,
- for instance on Hurd or older Linux with a new glibc, try without
- SOCK_CLOEXEC. (fd.o #69073; Pino Toscano, Chengwei Yang)
- · Fix a file descriptor leak on an error code path.
- (fd.o #69182, Sviatoslav Chagaev)
- · dbus-run-session: clear some unwanted environment variables
- (fd.o #39196, Simon)
- · dbus-run-session: compile on FreeBSD (fd.o #66197, Chengwei Yang)
- · Don't fail the autolaunch test if there is no DISPLAY (fd.o #40352, Simon)
- · Use dbus-launch from the builddir for testing, not the installed copy
- (fd.o #37849, Chengwei Yang)
- · Fix compilation if writev() is unavailable (fd.o #69409,
- Vasiliy Balyasnyy)
- · Remove broken support for LOCAL_CREDS credentials passing, and
- document where each credential-passing scheme is used (fd.o #60340,
- Simon McVittie)
- · Make autogen.sh work on *BSD by not assuming GNU coreutils functionality
- (fd.o #35881, #69787; Chengwei Yang)
- · dbus-monitor: be portable to NetBSD (fd.o #69842, Chengwei Yang)
- · dbus-launch: stop using non-portable asprintf (fd.o #37849, Simon)
- · Improve error reporting from the setuid activation helper (fd.o #66728,
- Chengwei Yang)
-
-• Windows-specific:
- · Remove unavailable command-line options from 'dbus-daemon --help'
- (fd.o #42441, Ralf Habacker)
- · Add support for looking up local TCPv4 clients' credentials on
- Windows XP via the undocumented AllocateAndGetTcpExTableFromStack
- function (fd.o #66060, Ralf Habacker)
- · Fix insufficient dependency-tracking (fd.o #68505, Simon McVittie)
- · Don't include wspiapi.h, fixing a compiler warning (fd.o #68852,
- Simon McVittie)
-
-• Internal changes:
- · add DBUS_ENABLE_ASSERT, DBUS_ENABLE_CHECKS for less confusing
- conditionals (fd.o #66142, Chengwei Yang)
- · improve verbose-mode output (fd.o #63047, Colin Walters)
- · consolidate Autotools and CMake build (fd.o #64875, Ralf Habacker)
- · fix various unused variables, unusual build configurations
- etc. (fd.o #65712, #65990, #66005, #66257, #69165, #69410, #70218;
- Chengwei Yang, Vasiliy Balyasnyy)
-
-D-Bus 1.7.4 (2013-06-13)
-==
-
-The “but is your thread-safety thread-safe?” release.
-
-Security fixes:
-
-• CVE-2013-2168: Fix misuse of va_list that could be used as a denial
- of service for system services. Vulnerability reported by Alexandru Cornea.
- (Simon)
-
-Dependencies:
-
-• The Windows version of libdbus now contains a C++ source file, used
- to provide global initialization when the library is loaded.
- gcc (mingw*) users should ensure that g++ is also installed.
-
-• The libxml2-based configuration reader (which hasn't worked for 2.5 years,
- and was never the recommended option) has been removed. Expat is now a
- hard dependency.
-
-Enhancements:
-
-• It should now be safe to call dbus_threads_init_default() from any thread,
- at any time. Authors of loadable modules and plugins that use libdbus
- should consider doing so during initialization.
- (fd.o #54972, Simon McVittie)
-
-• Improve dbus-send documentation and command-line parsing (fd.o #65424,
- Chengwei Yang)
-
-Unix-specific:
- · dbus-run-session: experimental new tool to start a temporary D-Bus
- session, e.g. for regression tests or a text console, replacing
- certain uses of dbus-launch which weren't really correct
- (fd.o #39196, Simon)
-
-Other fixes:
-
-• In dbus-daemon, don't crash if a .service file starts with key=value
- (fd.o #60853, Chengwei Yang)
-
-• Unix-specific:
- · Fix a crash similar to CVE-2013-2168 the first time we try to use syslog
- on a platform not defining LOG_PERROR, such as Solaris or QNX.
- This regressed in 1.7.0. (Simon)
- · Fix an assertion failure if we try to activate systemd services before
- systemd connects to the bus (fd.o #50199, Chengwei Yang)
- · Avoid compiler warnings for ignoring the return from write()
- (Chengwei Yang)
-
-• Windows-specific:
- · Under cmake, install runtime libraries (DLLs) into bin/ instead of lib/
- so that Windows finds them (fd.o #59733, Ralf Habacker)
-
-D-Bus 1.7.2 (2013-04-25)
-==
-
-The “only partially opaque” release.
-
-Configuration changes:
-
-• On non-QNX Unix platforms, the default limit on fds per message in the
- session bus configuration has reduced from 4096 to 1024. The default
- limit used on the system bus was already 1024. On QNX, both limits are
- reduced further, to 128.
-
-Enhancements:
-
-• D-Bus Specification 0.21
- · Following Unicode Corrigendum #9, the noncharacters U+nFFFE, U+nFFFF,
- U+FDD0..U+FDEF are allowed in UTF-8 strings again. (fd.o #63072,
- Simon McVittie)
-
-Fixes:
-
-• Diagnose incorrect use of dbus_connection_get_data() with negative slot
- (i.e. before allocating the slot) rather than returning junk
- (fd.o #63127, Dan Williams)
-
-• Fix a cmake build regression since 1.7.0 (fd.o #63682; Ralf Habacker,
- Simon McVittie)
-
-• Unix-specific:
- · On Linux, link successfully with glibc 2.17 (fd.o #63166, Simon McVittie)
- · Under systemd, log to syslog only, not stderr, avoiding duplication
- (fd.o #61399, #39987; Colin Walters, Dagobert Michelsen)
- · Under systemd, remove unnecessary dependency on syslog.socket
- (fd.o #63531, Cristian Rodríguez)
- · Include alloca.h for alloca() if available, fixing compilation on
- Solaris 10 (fd.o #63071, Dagobert Michelsen)
- · Allow use of systemd-logind without the rest of systemd
- (fd.o #62585, Martin Pitt)
- · When built with CMake, link to librt and use the right path for
- meinproc's XSLT stylesheets (fd.o #61637, Ralf Habacker)
- · Reduce the default limit on number of fds per message to 128 under
- QNX, working around an arbitrary OS limit (fd.o #61176, Matt Fischer)
-
-• Windows-specific:
- · Do not claim that all bus clients have the dbus-daemon's credentials;
- pick up local TCPv4 clients' credentials (process ID and security
- identifier, i.e. user) using GetExtendedTcpTable() (fd.o #61787,
- Ralf Habacker)
-
-D-Bus 1.7.0 (2013-02-22)
-==
-
-The "Disingenuous Assertions" release.
-
-This is a new development release, starting the 1.7.x branch. D-Bus 1.6
-remains the recommended version for long-term-supported distributions
-or the upcoming GNOME 3.8 release.
-
-Build-time configuration changes:
-
-• The --with-dbus-session-bus-default-address configure option is no longer
- supported. Use the new --with-dbus-session-bus-connect-address and
- --with-dbus-session-bus-listen-address options instead. On Windows, you
- usually want them to have the same argument; on Unix, the defaults are
- usually correct.
-
-• Similarly, the DBUS_SESSION_BUS_DEFAULT_ADDRESS CMake variable is no longer
- supported; use the new DBUS_SESSION_BUS_LISTEN_ADDRESS and
- DBUS_SESSION_BUS_CONNECT_ADDRESS variables instead.
-
-• cmake/cross-compile.sh has been removed. Instead, please use a
- cross-toolchain file (-DCMAKE_TOOLCHAIN_FILE) as documented at
- <http://www.vtk.org/Wiki/CMake_Cross_Compiling>; or use Autotools
- as documented in "info automake Cross-Compilation", and set
- PKG_CONFIG_PATH appropriately.
-
-Requirements:
-
-• Man pages now require xmlto (or either xmlto or meinproc, if using CMake).
-• man2html is no longer used.
-
-Enhancements:
-
-• D-Bus Specification 0.20
- · actually say that /org/freedesktop/DBus is the object that
- implements o.fd.DBus (fd.o #51865, Colin Walters)
- · various reorganisation for better clarity (fd.o #38252, Simon McVittie)
- · stop claiming that all basic types work just like INT32 (strings don't!)
-
-• The "source code" for the man pages is now Docbook XML, eliminating
- the outdated duplicate copies used when building with CMake.
- (fd.o #59805; Ralf Habacker, Simon McVittie)
-
-Fixes:
-
-• In the activation helper, when compiled for tests, do not reset the system
- bus address, fixing the regression tests. (fd.o #52202, Simon)
-
-• Fix building with Valgrind 3.8, at the cost of causing harmless warnings
- with Valgrind 3.6 on some compilers (fd.o #55932, Arun Raghavan)
-
-• Merge <servicehelper> from system-local.conf if necessary (fd.o #51560,
- Krzysztof Konopko)
-
-• Under CMake, prefer xmlto over meinproc (fd.o #59733, Ralf Habacker)
-
-• Stop duplicating CMake's own logic to find libexpat
- (fd.o #59733, Ralf Habacker)
-
-• Don't assume CMake host and build system are the same (fd.o #59733,
- Ralf Habacker)
-
-• Avoid deprecation warnings for GLib 2.35 (fd.o #59971, Simon McVittie)
-
-• Unix-specific:
- · Check for functions in libpthread correctly, fixing compilation on
- (at least) OpenBSD (fd.o #47239, Simon)
- · Don't leak temporary fds pointing to /dev/null (fd.o #56927,
- Michel HERMIER)
- · Update sd-daemon.[ch] from systemd (fd.o #60681)
- · Add partial support for QNX (fd.o #60339, fd.o #61176; Matt Fischer)
-
-• Windows-specific:
- · The default session bus listening and connecting address is now
- "autolaunch:", which makes D-Bus on Windows interoperate with itself
- and GDBus "out of the box". Use the configure options and cmake variables
- described above if you require a different autolaunch scope.
- (fd.o #38201, Simon McVittie)
- · Avoid a CMake warning under Cygwin (fd.o #59401, Ralf Habacker)
-
-• Create session.d, system.d directories under CMake (fd.o #41319,
- Ralf Habacker)
-
-D-Bus 1.6.8 (2012-09-28)
-==
-
-The "Fix one thing, break another" release.
-
-• Follow up to CVE-2012-3524: The additional hardening
- work to use __secure_getenv() as a followup to bug #52202
- broke certain configurations of gnome-keyring. Given
- the difficulty of making this work without extensive
- changes to gnome-keyring, use of __secure_getenv() is
- deferred.
-
-D-Bus 1.6.6 (2012-09-28)
-==
-
-The "Clear the environment in your setuid binaries, please" release.
-
-• CVE-2012-3524: Don't access environment variables (fd.o #52202)
- Thanks to work and input from Colin Walters, Simon McVittie,
- Geoffrey Thomas, and others.
-• Unix-specific:
- · Fix compilation on Solaris (fd.o #53286, Jonathan Perkin)
- · Work around interdependent headers on OpenBSD by including sys/types.h
- before each use of sys/socket.h (fd.o #54418, Brad Smith)
-
-D-Bus 1.6.4 (2012-07-18)
-==
-
-• Detect that users are "at the console" correctly when configured with
- a non-default path such as --enable-console-auth-dir=/run/console
- (fd.o #51521, Dave Reisner)
-
-• Remove an incorrect assertion from DBusTransport (fd.o #51657,
- Simon McVittie)
-
-• Make --enable-developer default to "no" (regression in 1.6.2;
- fd.o #51657, Simon McVittie)
-
-• Windows-specific:
- · Launch dbus-daemon correctly if its path contains a space
- (fd.o #49450, Wolfgang Baron)
-
-D-Bus 1.6.2 (2012-06-27)
-==
-
-The "Ice Cabbage" release.
-
-• Change how we create /var/lib/dbus so it works under Automake >= 1.11.4
- (fd.o #51406, Simon McVittie)
-
-• Don't return from dbus_pending_call_set_notify with a lock held on OOM
- (fd.o #51032, Simon McVittie)
-
-• Disconnect "developer mode" (assertions, verbose mode etc.) from
- Automake maintainer mode. D-Bus developers should now configure with
- --enable-developer. Automake maintainer mode is now on by default;
- distributions can disable it with --disable-maintainer-mode.
- (fd.o #34671, Simon McVittie)
-
-• Automatically define DBUS_STATIC_BUILD in static-only Autotools builds,
- fixing linking when targeting Windows (fd.o #33973; william, Simon McVittie)
-
-• Unix-specific:
- · Check for libpthread under CMake on Unix (fd.o #47237, Simon McVittie)
-
-D-Bus 1.6.0 (2012-06-05)
-==
-
-The “soul of this machine has improved” release.
-
-This version starts a new stable branch of D-Bus: only bug fixes will
-be accepted into 1.6.x. Other changes will now go to the 1.7.x branch.
-
-Summary of changes since 1.4.x:
-
-• New requirements
- · PTHREAD_MUTEX_RECURSIVE on Unix
- · compiler support for 64-bit integers (int64_t or equivalent)
-
-• D-Bus Specification v0.19
-
-• New dbus-daemon features
- · <allow own_prefix="com.example.Service"/> rules allow the service to
- own names like com.example.Service.Instance3
- · optional systemd integration when checking at_console policies
- · --nopidfile option, mainly for use by systemd
- · path_namespace and arg0namespace may appear in match rules
- · eavesdropping is disabled unless the match rule contains eavesdrop=true
-
-• New public API
- · functions to validate various string types (dbus_validate_path() etc.)
- · dbus_type_is_valid()
- · DBusBasicValue, a union of every basic type
-
-• Bug fixes
- · removed an unsafe reimplementation of recursive mutexes
- · dbus-daemon no longer busy-loops if it has far too many file descriptors
- · dbus-daemon.exe --print-address works on Windows
- · all the other bug fixes from 1.4.20
-
-• Other major implementation changes
- · on Linux, dbus-daemon uses epoll if supported, for better scalability
- · dbus_threads_init() ignores its argument and behaves like
- dbus_threads_init_default() instead
- · removed the per-connection link cache, improving dbus-daemon performance
-
-• Developer features
- · optional Valgrind instrumentation (--with-valgrind)
- · optional Stats interface on the dbus-daemon (--enable-stats)
- · optionally abort whenever malloc() fails (--enable-embedded-tests
- and export DBUS_MALLOC_CANNOT_FAIL=1)
-
-Changes since 1.5.12:
-
-• Be more careful about monotonic time vs. real time, fixing DBUS_COOKIE_SHA1
- spec-compliance (fd.o #48580, David Zeuthen)
-
-• Don't use install(1) within the source/build trees, fixing the build as
- non-root when using OpenBSD install(1) (fd.o #48217, Antoine Jacoutot)
-
-• Add missing commas in some tcp and nonce-tcp addresses, and remove
- an unused duplicate copy of the nonce-tcp transport in Windows builds
- (fd.o #45896, Simon McVittie)
-
-D-Bus 1.5.12 (2012-03-27)
-==
-
-The “Big Book of Science” release.
-
-• Add public API to validate various string types:
- dbus_validate_path(), dbus_validate_interface(), dbus_validate_member(),
- dbus_validate_error_name(), dbus_validate_bus_name(), dbus_validate_utf8()
- (fd.o #39549, Simon McVittie)
-
-• Turn DBusBasicValue into public API so bindings don't need to invent their
- own "union of everything" type (fd.o #11191, Simon McVittie)
-
-• Enumerate data files included in the build rather than using find(1)
- (fd.o #33840, Simon McVittie)
-
-• Add support for policy rules like <allow own_prefix="com.example.Service"/>
- in dbus-daemon (fd.o #46273, Alban Crequy)
-
-• Windows-specific:
- · make dbus-daemon.exe --print-address (and --print-pid) work again
- on Win32, but not on WinCE (fd.o #46049, Simon McVittie)
- · fix duplicate case value when compiling against mingw-w64
- (fd.o #47321, Andoni Morales Alastruey)
-
-D-Bus 1.5.10 (2012-02-21)
-==
-
-The "fire in Delerium" release.
-
-On Unix platforms, PTHREAD_MUTEX_RECURSIVE (as specified in POSIX 2008 Base
-and SUSv2) is now required.
-
-• D-Bus Specification 0.19:
- · Formally define unique connection names and well-known bus names,
- and document best practices for interface, bus, member and error names,
- and object paths (fd.o #37095, Simon McVittie)
- · Document the search path for session and system services on Unix, and
- where they should be installed by build systems (fd.o #21620, fd.o #35306;
- Simon McVittie)
- · Document the systemd transport (fd.o #35232, Lennart Poettering)
-
-• Make dbus_threads_init() use the same built-in threading implementation
- as dbus_threads_init_default(); the user-specified primitives that it
- takes as a parameter are now ignored (fd.o #43744, Simon McVittie)
-
-• Allow all configured auth mechanisms, not just one (fd.o #45106,
- Pavel Strashkin)
-
-• Improve cmake build system (Ralf Habacker):
- · simplify XML parser dependencies (fd.o #41027)
- · generate build timestamp (fd.o #41029)
- · only create batch files on Windows
- · fix option and cache syntax
- · add help-options target
- · share dbus-arch-deps.h.in with autotools rather than having our
- own version (fd.o #41033)
-
-• Build tests successfully with older GLib, as found in e.g. Debian 6
- (fd.o #41219, Simon McVittie)
-
-• Avoid use of deprecated GThread API (fd.o #44413, Martin Pitt)
-
-• Build documentation correctly if man2html doesn't support filenames on
- its command-line (fd.o #43875, Jack Nagel)
-
-• Improve test coverage. To get even more coverage, run the tests with
- DBUS_TEST_SLOW=1 (fd.o #38285, #42811; Simon McVittie)
-
-• Reduce the size of the shared library by moving functionality only used
- by dbus-daemon, tests etc. into their internal library and deleting
- unused code (fd.o #34976, #39759; Simon McVittie)
-
-• Add dbus-daemon --nopidfile option, overriding the configuration, for
- setups where the default configuration must include <pidfile/> to avoid
- breaking traditional init, but the pid file is in fact unnecessary; use
- it under systemd to improve startup time a bit (fd.o #45520,
- Lennart Poettering)
-
-• Optionally (if configured --with-valgrind) add instrumentation to debug
- libdbus and associated tools more meaningfully under Valgrind
- (fd.o #37286, Simon McVittie)
-
-• Improve the dbus-send(1) man page (fd.o #14005, Simon McVittie)
-
-• Make dbus-protocol.h compatible with C++11 (fd.o #46147, Marc Mutz)
-
-• If tests are enabled and DBUS_MALLOC_CANNOT_FAIL is set in the environment,
- abort on failure to malloc() (like GLib does), to turn runaway memory leaks
- into a debuggable core-dump if a resource limit is applied (fd.o #41048,
- Simon McVittie)
-
-• Don't crash if realloc() returns NULL in a debug build (fd.o #41048,
- Simon McVittie)
-
-• Unix-specific:
- · Replace our broken reimplementation of recursive mutexes, which has
- been broken since 2006, with an ordinary pthreads recursive mutex
- (fd.o #43744; Sigmund Augdal, Simon McVittie)
- · Use epoll(7) for a more efficient main loop in Linux; equivalent patches
- welcomed for other OSs' equivalents like kqueue, /dev/poll, or Solaris
- event ports (fd.o #33337; Simon McVittie, Ralf Habacker)
- · When running under systemd, use it instead of ConsoleKit to check
- whether to apply at_console policies (fd.o #39609, Lennart Poettering)
- · Avoid a highly unlikely fd leak (fd.o #29881, Simon McVittie)
- · Don't close invalid fd -1 if getaddrinfo fails (fd.o #37258, eXeC001er)
- · Don't touch ~/.dbus and ~/.dbus-keyrings when running 'make installcheck'
- (fd.o #41218, Simon McVittie)
- · Stop pretending we respect XDG_DATA_DIRS for system services: the launch
- helper doesn't obey environment variables to avoid privilege escalation
- attacks, so make the system bus follow the same rules
- (fd.o #21620, Simon McVittie)
-
-• Windows-specific:
- · Find the dbus-daemon executable next to the shared library (fd.o #41558;
- Jesper Dam, Ralf Habacker)
- · Remove the faulty implementation of _dbus_condvar_wake_all (fd.o #44609,
- Simon McVittie)
-
-D-Bus 1.5.8 (2011-09-21)
-==
-
-The "cross-metering" release.
-
-In addition to dead code removal and refactoring, this release contains all
-of the bugfixes from 1.4.16.
-
-• Clean up dead code, and make more warnings fatal in development builds
- (fd.o #39231, fd.o #41012; Simon McVittie)
-
-• If full test coverage is requested via --enable-tests, strictly require
- Python, pygobject and dbus-python, which are required by some tests; if not,
- and Python is missing, skip those tests rather than failing
- (fd.o #37847, Simon McVittie)
-
-• When using cmake, provide the same version-info API in the installed headers
- as for autotools (DBUS_VERSION, etc.) (fd.o #40905, Ralf Habacker)
-
-• Add a regression test for fd.o #38005 (fd.o #39836, Simon McVittie)
-
-• Make "NOCONFIGURE=1 ./autogen.sh" not run configure (Colin Walters)
-
-• Add _DBUS_STATIC_ASSERT and use it to check invariants (fd.o #39636,
- Simon McVittie)
-
-• Fix duplicates in authors list (Ralf Habacker)
-
-• Fix broken links from dbus-tutorial.html if $(htmldir) != $(docdir)
- (fd.o #39879, Chris Mayo)
-
-• Fix a small memory leak, and a failure to report errors, when updating
- a service file entry for activation (fd.o #39230, Simon McVittie)
-
-• Unix-specific:
- · Clean up (non-abstract) Unix sockets on bus daemon exit (fd.o #38656;
- Brian Cameron, Simon McVittie)
- · On systems that use libcap-ng but not systemd, drop supplemental groups
- when switching to the daemon user (Red Hat #726953, Steve Grubb)
- · Make the cmake build work again on GNU platforms (fd.o #29228,
- Simon McVittie)
- · Fix compilation on non-C99 systems that have inttypes.h but not stdint.h,
- like Solaris (fd.o #40313, Dagobert Michelsen)
- · Define CMSG_ALIGN, CMSG_LEN, CMSG_SPACE on Solaris < 10
- (fd.o #40235, Simon McVittie)
- · Cope with Unixes that don't have LOG_PERROR, like Solaris 10
- (fd.o #39987, Simon McVittie)
- · Cope with platforms whose vsnprintf violates both POSIX and C99, like
- Tru64, IRIX and HP-UX (fd.o #11668, Simon McVittie)
-
-• Windows-specific:
- · Fix compilation on MSVC, which doesn't understand "inline" with its
- C99 meaning (fd.o #40000; Ralf Habacker, Simon McVittie)
- · Fix misuse of GPid in test/dbus-daemon.c (fd.o #40003, Simon McVittie)
- · Fix cross-compilation to Windows with Automake (fd.o #40003, Simon McVittie)
-
-D-Bus 1.5.6 (2011-07-29)
-==
-
-The "weird, gravy-like aftertaste" release.
-
-In addition to new features and refactoring, this release contains all of the
-bugfixes from 1.4.14.
-
-Potentially incompatible (Bustle and similar debugging tools will need
-changes to work as intended):
-
-• Do not allow match rules to "eavesdrop" (receive messages intended for a
- different recipient) by mistake: eavesdroppers must now opt-in to this
- behaviour by putting "eavesdrop='true'" in the match rule, which will
- not have any practical effect on buses where eavesdropping is not allowed
- (fd.o #37890, Cosimo Alfarano)
-
-Other changes:
-
-• D-Bus Specification version 0.18 (fd.o #37890, fd.o #39450, fd.o #38252;
- Cosimo Alfarano, Simon McVittie)
- · add the "eavesdrop" keyword to match rules
- · define eavesdropping, unicast messages and broadcast messages
- · stop claiming that match rules are needed to match unicast messages to you
- · promote the type system to be a top-level section
-
-• Use DBUS_ERROR_OBJECT_PATH_IN_USE if dbus_connection_try_register_object_path
- or dbus_connection_try_register_fallback fails, not ...ADDRESS_IN_USE,
- and simplify object-path registration (fd.o #38874, Jiří Klimeš)
-
-• Consistently use atomic operations on everything that is ever manipulated
- via atomic ops, as was done for changes to DBusConnection's refcount in
- 1.4.12 (fd.o #38005, Simon McVittie)
-
-• Fix a file descriptor leak when connecting to a TCP socket (fd.o #37258,
- Simon McVittie)
-
-• Make "make check" in a clean tree work, by not running tests until
- test data has been set up (fd.o #34405, Simon McVittie)
-
-• The dbus-daemon no longer busy-loops if it has a very large number of file
- descriptors (fd.o #23194, Simon McVittie)
-
-• Refactor message flow through dispatching to avoid locking violations if
- the bus daemon's message limit is hit; remove the per-connection link cache,
- which was meant to improve performance, but now reduces it (fd.o #34393,
- Simon McVittie)
-
-• Some cmake fixes (Ralf Habacker)
-
-• Remove dead code, mainly from DBusString (fd.o #38570, fd.o #39610;
- Simon McVittie, Lennart Poettering)
-
-• Stop storing two extra byte order indicators in each D-Bus message
- (fd.o #38287, Simon McVittie)
-
-• Add an optional Stats interface which can be used to get statistics from
- a running dbus-daemon if enabled at configure time with --enable-stats
- (fd.o #34040, Simon McVittie)
-
-• Fix various typos (fd.o #27227, fd.o #38284; Sascha Silbe, Simon McVittie)
-
-• Documentation (fd.o #36156, Simon McVittie):
- · let xsltproc be overridden as usual: ./configure XSLTPROC=myxsltproc
- · install more documentation automatically, including man2html output
- · put dbus.devhelp in the right place (it must go in ${htmldir})
-
-• Unix-specific:
- · look for system services in /lib/dbus-1/system-services in addition to all
- the other well-known locations; note that this should always be /lib,
- even on platforms where shared libraries on the root FS would go in /lib64,
- /lib/x86_64-linux-gnu or similar (fd.o #35229, Lennart Poettering)
- · opt-in to fd passing on Solaris (fd.o #33465, Simon McVittie)
-
-• Windows-specific (Ralf Habacker):
- · fix use of a mutex for autolaunch server detection
- · don't crash on malloc failure in _dbus_printf_string_upper_bound
-
-D-Bus 1.5.4 (2011-06-10)
-==
-
-Security (local denial of service):
-
-• Byte-swap foreign-endian messages correctly, preventing a long-standing
- local DoS if foreign-endian messages are relayed through the dbus-daemon
- (backporters: this is git commit c3223ba6c401ba81df1305851312a47c485e6cd7)
- (CVE-2011-2200, fd.o #38120, Debian #629938; Simon McVittie)
-
-New things:
-
-• The constant to use for an infinite timeout now has a name,
- DBUS_TIMEOUT_INFINITE. It is numerically equivalent to 0x7fffffff (INT32_MAX)
- which can be used for source compatibility with older versions of libdbus.
-
-• If GLib and DBus-GLib are already installed, more tests will be built,
- providing better coverage. The new tests can also be installed via
- ./configure --enable-installed-tests
- for system integration testing, if required. (fd.o #34570, Simon McVittie)
-
-Changes:
-
-• Consistently use atomic operations for the DBusConnection's refcount,
- fixing potential threading problems (fd.o #38005, Simon McVittie)
-
-• Don't use -Wl,--gc-sections by default: in practice the size decrease is
- small (300KiB on x86-64) and it frequently doesn't work in unusual
- toolchains. To optimize for minimum installed size, you should benchmark
- various possibilities for CFLAGS and LDFLAGS, and set the best flags for
- your particular toolchain at configure time. (fd.o #33466, Simon McVittie)
-
-• Use #!/bin/sh for run-with-tmp-session-bus.sh, making it work on *BSD
- (fd.o #35880, Timothy Redaelli)
-
-• Use ln -fs to set up dbus for systemd, which should fix reinstallation
- when not using a DESTDIR (fd.o #37870, Simon McVittie)
-
-• Windows-specific changes:
- · don't try to build dbus-daemon-launch-helper (fd.o #37838, Mark Brand)
-
-D-Bus 1.5.2 (2011-06-01)
-==
-
-The "Boar Hunter" release.
-
-Notes for distributors:
-
- This version of D-Bus no longer uses -fPIE by default. Distributions wishing
- to harden the dbus-daemon and dbus-launch-helper can re-enable this if their
- toolchain supports it reliably, via something like:
-
- ./configure CFLAGS=-fPIE LDFLAGS="-pie -Wl,-z,relro"
-
- or by using distribution-specific wrappers such as Debian's hardening-wrapper.
-
-Changes:
-
- • D-Bus Specification v0.17
- · Reserve the extra characters used in signatures by GVariant
- (fd.o #34529, Simon McVittie)
- · Define the ObjectManager interface (fd.o #34869, David Zeuthen)
- • Don't force -fPIE: distributions and libtool know better than we do whether
- it's desirable (fd.o #16621, fd.o #27215; Simon McVittie)
- • Allow --disable-gc-sections, in case your toolchain offers the
- -ffunction-sections, -fdata-sections and -Wl,--gc-sections options
- but they're broken, as seen on Solaris (fd.o #33466, Simon McVittie)
- • Install dbus-daemon and dbus-daemon-launch-helper in a more normal way
- (fd.o #14512; Simon McVittie, loosely based on a patch from Luca Barbato)
- • Ensure that maintainers upload documentation with the right permissions
- (fd.o #36130, Simon McVittie)
- • Don't force users of libdbus to be linked against -lpthread, -lrt
- (fd.o #32827, Simon McVittie)
- • Log system-bus activation information to syslog (fd.o #35705,
- Colin Walters)
- • Log messages dropped due to quotas to syslog (fd.o #35358,
- Simon McVittie)
- • Make the nonce-tcp transport work on Unix (fd.o #34569, Simon McVittie)
- • On Unix, if /var/lib/dbus/machine-id cannot be read, try /etc/machine-id
- (fd.o #35228, Lennart Poettering)
- • In the regression tests, don't report fds as "leaked" if they were open
- on startup (fd.o #35173, Simon McVittie)
- • Make dbus-monitor bail out if asked to monitor more than one bus,
- rather than silently using the last one (fd.o #26548, Will Thompson)
- • Clarify documentation (fd.o #35182, Simon McVittie)
- • Clean up minor dead code and some incorrect error handling
- (fd.o #33128, fd.o #29881; Simon McVittie)
- • Check that compiler options are supported before using them (fd.o #19681,
- Simon McVittie)
- • Windows:
- • Remove obsolete workaround for winioctl.h (fd.o #35083, Ralf Habacker)
-
-D-Bus 1.5.0 (2011-04-11)
-==
-
-The "you never know when you need to tow something from your giant
-flying shark" release.
-
- • D-Bus Specification v0.16
- · Add support for path_namespace and arg0namespace in match rules
- (fd.o #24317, #34870; Will Thompson, David Zeuthen, Simon McVittie)
- · Make argNpath support object paths, not just object-path-like strings,
- and document it better (fd.o #31818, Will Thompson)
- • Let the bus daemon implement more than one interface (fd.o #33757,
- Simon McVittie)
- • Optimize _dbus_string_replace_len to reduce waste (fd.o #21261,
- Roberto Guido)
- • Require user intervention to compile with missing 64-bit support
- (fd.o #35114, Simon McVittie)
- • Add dbus_type_is_valid as public API (fd.o #20496, Simon McVittie)
- • Raise UnknownObject instead of UnknownMethod for calls to methods on
- paths that are not part of the object tree, and UnknownInterface for calls
- to unknown interfaces in the bus daemon (fd.o #34527, Lennart Poettering)
-
-D-Bus 1.4.8 (2011-04-08)
-==
-
-The "It's like the beginning of a lobster" release.
-
- • Rename configure.in to configure.ac, and update it to modern conventions
- (fd.o #32245; Javier Jardón, Simon McVittie)
- • Correctly give XDG_DATA_HOME priority over XDG_DATA_DIRS (fd.o #34496,
- Anders Kaseorg)
- • Prevent X11 autolaunching if $DISPLAY is unset or empty, and add
- --disable-x11-autolaunch configure option to prevent it altogether
- in embedded environments (fd.o #19997, NB#219964; Simon McVittie)
- • Install the documentation, and an index for Devhelp (fd.o #13495,
- Debian #454142; Simon McVittie, Matthias Clasen)
- • If checks are not disabled, check validity of string-like types and
- booleans when sending them (fd.o #16338, NB#223152; Simon McVittie)
- • Add UnknownObject, UnknownInterface, UnknownProperty and PropertyReadOnly
- errors to dbus-shared.h (fd.o #34527, Lennart Poettering)
- • Break up a huge conditional in config-parser so gcov can produce coverage
- data (fd.o #10887, Simon McVittie)
- • List which parts of the Desktop Entry specification are applicable to
- .service files (fd.o #19159, Sven Herzberg)
- • Don't suppress service activation if two services have the same Exec=
- (fd.o #35750, Colin Walters)
- • Windows:
- · Avoid the name ELEMENT_TYPE due to namespace-pollution from winioctl.h
- (Andre Heinecke)
- · Include _dbus_path_is_absolute in libdbus on Windows, fixing compilation
- (fd.o #32805, Mark Brand)
-
-D-Bus 1.4.6 (2010-02-17)
-==
-
-The "1, 2, miss a few, 99, 100" release.
-
- • Remove unfinished changes intended to support GTest-based tests,
- which were mistakenly included in 1.4.4
-
-D-Bus 1.4.4 (2010-02-17)
-==
-
- • Switch back to using even micro versions for stable releases; 1.4.1
- should have been called 1.4.2, so skip that version number
- • Don't leave bad file descriptors being watched when spawning processes,
- which could result in a busy-loop (fd.o #32992, NB#200248; possibly
- also LP#656134, LP#680444, LP#713157)
- • Check for MSG_NOSIGNAL correctly
- • Fix failure to detect abstract socket support (fd.o #29895)
- • Make _dbus_system_logv actually exit with DBUS_SYSTEM_LOG_FATAL
- (fd.o #32262, NB#180486)
- • Improve some error code paths (fd.o #29981, fd.o #32264, fd.o #32262,
- fd.o #33128, fd.o #33277, fd.o #33126, NB#180486)
- • Avoid possible symlink attacks in /tmp during compilation (fd.o #32854)
- • Tidy up dead code (fd.o #25306, fd.o #33128, fd.o #34292, NB#180486)
- • Improve gcc malloc annotations (fd.o #32710)
- • If the system bus is launched via systemd, protect it from the OOM killer
- • Documentation improvements (fd.o #11190)
- • Avoid readdir_r, which is difficult to use correctly (fd.o #8284,
- fd.o #15922, LP#241619)
- • Cope with invalid files in session.d, system.d (fd.o #19186,
- Debian #230231)
- • Don't distribute generated files that embed our builddir (fd.o #30285,
- fd.o #34292)
- • Raise the system bus's fd limit to be sufficient for its configuration
- (fd.o #33474, LP#381063)
- • Fix syslog string processing
- • Ignore -Waddress
- • Remove broken gcov parsing code and --enable-gcov, and replace them
- with lcov HTML reports and --enable-compiler-coverage (fd.o #10887)
- • Windows:
- · avoid live-lock in Windows CE due to unfair condition variables
- • OpenBSD:
- · support credentials-passing (fd.o #32542)
- • Solaris:
- · opt-in to thread safety (fd.o #33464)
-
-D-Bus 1.4.1 (20 December 2010)
-==
-
- • Fix for CVE-2010-4352: sending messages with excessively-nested variants can
- crash the bus. The existing restriction to 64-levels of nesting previously
- only applied to the static type signature; now it also applies to dynamic
- nesting using variants. Thanks to Rémi Denis-Courmont for discoving this
- issue.
- • OS X portability fixes, including launchd support.
- • Windows autolaunch improvements.
- • Various bug fixes.
-
-D-Bus 1.4.0 (6 Sep 2010)
-==
- - systemd hookup
-
-D-Bus 1.3.1 (23 June 2010)
-==
- - New standardized PropertiesChanged signal in the properties interface
- - Various portability fixes, in particular to Windows platforms
- - Support forking bus services, for compatibility
-
-D-Bus 1.3.0 (29 July 2009)
-==
- - ability for dbus-send to send to any bus (--address)
- - file descriptor passing on Unix socket transports
- - use of GCC atomic intrinsics for better processor support
- (requires -march=i486 or above for x86 compilation)
- - thread-safe FD_CLOEXEC setting on recent Linux kernels (2.6.24-27 and up)
- and glibc (2.9 for pipe2 and 2.10 for accept4)
- - feature negotiation in the bus daemon
--- /dev/null
+D-Bus 1.9.20 (2015-08-06)
+==
+
+The “Remember Tomorrow” release.
+
+This is a release-candidate for D-Bus 1.10.0. OS distribution vendors
+should test it.
+
+Fixes:
+
+• Don't second-guess what the ABI of poll() is, allowing it to be used
+ on Integrity RTOS and other unusual platforms (fd.o #90314;
+ Rolland Dudemaine, Simon McVittie)
+
+• Don't duplicate audit subsystem integration if AppArmor and SELinux are
+ both enabled (fd.o #89225, Simon McVittie)
+
+• Log audit events for AppArmor/SELinux policy violations whenever
+ we have CAP_AUDIT_WRITE, even if not the system bus
+ (fd.o #83856, Laurent Bigonville)
+
+D-Bus 1.9.18 (2015-07-21)
+==
+
+The “Pirate Elite” release.
+
+Configuration changes:
+
+• The basic setup for the well-known system and session buses is now done
+ in read-only files in ${datadir}, moving a step closer to systems
+ that can operate with an empty /etc directory. In increasing order
+ of precedence:
+
+ · ${datadir}/dbus-1/s*.conf now perform the basic setup such as setting
+ the default message policies.
+ · ${sysconfdir}/dbus-1/s*.conf are now optional. By default
+ dbus still installs a trivial version of each, for documentation
+ purposes; putting configuration directives in these files is deprecated.
+ · ${datadir}/dbus-1/s*.d/ are now available for third-party software
+ to install "drop-in" configuration snippets (any packages
+ using those directories should explicitly depend on at least this
+ version of dbus).
+ · ${sysconfdir}/dbus-1/s*.d/ are also still available for sysadmins
+ or third-party software to install "drop-in" configuration snippets
+ · ${sysconfdir}/dbus-1/s*-local.conf are still available for sysadmins'
+ overrides
+
+ ${datadir} is normally /usr/share, ${sysconfdir} is normally /etc,
+ and "s*" refers to either system or session as appropriate.
+
+ (fd.o #89280, Dimitri John Ledkov)
+
+Fixes:
+
+• Fix a memory leak when GetConnectionCredentials() succeeds
+ (fd.o #91008, Jacek Bukarewicz)
+
+• Ensure that dbus-monitor does not reply to messages intended for others,
+ resulting in its own disconnection (fd.o #90952, Simon McVittie)
+
+D-Bus 1.9.16 (2015-05-14)
+==
+
+The “titanium barns” release.
+
+Dependencies:
+
+• Automake 1.13 is now required when compiling from git or modifying
+ the build system.
+
+Security hardening:
+
+• On Unix platforms, change the default configuration for the session bus
+ to only allow EXTERNAL authentication (secure kernel-mediated
+ credentials-passing), as was already done for the system bus.
+
+ This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
+ unpredictable pseudo-random numbers.
+
+ If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
+ in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
+ NFS or similar, you will need to reconfigure the session bus to accept
+ DBUS_COOKIE_SHA1 by commenting out the <auth> element. This configuration
+ is not recommended.
+
+ (fd.o #90414, Simon McVittie)
+
+• When asked for random numbers for DBUS_COOKIE_SHA1, the nonce-tcp:
+ transport, UUIDs or any other reason, fail if we cannot obtain entropy
+ (from /dev/urandom or CryptGenRandom()) or an out-of-memory condition
+ occurs, instead of silently falling back to low-entropy pseudorandom
+ numbers from rand(). (fd.o #90414; Simon McVittie, Ralf Habacker)
+
+Enhancements:
+
+• Add dbus_message_iter_get_element_count()
+ (fd.o #30350; Christian Dywan, Simon McVittie)
+
+• Introduce new internal DBusSocket and DBusPollable types so we can
+ stop treating the Windows SOCKET type as if it was int. DBusSocket
+ is specifically a socket, cross-platform. DBusPollable is whatever
+ _dbus_poll() can act on, i.e. a fd on Unix or a SOCKET on Windows.
+ (fd.o #89444; Ralf Habacker, Simon McVittie)
+
+• All regression tests now output TAP <https://testanything.org/>
+ (fd.o #89846, Simon McVittie)
+
+• Internal APIs consistently use signed values for timestamps
+ (fd.o #18494, Peter McCurdy)
+
+• Improve diagnostics when UpdateActivationEnvironment calls are rejected
+ (fd.o #88812, Simon McVittie)
+
+• Clean up a lot of compiler warnings
+ (fd.o #17289, fd.o #89284; Ralf Habacker, Simon McVittie)
+
+Fixes:
+
+• Add locking to DBusCounter's reference count and notify function
+ (fd.o #89297, Adrian Szyndela)
+
+• Ensure that DBusTransport's reference count is protected by the
+ corresponding DBusConnection's lock (fd.o #90312, Adrian Szyndela)
+
+• Correctly release DBusServer mutex before early-return if we run out
+ of memory while copying authentication mechanisms (fd.o #90021,
+ Ralf Habacker)
+
+• Make dbus-test-tool and dbus-update-activation-environment portable
+ to Windows (fd.o #90089, Ralf Habacker)
+
+• Correctly initialize all fields of DBusTypeReader (fd.o #90021;
+ Ralf Habacker, Simon McVittie)
+
+• Fix some missing \n in verbose (debug log) messages (fd.o #90004,
+ Ralf Habacker)
+
+• Clean up some memory and fd leaks in test code and tools
+ (fd.o #90021, Ralf Habacker)
+
+• Fix a NULL dereference if the dbus-daemon cannot read a configuration
+ directory for a reason that is not ENOENT (fd.o #90021, Ralf Habacker)
+
+• CMake generates a versioned shared library even if the revision is 0,
+ as it usually is on the development branch. (fd.o #89450, Ralf Habacker)
+
+D-Bus 1.9.14 (2015-03-02)
+==
+
+The “don't stand in the poison cloud” release.
+
+Dependencies:
+
+• dbus-daemon and dbus-daemon-launch-helper now require libdbus. They
+ were previously linked to a static version of libdbus.
+
+• The tests no longer require dbus-glib in order to exercise the libdbus
+ shared library; they are always linked to libdbus now.
+
+Build-time configuration:
+
+• The new --enable-user-session option, off by default, can be enabled
+ by OS integrators intending to use systemd to provide a session bus
+ per user (in effect, treating all concurrent graphical and non-graphical
+ login sessions as one large session)
+
+Enhancements:
+
+• All executables are now linked dynamically to libdbus.
+ (fd.o #83115; Bertrand SIMONNET, Simon McVittie, Ralf Habacker)
+
+• On platforms that support them (GNU libc and possibly others),
+ libdbus now has versioned symbols for its public API.
+ All public symbols (visible in the header files) are currently
+ versioned as LIBDBUS_1_3; private symbols starting with _dbus or
+ dbus_internal have a version that changes with each release, and
+ must not be used by applications. (also fd.o #83115)
+
+• New listenable address mode "unix:runtime=yes" which listens on
+ a real filesystem (non-abstract) socket $XDG_RUNTIME_DIR/bus
+ (fd.o #61303; Colin Walters, Alexander Larsson, Simon McVittie)
+
+• Add optional systemd units for a per-user bus listening on
+ $XDG_RUNTIME_DIR/bus (fd.o #61301; Simon McVittie, Colin Walters)
+
+• On Unix platforms, both libdbus and "dbus-launch --autolaunch"
+ default to connecting to $XDG_RUNTIME_DIR/bus if it is a socket
+ (also fd.o #61301)
+
+• New dbus-update-activation-environment tool uploads environment
+ variables to "dbus-daemon --session" and optionally "systemd --user",
+ primarily as a way to keep the per-user bus compatible with
+ distributions' existing X11 login scripts (also fd.o #61301)
+
+• <includedir/> elements in dbus-daemon configuration are now silently
+ ignored if the directory does not exist. (fd.o #89280, Dimitri John Ledkov)
+
+• Add microsecond-resolution timestamps to the default output of
+ dbus-monitor and dbus-send (fd.o #88896; Ralf Habacker, Simon McVittie)
+
+Fixes:
+
+• Fix a race condition in the 'monitor' test introduced in 1.9.10
+ (fd.o #89222, Simon McVittie)
+
+D-Bus 1.9.12 (2015-02-19)
+==
+
+The “monster lasagna” release.
+
+Dependencies:
+
+• Ducktype and yelp-tools are now required to build complete documentation
+ (they are optional for normal builds).
+
+Enhancements:
+
+• D-Bus Specification version 0.26
+ · GetConnectionCredentials can return LinuxSecurityLabel or WindowsSID
+ · document the BecomeMonitor method
+
+• On Linux, add LinuxSecurityLabel to GetConnectionCredentials
+ (fd.o #89041; Tyler Hicks, Simon McVittie)
+
+• On Linux, add support for AppArmor mediation of message sending and
+ receiving and name ownership (paralleling existing SELinux mediation
+ support), and eavesdropping (a new check, currently AppArmor-specific)
+ (fd.o #75113; John Johansen, Tyler Hicks, Simon McVittie)
+
+• In dbus-send and dbus-monitor, pretty-print \0-terminated bytestrings
+ that have printable ASCII contents; we previously only did this for
+ unterminated bytestrings (fd.o #89109, Simon McVittie)
+
+• Add a guide to designing good D-Bus APIs (fd.o #88994, Philip Withnall)
+
+• On Windows, add WindowsSID to GetConnectionCredentials
+ (fd.o #54445, Ralf Habacker)
+
+• Improve clarity of dbus-monitor --profile output and add more columns
+ (fd.o #89165, Ralf Habacker)
+
+• Add a man page for dbus-test-tool, and build it under CMake as well
+ as Autotools (fd.o#89086, Simon McVittie)
+
+• If dbus-daemon was compiled with --enable-verbose, add a D-Bus API
+ to control it at runtime, overriding the DBUS_VERBOSE environment variable
+ (fd.o #88896, Ralf Habacker)
+
+Fixes:
+
+• Reduce the number of file descriptors used in the fd-passing test,
+ avoiding failure under the default Linux fd limit, and automatically
+ skip it if the rlimit is too small (fd.o #88998, Simon McVittie)
+
+D-Bus 1.9.10 (2015-02-09)
+==
+
+The “sad cyborgs” release.
+
+Security fixes merged from 1.8.16:
+
+• Do not allow non-uid-0 processes to send forged ActivationFailure
+ messages. On Linux systems with systemd activation, this would
+ allow a local denial of service: unprivileged processes could
+ flood the bus with these forged messages, winning the race with
+ the actual service activation and causing an error reply
+ to be sent back when service auto-activation was requested.
+ This does not prevent the real service from being started,
+ so the attack only works while the real service is not running.
+ (CVE-2015-0245, fd.o #88811; Simon McVittie)
+
+Enhancements:
+
+• The new Monitoring interface in the dbus-daemon lets dbus-monitor and
+ similar tools receive messages without altering the security properties
+ of the system bus, by calling the new BecomeMonitor method on a
+ private connection. This bypasses the normal <allow> and <deny> rules
+ entirely, so to preserve normal message-privacy assumptions, only root
+ is allowed to do this on the system bus. Restricted environments,
+ such as Linux with LSMs, should lock down access to the Monitoring
+ interface. (fd.o #46787, Simon McVittie)
+
+• dbus-monitor uses BecomeMonitor to capture more traffic, if the
+ dbus-daemon supports it and access permissions allow it.
+ It still supports the previous approach ("eavesdropping" match rules)
+ for compatibility with older bus daemons. (fd.o #46787, Simon)
+
+• dbus-monitor can now log the message stream as binary data for later
+ analysis, with either no extra framing beyond the normal D-Bus headers,
+ or libpcap-compatible framing treating each D-Bus message
+ as a captured packet. (fd.o #46787, Simon)
+
+Other fixes:
+
+• Fix some CMake build regressions (fd.o #88964, Ralf Habacker)
+
+• On Unix, forcibly terminate regression tests after 60 seconds to
+ prevent them from blocking continuous integration frameworks
+ (fd.o #46787, Simon)
+
+D-Bus 1.9.8 (2015-02-03)
+==
+
+The “all the types of precipitation” release.
+
+Dependencies:
+
+• full test coverage now requires GLib 2.36
+• full test coverage now requires PyGI (PyGObject 3,
+ "import gi.repository.GObject") instead of the
+ obsolete PyGObject 2 ("import gobject")
+
+Enhancements:
+
+• add GLib-style "installed tests" (fd.o #88810, Simon McVittie)
+
+• better regression test coverage, including systemd activation
+ (fd.o #57952, #88810; Simon McVittie)
+
+Fixes:
+
+• fatal errors correctly make the dbus-daemon exit even if <syslog/> is
+ turned off (fd.o #88808, Simon McVittie)
+
+• TCP sockets on Windows no longer fail to listen approximately 1 time
+ in 256, caused by a logic error that should have always made it fail but
+ was mitigated by incorrect endianness for the port number
+ (fd.o #87999, Ralf Habacker)
+
+• fix some Windows build failures (fd.o #88009, #88010; Ralf Habacker)
+
+• on Windows, allow up to 8K connections to the dbus-daemon instead of the
+ previous 64, completing a previous fix which only worked under
+ Autotools (fd.o #71297, Ralf Habacker)
+
+• on Windows, if the IP family is unspecified only use IPv4,
+ to mitigate IPv6 not working correctly (fd.o #87999, Ralf Habacker)
+
+• fix some unlikely memory leaks on OOM (fd.o #88087, Simon McVittie)
+
+• lcov code coverage analysis works again (fd.o #88808, Simon McVittie)
+
+• fix an unused function error with --disable-embedded-tests (fd.o #87837,
+ Thiago Macieira)
+
+D-Bus 1.9.6 (2015-01-05)
+==
+
+The “I do have a bread knife” release.
+
+Security hardening:
+
+• Do not allow calls to UpdateActivationEnvironment from uids other than
+ the uid of the dbus-daemon. If a system service installs unsafe
+ security policy rules that allow arbitrary method calls
+ (such as CVE-2014-8148) then this prevents memory consumption and
+ possible privilege escalation via UpdateActivationEnvironment.
+
+ We believe that in practice, privilege escalation here is avoided
+ by dbus-daemon-launch-helper sanitizing its environment; but
+ it seems better to be safe.
+
+• Do not allow calls to UpdateActivationEnvironment or the Stats interface
+ on object paths other than /org/freedesktop/DBus. Some system services
+ install unsafe security policy rules that allow arbitrary method calls
+ to any destination, method and interface with a specified object path;
+ while less bad than allowing arbitrary method calls, these security
+ policies are still harmful, since dbus-daemon normally offers the
+ same API on all object paths and other system services might behave
+ similarly.
+
+Other fixes:
+
+• Add missing initialization so GetExtendedTcpTable doesn't crash on
+ Windows Vista SP0 (fd.o #77008, Илья А. Ткаченко)
+
+D-Bus 1.9.4 (2014-11-24)
+==
+
+The “extra-sturdy caramel” release.
+
+Fixes:
+
+• Partially revert the CVE-2014-3639 patch by increasing the default
+ authentication timeout on the system bus from 5 seconds back to 30
+ seconds, since this has been reported to cause boot regressions for
+ some users, mostly with parallel boot (systemd) on slower hardware.
+
+ On fast systems where local users are considered particularly hostile,
+ administrators can return to the 5 second timeout (or any other value
+ in milliseconds) by saving this as /etc/dbus-1/system-local.conf:
+
+ <busconfig>
+ <limit name="auth_timeout">5000</limit>
+ </busconfig>
+
+ (fd.o #86431, Simon McVittie)
+
+• Add a message in syslog/the Journal when the auth_timeout is exceeded
+ (fd.o #86431, Simon McVittie)
+
+• Send back an AccessDenied error if the addressed recipient is not allowed
+ to receive a message (and in builds with assertions enabled, don't
+ assert under the same conditions). (fd.o #86194, Jacek Bukarewicz)
+
+D-Bus 1.9.2 (2014-11-10)
+==
+
+The “structurally unsound flapjack” release.
+
+Security fixes:
+
+• Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536
+ so that CVE-2014-3636 part A cannot exhaust the system bus'
+ file descriptors, completing the incomplete fix in 1.8.8.
+ (CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy)
+
+Enhancements:
+
+• D-Bus Specification version 0.25
+ · new value 'const' for EmitsChangedSignal annotation
+ (fd.o #72958, Lennart Poettering)
+ · new ALLOW_INTERACTIVE_AUTHORIZATION flag, for PolicyKit and similar
+ (fd.o #83449; Lennart Poettering, Simon McVittie)
+ · annotate table of types with reserved/basic/container, and for
+ basic types, fixed/string-like
+ · clarify arbitrary limits by quoting them in mebibytes
+
+• New API: add accessors for the ALLOW_INTERACTIVE_AUTHORIZATION flag
+ (fd.o #83449, Simon McVittie)
+
+• Add dbus-test-tool, a D-Bus swiss army knife with multiple subcommands,
+ useful for debugging and performance testing:
+ · dbus-test-tool spam: send repeated messages
+ · dbus-test-tool echo: send an empty reply for all method calls
+ · dbus-test-tool black-hole: do not reply to method calls
+ (fd.o #34140; Alban Crequy, Simon McVittie, Will Thompson)
+
+• Add support for process ID in credentials-passing on NetBSD
+ (fd.o #69702, Patrick Welche)
+
+• Add an example script to find potentially undesired match rules
+ (fd.o #84598, Alban Crequy)
+
+• Document the central assumption that makes our use of credentials-passing
+ secure (fd.o #83499, Simon McVittie)
+
+• Replace the dbus-glib section of the tutorial with a GDBus recommendation,
+ and add some links to GDBus and QtDBus documentation (fd.o #25140,
+ Simon McVittie)
+
+Fixes:
+
+• Use a less confusing NoReply message when disconnected with a reply pending
+ (fd.o #76112, Simon McVittie)
+
+• Make the .pc file relocatable by letting pkg-config do all variable
+ expansion itself (fd.o #75858, Руслан Ижбулатов)
+
+• Fix a build failure on platforms with kqueue, which regressed in 1.9.0
+ (fd.o #85563, Patrick Welche)
+
+• Consistently save errno after socket calls (fd.o #83625, Simon McVittie)
+
+• In dbus-spawn, when the grandchild process exits due to a failed exec(),
+ do not lose the exec() errno (fd.o #24821, Simon McVittie)
+
+• Do not fail the tests if a parent process has leaked non-close-on-exec
+ file descriptors to us (fd.o #73689, fd.o #83899; Simon McVittie)
+
+• Do not fail the tests on Unix platforms with incomplete
+ credentials-passing support, but do fail if we can't pass credentials
+ on a platform where it is known to work: Linux, FreeBSD, OpenBSD, NetBSD
+ (fd.o #69702, Simon McVittie)
+
+• Detect accept4, dirfd, inotify_init1, pipe2, and Unix fd passing
+ when building with cmake, and expand test coverage there
+ (fd.o #73689; Ralf Habacker, Simon McVittie)
+
+D-Bus 1.9.0 (2014-10-01)
+==
+
+The “tiered cheeses” release.
+
+Requirements:
+
+• Support for the systemd: (LISTEN_FDS) pseudo-transport on Linux now
+ requires either the libsystemd or libsd-daemon shared library, dropping the
+ embedded convenience copy of sd-daemon (fd.o #71818, Simon)
+
+Build-time configuration changes:
+
+• The Stats interface is now enabled by default, and locked-down to
+ root-only on the system bus. Configure with --disable-stats
+ to disable it altogether on memory- or disk-constrained systems,
+ or see ${docdir}/examples/ to open it up to non-root users on the
+ system bus or restrict access on the session bus.
+ (fd.o #80759; Simon McVittie, Alban Crequy)
+
+• The CMake build system now builds the same shared library name as Autotools
+ on at least Linux and Windows:
+ - on Linux (and perhaps other Unix platforms), it previously built
+ libdbus-1.so, but now builds libdbus-1.so.3.* with development
+ symlink libdbus-1.so and SONAME/symlink libdbus-1.so.3
+ - on Windows, it previously built either libdbus-1.dll (release) or
+ libdbus-1d.dll (debug), but now builds libdbus-1-3.dll, copied to
+ libdbus-1.dll for compatibility with older applications.
+ (fd.o #74117, Ralf Habacker)
+
+Enhancements:
+
+• D-Bus Specification version 0.24
+ · document how to quote match rules (fd.o #24307, Simon McVittie)
+ · explicitly say that most message types never expect a reply
+ regardles of whether they have NO_REPLY_EXPECTED
+ (fd.o #75749, Simon McVittie)
+
+• on Unix platforms, disable Nagle's algorithm on TCP connections to improve
+ initial latency (fd.o #75544, Matt Hoosier)
+
+• use backtrace() if it is in -lexecinfo instead of libc, as on NetBSD
+ (fd.o #69702, Patrick Welche)
+
+• in dbus-monitor, print more information about file descriptors
+ (fd.o #80603, Alban Crequy)
+
+• do not install system bus configuration if built for Windows
+ (fd.o #83583; Ralf Habacker, Simon McVittie)
+
+• Add GetAllMatchRules to the Stats interface (fd.o #24307, Alban Crequy)
+
+• Add a regression test for file descriptor passing (fd.o #83622,
+ Simon McVittie)
+
+Fixes:
+
+• fix an incorrect error message if a Unix socket path is too long
+ (fd.o #73887, Antoine Jacoutot)
+
+• in an MSYS/Cygwin environment, pass Unix-style filenames to xmlto,
+ fixing documentation generation (fd.o #75860, Руслан Ижбулатов)
+
+• in Unix with X11, avoid giving dbus-launch a misleading argv[0]
+ in ps(1) (fd.o #69716, Chengwei Yang)
+
+• avoid calling poll() with timeout < -1, which is considered invalid
+ on FreeBSD and NetBSD (fd.o #78480, Jaap Boender)
+
+• be portable to BSD-derived platforms where O_CLOEXEC is unavailable in libc
+ (like Mac OS X 10.6), or available in libc but unsupported by the kernel
+ (fd.o #77032; rmvsxop, OBATA Akio, Patrick Welche)
+
+• Fix include path for test/internal/*.c with cmake (Ralf Habacker)
+
+• Documentation improvements
+ (fd.o #80795, #84313; Thomas Haller, Sebastian Rasmussen)
+
+• in dbus-monitor, do not leak file descriptors that we have monitored
+ (fd.o #80603, Alban Crequy)
+
+• Set the close-on-exec flag for the inotify file descriptor, even
+ if built with CMake or older libc (fd.o #73689, Simon McVittie)
+
+• Remove some LGPL code from the Windows dbus-daemon
+ (fd.o #57272, Ralf Habacker)
+
+D-Bus 1.8.8 (2014-09-16)
+==
+
+The "smashy smashy egg man" release.
+
+Security fixes:
+
+• Do not accept an extra fd in the padding of a cmsg message, which
+ could lead to a 4-byte heap buffer overrun.
+ (CVE-2014-3635, fd.o #83622; Simon McVittie)
+
+• Reduce default for maximum Unix file descriptors passed per message
+ from 1024 to 16, preventing a uid with the default maximum number of
+ connections from exhausting the system bus' file descriptors under
+ Linux's default rlimit. Distributors or system administrators with a
+ more restrictive fd limit may wish to reduce these limits further.
+
+ Additionally, on Linux this prevents a second denial of service
+ in which the dbus-daemon can be made to exceed the maximum number
+ of fds per sendmsg() and disconnect the process that would have
+ received them.
+ (CVE-2014-3636, fd.o #82820; Alban Crequy)
+
+• Disconnect connections that still have a fd pending unmarshalling after
+ a new configurable limit, pending_fd_timeout (defaulting to 150 seconds),
+ removing the possibility of creating an abusive connection that cannot be
+ disconnected by setting up a circular reference to a connection's
+ file descriptor.
+ (CVE-2014-3637, fd.o #80559; Alban Crequy)
+
+• Reduce default for maximum pending replies per connection from 8192 to 128,
+ mitigating an algorithmic complexity denial-of-service attack
+ (CVE-2014-3638, fd.o #81053; Alban Crequy)
+
+• Reduce default for authentication timeout on the system bus from
+ 30 seconds to 5 seconds, avoiding denial of service by using up
+ all unauthenticated connection slots; and when all unauthenticated
+ connection slots are used up, make new connection attempts block
+ instead of disconnecting them.
+ (CVE-2014-3639, fd.o #80919; Alban Crequy)
+
+Other fixes:
+
+• Check for libsystemd from systemd >= 209, falling back to
+ the older separate libraries if not found (Umut Tezduyar Lindskog,
+ Simon McVittie)
+
+• On Linux, use prctl() to disable core dumps from a test executable
+ that deliberately raises SIGSEGV to test dbus-daemon's handling
+ of that condition (fd.o #83772, Simon McVittie)
+
+• Fix compilation with --enable-stats (fd.o #81043, Gentoo #507232;
+ Alban Crequy)
+
+• Improve documentation for running tests on Windows (fd.o #41252,
+ Ralf Habacker)
+
+D-Bus 1.8.6 (2014-06-02)
+==
+
+Security fixes:
+
+• On Linux ≥ 2.6.37-rc4, if sendmsg() fails with ETOOMANYREFS, silently drop
+ the message. This prevents an attack in which a malicious client can
+ make dbus-daemon disconnect a system service, which is a local
+ denial of service.
+ (fd.o #80163, CVE-2014-3532; Alban Crequy)
+
+• Track remaining Unix file descriptors correctly when more than one
+ message in quick succession contains fds. This prevents another attack
+ in which a malicious client can make dbus-daemon disconnect a system
+ service.
+ (fd.o #79694, fd.o #80469, CVE-2014-3533; Alejandro Martínez Suárez,
+ Simon McVittie, Alban Crequy)
+
+Other fixes:
+
+• When dbus-launch --exit-with-session starts a dbus-daemon but then cannot
+ attach to a session, kill the dbus-daemon as intended
+ (fd.o #74698, Роман Донченко)
+
+D-Bus 1.8.4 (2014-06-10)
+==
+
+Security fix:
+
+• Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service
+ flaw in dbus-daemon, part of the reference implementation of D-Bus.
+ Additionally, in highly unusual environments the same flaw could lead to
+ a side channel between processes that should not be able to communicate.
+ (CVE-2014-3477, fd.o #78979)
+
+D-Bus 1.8.2 (2014-04-30)
+==
+
+The “nobody wants red” release.
+
+Enhancements:
+
+• in the CMake build system, add some hints for Linux users cross-compiling
+ Windows D-Bus binaries to be able to run tests under Wine
+ (fd.o #41252, Ralf Habacker)
+
+• add Documentation key to dbus.service (fd.o #77447, Cameron Norman)
+
+Fixes:
+
+• in "dbus-uuidgen --ensure", try to copy systemd's /etc/machine-id
+ to /var/lib/dbus/machine-id instead of generating an entirely new ID
+ (fd.o #77941, Simon McVittie)
+
+• if dbus-launch receives an X error very quickly, do not kill
+ unrelated processes (fd.o #74698, Роман Донченко)
+
+• on Windows, allow up to 8K connections to the dbus-daemon, instead of the
+ previous 64 (fd.o #71297; Cristian Onet, Ralf Habacker)
+
+• cope with \r\n newlines in regression tests, since on Windows,
+ dbus-daemon.exe uses text mode (fd.o #75863, Руслан Ижбулатов)
+
+D-Bus 1.8.0 (2014-01-20)
+==
+
+The “Wolverine distrusts my printer” release.
+
+This starts a new stable branch. The 1.6.x branch is now considered to be
+outdated, and will only receive fixes for serious bugs such as security
+flaws. The 1.4.x and 1.2.x branches no longer have upstream support and
+are unlikely to get any more releases, but if distributors still need to
+support them, please share security patches via upstream.
+
+Summary of changes since 1.6.x:
+
+• libdbus always behaves as if dbus_threads_init_default() had been called
+ (thread-safety by default)
+• new dbus-run-session tool, replacing certain misuses of dbus-launch
+• dbus-monitor can talk to outdated versions of dbus-daemon again
+• new org.freedesktop.DBus.GetConnectionCredentials method
+• GetConnectionUnixProcessID also works correctly on Windows, returning
+ the Windows process ID
+• GetConnectionWindowsSID returns the correct SID on Windows
+• expat is required, libxml2 can no longer be used as a substitute
+• the userDB cache is required, and cannot be disabled
+• a 64-bit integer type (either int, long, long long or _int64) is required
+• better systemd-journald integration on Linux
+• fixed long-standing fd and array leaks when failing to parse a message
+• fixed referenced-but-never-freed parent nodes (effectively memory leaks)
+ when using certain object-path allocation patterns, notably in Avahi
+• better defaults for Windows support
+• better CMake support
+• better portability to mingw32, FreeBSD, NetBSD, QNX and Hurd
+• the source language for the man pages is now Docbook XML
+
+Enhancements since 1.7.10:
+
+• Enhance the CMake build system to check for GLib and compile/run
+ a subset of the regression tests (fd.o #41252, #73495; Ralf Habacker)
+
+Fixes since 1.7.10:
+
+• don't rely on va_copy(), use DBUS_VA_COPY() wrapper (fd.o #72840,
+ Ralf Habacker)
+
+• fix compilation of systemd journal support on older systemd versions where
+ sd-journal.h doesn't include syslog.h (fd.o #73455, Ralf Habacker)
+
+• fix compilation on older MSVC versions by including stdlib.h
+ (fd.o #73455, Ralf Habacker)
+
+• Allow <allow_anonymous/> to appear in an included configuration file
+ (fd.o #73475, Matt Hoosier)
+
+Test behaviour changes since 1.7.10:
+
+• If the tests crash with an assertion failure, they no longer default to
+ blocking for a debugger to be attached. Set DBUS_BLOCK_ON_ABORT in the
+ environment if you want the old behaviour.
+
+• To improve debuggability, the dbus-daemon and dbus-daemon-eavesdrop tests
+ can be run with an external dbus-daemon by setting
+ DBUS_TEST_DAEMON_ADDRESS in the environment. Test-cases that require
+ an unusually-configured dbus-daemon are skipped.
--- /dev/null
+D-Bus 1.11.22 (2017-10-23)
+==========================
+
+The “fire surface” release.
+
+This is the first release-candidate for the 1.12.0 stable release.
+
+Build-time configuration changes:
+
+• When building for Windows with Autotools, setting the WINDRES variable
+ no longer works to select a non-standard resource compiler. Use
+ libtool's standard RC variable instead, for example
+ "./configure RC=i686-w64-mingw32-windres"
+
+Dependencies:
+
+• Builds done using CMake now require CMake 3.0.2.
+
+Enhancements:
+
+• When building for Windows, improve quality of metadata in
+ libdbus-1-3.dll (fd.o #103015, Ralf Habacker)
+
+Fixes:
+
+• Fix a typo "uint 16" in dbus-send(1) man page
+ (fd.o #103075, David King)
+
+• When building for Windows, libdbus-1-3.dll always includes version
+ information. Previously, this was missing if using CMake and any
+ non-MSVC compiler. (fd.o #103015, Ralf Habacker)
+
+• Fix the build with MSVC, which regressed with the #102558 fix in
+ 1.11.20. (fd.o #102558, Ralf Habacker)
+
+Internal changes:
+
+• Simplify Windows resource embedding
+ (fd.o #103015, Simon McVittie)
+
+D-Bus 1.11.20 (2017-10-03)
+==
+
+The “wraith stun” release.
+
+Build-time configuration changes:
+
+• The --enable-abstract-sockets and --disable-abstract-sockets options
+ no longer exist. Support for Linux's abstract AF_UNIX sockets is now
+ unconditionally enabled on Linux and disabled everywhere else.
+ (fd.o #34905, Simon McVittie)
+
+Enhancements:
+
+• Make slower tests less likely to time out, and improve diagnostics if
+ tests do time out (fd.o #103009, Simon McVittie)
+
+• On Windows, don't compile an unused stub implementation of
+ _dbus_set_signal_handler() (fd.o #103010, Simon McVittie)
+
+Fixes:
+
+• Be more careful to save and restore errno in POSIX async signal
+ handlers (fd.o #103010, Simon McVittie)
+
+• On Windows, embed a manifest in dbus-update-activation-environment.exe
+ so that the heuristics used for UAC do not assume it needs elevated
+ privileges due to its name containing "update"
+ (fd.o #102558, Ralf Habacker)
+
+• On Windows with Automake, embed version information in libdbus-1,
+ as was meant to happen in all versions since 2009
+ (fd.o #103015, Simon McVittie)
+
+D-Bus 1.11.18 (2017-09-25)
+==
+
+The “vampire conquistador” release.
+
+Build-time configuration changes:
+
+• By default, dbus-daemon on Unix no longer checks for flag files
+ /var/run/console/${username} created by the obsolete pam_console and
+ pam_foreground PAM modules when deciding whether ${username} is
+ currently at the console. The old default behaviour can be restored
+ by specifying --with-console-auth-dir=/var/run/console in the
+ recommended Autotools build system, or
+ -DDBUS_CONSOLE_AUTH_DIR=/var/run/console in CMake. This feature is
+ now deprecated, and will be removed in dbus 1.13 unless feedback via
+ fd.o #101629 indicates that this would be problematic.
+ (fd.o #101629, Simon McVittie)
+
+• LSB-style init scripts for Red Hat and Slackware, and a non-LSB init
+ script for Cygwin, are no longer provided in the upstream dbus
+ source. We recommend that distributors who support non-systemd service
+ management should maintain their own init scripts or other service
+ manager integration as part of their downstream packaging, similar to
+ the way Debian distributes a Debian-specific LSB init script for dbus.
+
+ The systemd unit continues to be maintained as part of the upstream
+ dbus source, because it receives regular testing and maintenance.
+
+ (fd.o #101706, Simon McVittie)
+
+• The process ID file created by the system bus is no longer influenced
+ by the --with-init-scripts=redhat configure option or the presence of
+ /etc/redhat-release at build time. If your OS's init script or other
+ service management relies on the Red Hat-style pid file, it can be
+ restored by specifying --with-system-pid-file=/run/messagebus.pid at
+ configure time or using the <pidfile> directive in bus configuration.
+
+ Note that the upstream-supplied systemd unit runs dbus-daemon with
+ the --nopidfile option, so it does not normally write a pid file,
+ regardless of whether the OS is Red-Hat-derived or not.
+
+ (fd.o #101706, Simon McVittie)
+
+Enhancements:
+
+• <allow> and <deny> rules in dbus-daemon configuration can now
+ include send_broadcast="true" or send_broadcast="false", which make
+ the rule only match broadcast signals, or only match messages that
+ are not broadcast signals, respectively.
+ (fd.o #29853, Simon McVittie)
+
+• <allow> and <deny> rules can now be configured to apply only to
+ messages with or without Unix file descriptors attached. This would
+ typically be used in rules like these:
+ <allow send_destination="..." max_unix_fds="0"/>
+ <deny send_destination="..." min_unix_fds="1"/>
+ <deny receive_sender="..." min_unix_fds="1"/>
+ but can also be used to set a nonzero upper limit on the number of
+ file descriptors:
+ <allow send_destination="..." max_unix_fds="4"/>
+ (fd.o #101848, Simon McVittie)
+
+• On Unix platforms, the DBUS_COOKIE_SHA1 authentication mechanism
+ now respects the HOME environment variable on the client side, and
+ on the server side when the uid attempting to connect is the same
+ as the uid of the server. This allows the automated tests to pass in
+ environments where the user's "official" home directory in /etc/passwd
+ is nonexistent, such as Debian autobuilders.
+ (fd.o #101960, Simon McVittie)
+
+Fixes:
+
+• When parsing dbus-daemon configuration, tell Expat not to use
+ cryptographic-quality entropy as a salt for its hash tables: we trust
+ the configuration files, so we are not concerned about algorithmic
+ complexity attacks via hash table collisions. This prevents
+ dbus-daemon --system from holding up the boot process (and causing
+ early-boot system services like systemd, logind, networkd to time
+ out) on entropy-starved embedded systems.
+ (fd.o #101858, Simon McVittie)
+
+• Avoid a -Werror=declaration-after-statement build failure on Solaris
+ (fd.o #102145, Alan Coopersmith)
+
+• On Unix platform, drop DBUS_SYSTEM_LOG_INFO messages from LOG_NOTICE
+ to LOG_INFO, matching how we use this log level in practice
+ (fd.o #102686, Simon McVittie)
+
+D-Bus 1.11.16 (2017-07-27)
+==
+
+The “south facing garden” release.
+
+Build-time configuration changes:
+
+• The Autotools build system now supports varying ${runstatedir}
+ independently of ${localstatedir}, if using an Autoconf version
+ that has that feature; version 2.70 will eventually have this, but
+ many Linux distributions add it to version 2.69 as a patch.
+ A typical use is to set prefix=/usr, sysconfdir=/etc, localstatedir=/var
+ and runstatedir=/run. (fd.o #101569, Simon McVittie)
+
+Enhancements:
+
+• New APIs DBUS_MESSAGE_ITER_INIT_CLOSED, dbus_message_iter_init_closed()
+ and dbus_message_iter_abandon_container_if_open() simplify the
+ single-exit-point ("goto out") style of resource cleanup. The API
+ documentation around DBusMessageIter and containers has also been
+ clarified. (fd.o #101568, Simon McVittie)
+
+Fixes:
+
+• Fix the implementation of re-enabling a timeout (again) so that its
+ countdown is always restarted as intended. (fd.o #95619,
+ Michal Koutný)
+
+• Make the dbus-daemon's Properties interface, as introduced in 1.11.14,
+ available to all users on the system bus (fd.o #101700, Simon McVittie)
+
+• dbus_message_iter_append_basic() no longer leaks memory if it fails to
+ append a file descriptor to a message. (fd.o #101568, Simon McVittie)
+
+• dbus_message_iter_open_container() no longer leaks memory if it runs out
+ of memory. (fd.o #101568, Simon McVittie)
+
+• dbus_message_append_args_valist() no longer leaks memory if given an
+ unsupported type. This situation is still considered to be a programming
+ error which needs to be corrected by the user of libdbus.
+ (fd.o #101568, Simon McVittie)
+
+• dbus_message_iter_append_basic() and dbus_message_iter_open_container()
+ will no longer report that their arguments were invalid if they run out
+ of memory at exactly the wrong time. (fd.o #101568, Simon McVittie)
+
+• Ensure that tests fail if they would otherwise have tried to connect to
+ the real session bus (fd.o #101698, Simon McVittie)
+
+• Make build-time tests cope with finding Python 3, but not Python 2
+ (fd.o #101716, Simon McVittie)
+
+Internal changes relevant to dbus developers:
+
+• DBusVariant is a new mechanism to copy single values from a message into
+ a buffer without copying the entire message (fd.o #101568, Simon McVittie)
+
+• DBUS_SYSTEM_LOG_FATAL has been replaced by DBUS_SYSTEM_LOG_ERROR.
+ Logging an ERROR message does not make the process exit; the caller
+ is responsible for calling abort() or exit(), whichever is more appropriate.
+ (fd.o #101568, Simon McVittie)
+
+• Better test coverage (fd.o #101568, Simon McVittie)
+
+D-Bus 1.11.14 (2017-06-29)
+==
+
+The “irrational fear of bees” release.
+
+Dependencies:
+
+• Expat >= 2.1.0 is always required
+• libselinux >= 2.0.86 is required if SELinux support is enabled
+• GLib >= 2.40 is required if full test coverage is enabled
+
+Build-time configuration changes:
+
+• We now use pkg-config to find libexpat in Autotools builds. This requires
+ Expat 2.1.0 (March 2012) or later. In particular, this should remove the
+ need to configure with LDFLAGS=-L/usr/local/lib on OpenBSD, which can
+ itself cause compilation failures.
+
+ As with all pkg-config-based configure checks, you can use
+ PKG_CONFIG_PATH=/whatever/lib/pkgconfig to find expat.pc in a
+ non-standard prefix, or EXPAT_CFLAGS="-I/whatever/include" and
+ EXPAT_LIBS="-L/whatever/lib -lexpat" to avoid needing a .pc file
+ at all.
+
+ (fd.o #69801, Simon McVittie)
+
+• Similarly, we now use pkg-config to find libselinux. Version 2.0.86
+ is required due to the removal of explicit refcounting for SIDs.
+ (fd.o #100912, Laurent Bigonville)
+
+Behaviour changes:
+
+• Previously, /etc/machine-id could be copied to /var/lib/dbus/machine-id
+ as a side-effect of a sufficiently privileged process merely reading the
+ machine ID. It is no longer copied as a side-effect of reading.
+ Running dbus-uuidgen --ensure, which should be done after installing dbus,
+ continues to copy /etc/machine-id to /var/lib/dbus/machine-id if the
+ former exists and the latter does not.
+ (fd.o #101257, Simon McVittie)
+
+• The undocumented Verbose interface, and the GetAllMatchRules method on
+ the undocumented Stats interface, must now be used via the object path
+ /org/freedesktop/DBus. Previously, they existed on all object paths.
+ (fd.o #101257, Simon McVittie)
+
+• AddMatch() with a match rule containing eavesdrop='true' will now fail
+ unless called by either the same user as the dbus-daemon, or Unix uid 0
+ (root), matching the restrictions applied to the newer BecomeMonitor()
+ method. On the session bus this has no practical effect. On the system
+ bus this will prevent certain configurations that already did not
+ work well in practice. (fd.o #101567, Simon McVittie)
+
+Enhancements:
+
+• D-Bus Specification version 0.31
+ · Don't require implementation-specific search paths to be lowest
+ priority
+ · Correct regex syntax for optionally-escaped bytes in addresses so it
+ includes hyphen-minus, forward slash and underscore as intended
+ · Describe all message bus methods in the same section
+ · Clarify the correct object path for method calls to the message bus
+ (/org/freedesktop/DBus, DBUS_PATH_DBUS in the reference implementation)
+ · Document that the message bus implements Introspectable, Peer and
+ Properties
+ · Add new Features and Interfaces properties for message bus
+ feature-discovery
+ · Add unix:dir=..., which resembles unix:tmpdir=... but never uses
+ abstract sockets
+ · Don't require eavesdrop='true' to be accepted from connections not
+ sufficiently privileged to use it successfully
+ · Formally deprecate eavesdropping in favour of BecomeMonitor
+ (fd.o #99825, #100686, #100795, #101256, #101257, #101567;
+ Simon McVittie, Tom Gundersen)
+
+• Implement the Properties and Peer interfaces in dbus-daemon
+ (fd.o #101257, Simon McVittie)
+
+• New function dbus_try_get_local_machine_id() is like
+ dbus_get_local_machine_id(), but returning a DBusError. Other code
+ that needs the machine ID will now report a recoverable error (instead
+ of logging to stderr and aborting) if no machine ID is available.
+ Generating a machine ID is still considered to be a required part of
+ installing dbus correctly. (fd.o #13194, Simon McVittie)
+
+• Implement GetConnectionSELinuxSecurityContext("org.freedesktop.DBus")
+ (fd.o #101315, Laurent Bigonville)
+
+• Avoid deprecated API calls when using SELinux
+ (fd.o #100912, Laurent Bigonville)
+
+• Switch a test from the deprecated g_test_trap_fork() to
+ g_test_trap_subprocess(), for Windows support and better robustness
+ on Unix (fd.o #101362, Simon McVittie)
+
+• On systemd systems, if ${localstatedir}/lib/dbus/machine-id doesn't exist,
+ instruct systemd-tmpfiles to make it a symbolic link to /etc/machine-id.
+ This prevents the two files from going out of sync on stateless or live
+ images without needing to run dbus-uuidgen, and supports older D-Bus
+ implementations that do not necessarily read /etc/machine-id themselves.
+ (fd.o #101570, Simon McVittie)
+
+• Implement unix:dir=..., which resembles unix:tmpdir=... but never uses
+ abstract sockets. This is preferable when used with Linux containers.
+ (fd.o #101567, Simon McVittie)
+
+Fixes:
+
+• Fix a reference leak when blocking on a pending call on a connection
+ that has been disconnected (fd.o #101481, Shin-ichi MORITA)
+
+• Don't put timestamps in the Doxygen-generated documentation,
+ or hard-code the build directory into builds with embedded tests,
+ for reproducible builds (fd.o #100692, Simon McVittie)
+
+• Fix some integration test issues (fd.o #100686, Simon McVittie)
+
+• Fix memory leaks in the tests (fd.o #101257, Simon McVittie)
+
+• If we somehow get an autolaunch address with multiple semicolon-separated
+ components, and they don't work, don't invalidly "pile up" errors
+ (fd.o #101257, Simon McVittie)
+
+Documentation:
+
+• Update git URIs in HACKING document to sync up with cgit.freedesktop.org
+ (fd.o #100715, Simon McVittie)
+
+D-Bus 1.11.12 (2017-04-07)
+==
+
+The “it's something humans do” release.
+
+Enhancements:
+
+• The session dbus-daemon now supports transient .service files
+ in $XDG_RUNTIME_DIR/dbus-1/services. Unlike the other standard
+ service directories, this directory is not monitored with inotify
+ or similar, and the service files must be named exactly
+ ${bus_name}.service. (fd.o #99825, Simon McVittie)
+
+• dbus can be configured with --enable-relocation when building with
+ Autotools, or with -DDBUS_RELOCATABLE=ON when building with cmake,
+ to make the pkg-config metadata relocatable. This is useful for
+ non-standard prefixes, and in particular for Windows installations.
+ However, it is not recommended for system-wide installations into
+ /usr, because it interferes with pkg-config's ability to filter out
+ compiler default linker directories.
+
+ With Autotools, the default is --enable-relocation when building
+ for Windows or --disable-relocation otherwise. With CMake, the default
+ is -DDBUS_RELOCATABLE=ON.
+
+ (fd.o #99721; Ralf Habacker, Simon McVittie)
+
+• Users of CMake ≥ 2.6 can now link to libdbus without providing their
+ own FindDBus.cmake macros, whether dbus was compiled with Autotools
+ or with CMake. See the end of README.cmake for more information.
+ (fd.o #99721; Ralf Habacker, Simon McVittie)
+
+Fixes:
+
+• Always read service file directories in the intended order
+ (fd.o #99825, Simon McVittie)
+
+• When tests are skipped, don't try to kill nonexistent process 0
+ (fd.o #99825, Simon McVittie)
+
+• Avoid valgrind false positives (fd.o #88808, Philip Withnall)
+
+• Fix a harmless read overflow and some memory leaks in a unit test
+ (fd.o #100568, Philip Withnall)
+
+• Fix some typos in test code
+ (fd.o #99999, Coverity #141876, #141877; Philip Withnall)
+
+• Clarify the roles of /etc/dbus-1/s*.d and /usr/share/dbus-1/s*.d
+ in documentation (fd.o #99901, Philip Withnall)
+
+• Fix and enable compiler warnings related to -Wswitch
+ (fd.o #98191; Thomas Zimmermann, Simon McVittie)
+
+• Fix writing off the end of a fd_set when testing with valgrind
+ (fd.o #99839, Philip Withnall)
+
+D-Bus 1.11.10 (2017-02-16)
+==
+
+The “purple hair gives you telekinesis?” release.
+
+Dependencies:
+
+• AppArmor support requires at least libapparmor 2.8.95, reduced
+ from 2.10 in previous versions. One test requires 2.10 and is
+ skipped if building with an older version.
+
+Enhancements:
+
+• Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian
+ stable and Debian testing in addition to the older Ubuntu that is
+ the default (fd.o #98889, Simon McVittie)
+
+• Avoid some deprecated CMake functions (fd.o #99586, Ralf Habacker)
+
+• Silence many -Wswitch-enum and -Wswitch-default warnings
+ (fd.o #98191; Thomas Zimmermann, Simon McVittie)
+
+• Install a sysusers.d snippet so `dbus-daemon --system` can be used
+ with an unpopulated /etc (fd.o #99162, Lennart Poettering)
+
+• Install pkg-config metadata on Unix even if building with CMake
+ (fd.o #99752, Ralf Habacker)
+
+• Exclude auth mechanisms from REJECTED message if they are supported
+ in the code but but configured to be disallowed (fd.o #99621,
+ Ralf Habacker)
+
+Fixes:
+
+• Prevent symlink attacks in the nonce-tcp transport on Unix that could
+ allow an attacker to overwrite a file named "nonce", in a directory
+ that the user running dbus-daemon can write, with a random value
+ known only to the user running dbus-daemon. This is unlikely to be
+ exploitable in practice, particularly since the nonce-tcp transport
+ is really only useful on Windows.
+
+ On Unix systems we strongly recommend using only the unix: and systemd:
+ transports, together with EXTERNAL authentication. These are the only
+ transports and authentication mechanisms enabled by default.
+
+ (fd.o #99828, Simon McVittie)
+
+• Avoid symlink attacks in the "embedded tests", which are not enabled
+ by default and should never be enabled in production builds of dbus.
+ (fd.o #99828, Simon McVittie)
+
+• Fix the implementation of re-enabling a timeout so that its
+ countdown is restarted as intended, instead of continually
+ decreasing. (fd.o #95619; Michal Koutný, Simon McVittie)
+
+• When receiving a message with file descriptors, do not start reading
+ the beginning of the next message, so that only one such message
+ is processed at a time. In conjunction with the fix for #95619
+ this means that processes sending many file descriptors, such as
+ systemd-logind on a system that receives very rapid ssh connections,
+ are not treated as abusive and kicked off the bus. Revert the previous
+ workaround that special-cased uid 0.
+ (fd.o #95263, LP#1591411; Simon McVittie)
+
+• Do not require TMPDIR, TEMP or TMP to be set when cross-compiling
+ for Windows with CMake (fd.o #99586, Ralf Habacker)
+
+• Do not set Unix-specific variables when targeting Windows
+ (fd.o #99586, Ralf Habacker)
+
+• Install Unix executables to ${CMAKE_INSTALL_PREFIX}/bin as intended,
+ not ${CMAKE_INSTALL_PREFIX}/lib (fd.o #99752, Ralf Habacker)
+
+• Use relative install locations in CMake on Unix to respect DESTDIR,
+ and use GNU-style install layout (fd.o #99721, #99752; Ralf Habacker)
+
+• Install dbus-arch-deps.h correctly when using CMake
+ (fd.o #99586, #99721; Ralf Habacker)
+
+• Improve argument validation for `dbus-test-tool spam`
+ (ffd.o #99693, Coverity #54759; Philip Withnall)
+
+• Don't shift by a negative integer if a hash table becomes monstrously
+ large (fd.o #99641, Coverity #54682; Philip Withnall)
+
+• Don't leak LSM label if dbus-daemon runs out of memory when dealing with
+ a new connection (fd.o #99612, Coverity #141058; Philip Withnall)
+
+• Remove an unnecessary NULL check
+ (fd.o #99642, Coverity #141062; Philip Withnall)
+
+• Improve error handling in unit tests and dbus-send
+ (fd.o #99643, #99694, #99712, #99722, #99723, #99724, #99758,
+ #99759, #99793, Coverity #54688, #54692, #54693, #54697, #54701,
+ #54710, #54711, #54714, #54715, #54718, #54721, #54724, #54726,
+ #54730, #54740, #54822, #54823, #54824, #54825; Philip Withnall)
+
+• Do not print verbose messages' timestamps to stderr if the actual message
+ has been redirected to the Windows debug port (fd.o #99749, Ralf Habacker)
+
+D-Bus 1.11.8 (2016-11-28)
+==
+
+The “panics in the face of breakfast foods” release.
+
+Build-time configuration:
+
+• The new --enable-debug configure option provides an easy way to
+ enable debug symbols, disable optimization and/or enable profiling.
+
+• The --enable-compile-warnings configure option can be used to control
+ compiler warnings.
+
+• The --disable-compiler-optimisations configure option is no longer
+ supported. Use --enable-debug=yes or CFLAGS=-O0 instead.
+
+Enhancements:
+
+• D-Bus Specification version 0.30
+ · Define the jargon term "activation" more clearly
+ · Define the jargon term "auto-starting", which is one form of activation
+ · Document the optional SystemdService key in service files
+ · Use versioned interface and bus names in most examples
+ · Clarify intended behaviour of Properties.GetAll
+ (fd.o #36190, fd.o #98671; Philip Withnall, Simon McVittie)
+
+• Fix and enable a lot of compiler warnings to improve future code
+ quality. This might incidentally also fix some environment variable
+ accesses on OS X.
+ · In particular, printf-style functions in the libdbus API are now annotated
+ with __attribute__((__format__(__printf__, *, *))) when compiling with
+ gcc or clang. This might make printf bugs in other software visible
+ at compile time.
+ (fd.o #97357, fd.o #98192, fd.o #98195, fd.o #98658;
+ Thomas Zimmermann, Simon McVittie)
+
+• When running with AppArmor mediation (for example using Ubuntu's patched
+ Linux kernel), clients can no longer auto-start services unless they would
+ have been able to send the auto-starting message to the service after it
+ starts. StartServiceByName() is unaffected, and continues to be allowed by
+ default in AppArmor's <abstractions/dbus-strict> and
+ <abstractions/dbus-session-strict>. (fd.o #98666, Simon McVittie)
+
+Fixes:
+
+• Work around an undesired effect of the fix for CVE-2014-3637
+ (fd.o #80559), in which processes that frequently send fds, such as
+ logind during a flood of new PAM sessions, can get disconnected for
+ continuously having at least one fd "in flight" for too long;
+ dbus-daemon interprets that as a potential denial of service attack.
+ The workaround is to disable that check for uid 0 process such as
+ logind, with a message in the system log. The bug remains open while
+ we look for a more general solution.
+ (fd.o #95263, LP#1591411; Simon McVittie)
+
+• Don't run the test test-dbus-launch-x11.sh if X11 autolaunching
+ was disabled at compile time. That test is not expected to work
+ in that configuration. (fd.o #98665, Simon McVittie)
+
+D-Bus 1.11.6 (2016-10-10)
+==
+
+The “darkly whimsical” release.
+
+Security fixes:
+
+• Do not treat ActivationFailure message received from root-owned systemd
+ name as a format string. In principle this is a security vulnerability,
+ but we do not believe it is exploitable in practice, because only
+ privileged processes can own the org.freedesktop.systemd1 bus name, and
+ systemd does not appear to send activation failures that contain "%".
+
+ Please note that this probably *was* exploitable in dbus versions
+ older than 1.6.30, 1.8.16 and 1.9.10 due to a missing check which at
+ the time was only thought to be a denial of service vulnerability
+ (CVE-2015-0245). If you are still running one of those versions,
+ patch or upgrade immediately.
+
+ (fd.o #98157, Simon McVittie)
+
+Enhancements:
+
+• D-Bus Specification version 0.29
+ · Recommend not using '/' for object paths (fd.o #37095, Philip Withnall)
+ · Allow <annotation> in <arg> elements (fd.o #86162, Philip Withnall)
+
+• Log to syslog when we exceed various anti-DoS limits, and add test
+ coverage for them (fd.o #86442, Simon McVittie)
+
+• Improve syslog handling so that _dbus_warn() and similar warnings
+ go to syslog, add dbus-daemon --syslog|--nosyslog|--syslog-only options,
+ and log to syslog (instead of /dev/null) when dbus-daemon is started by
+ dbus-launch. (fd.o #97009, Simon McVittie)
+
+• Install introspect.dtd and busconfig.dtd to ${datadir}/xml/dbus-1
+ (fd.o #89011, Philip Withnall)
+
+• When logging messages about service activation, mention which peer
+ requested the activation (fd.o #68212, Philip Withnall)
+
+• On Linux, mention the LSM label (if available) whenever we print
+ debug information about a peer (fd.o #68212, Philip Withnall)
+
+Other fixes:
+
+• Harden dbus-daemon against malicious or incorrect ActivationFailure
+ messages by rejecting them if they do not come from a privileged
+ process, or if systemd activation is not enabled
+ (fd.o #98157, Simon McVittie)
+
+• Avoid undefined behaviour when setting reply serial number without going
+ via union DBusBasicValue (fd.o #98035, Marc Mutz)
+
+• Fix CMake build for Unix platforms that do not have -lrt, such as Android,
+ or that do need -lsocket, such as QNX (fd.o #94096, Ralf Habacker)
+
+• autogen.sh: fail cleanly if autoconf fails (Simon McVittie)
+
+D-Bus 1.11.4 (2016-08-15)
+==
+
+The “copper pickaxe” release.
+
+Dependencies:
+
+• Building from git (but not from tarballs) now requires
+ macros from the GNU Autoconf Archive, for example the autoconf-archive
+ package in Debian or Fedora derivatives.
+
+Build-time configuration:
+
+• The option to enable coverage instrumentation has changed from
+ --enable-compiler-coverage to --enable-code-coverage.
+
+Enhancements:
+
+• D-Bus Specification version 0.28
+ · Clarify some details of serialization (fd.o #93382, Philip Withnall)
+
+• Increase listen() backlog of AF_UNIX sockets to the maximum possible,
+ minimizing failed connections under heavy load
+ (fd.o #95264, Lennart Poettering)
+
+• Add a new dbus-launch --exit-with-x11 option (fd.o #39197, Simon McVittie)
+
+• Use the same regression tests for subprocess starting on Unix and Windows
+ (fd.o #95191, Ralf Habacker)
+
+• Print timestamps and thread IDs in verbose messages
+ (fd.o #95191, Ralf Habacker)
+
+• On Unix, unify the various places that reopen stdin, stdout and/or stderr
+ pointing to /dev/null (fd.o #97008, Simon McVittie)
+
+• Use AX_CODE_COVERAGE instead of our own COMPILER_COVERAGE
+ (fd.o #88922, Thomas Zimmermann)
+
+Fixes:
+
+• On Windows, fix a memory leak in replacing the installation prefix
+ (fd.o #95191, Ralf Habacker)
+
+• On Linux, when dbus-daemon is run with reduced susceptibility to the
+ OOM killer (typically via systemd), do not let child processes inherit
+ that setting (fd.o #32851; Kimmo Hämäläinen, WaLyong Cho)
+
+• On Unix, make dbus-launch and dbus-daemon --fork work as intended
+ even if a parent process incorrectly starts them with stdin, stdout
+ and/or stderr closed (fd.o #97008, Simon McVittie)
+
+• Output valid shell syntax in ~/.dbus/session-bus/ if the bus address
+ contains a semicolon (fd.o #94746, Thiago Macieira)
+
+• Fix memory leaks and thread safety in subprocess starting on Windows
+ (fd.o #95191, Ralf Habacker)
+
+• Stop test-dbus-daemon incorrectly failing on platforms that cannot
+ discover the process ID of clients (fd.o #96653, Руслан Ижбулатов)
+
+• In tests that exercise correct handling of crashing D-Bus services,
+ suppress Windows crash handler (fd.o #95155; Yiyang Fei, Ralf Habacker)
+
+• Explicitly check for stdint.h (Ioan-Adrian Ratiu)
+
+• In tests, add an invalid DBusAuthState to avoid undefined behaviour
+ in some test cases (fd.o #93909, Nick Lewycky)
+
+• Add assertions to reassure a static analysis tool
+ (fd.o #93210, Deepika Aggarwal)
+
+• Be explicit about enum comparison when loading XML
+ (fd.o #93205, Deepika Aggarwal)
+
+• update-activation-environment: produce better diagnostics on error
+ (fd.o #96653, Simon McVittie)
+
+• Avoid various compiler warnings with gcc 6
+ (fd.o #97282; Thomas Zimmermann, Simon McVittie)
+
+• On Unix when configured to use the system log, report as "dbus-daemon",
+ not as "dbus" (fd.o #97009, Simon McVittie)
+
+• During unit tests, reduce the amount we write to the system log
+ (fd.o #97009, Simon McVittie)
+
+D-Bus 1.11.2 (2016-03-07)
+==
+
+The “pneumatic drill vs. Iron Maiden” release.
+
+Fixes:
+
+• Enable "large file support" on systems where it exists: dbus-daemon
+ is not expected to open large files, but it might need to stat files
+ that happen to have large inode numbers (fd.o #93545, Hongxu Jia)
+
+• Eliminate padding inside DBusMessageIter on 64-bit platforms,
+ which might result in a pedantic C compiler not copying the entire contents
+ of a DBusMessageIter; statically assert that this is not an ABI change
+ in practice (fd.o #94136, Simon McVittie)
+
+• Document dbus-test-tool echo --sleep-ms=N instead of incorrect --sleep=N
+ (fd.o #94244, Dmitri Iouchtchenko)
+
+• Correctly report test failures in C tests from run-test.sh
+ (fd.o #93379; amit tewari, Simon McVittie)
+
+• When tests are enabled, run all the marshal-validate tests, not just
+ the even-numbered ones (fd.o #93908, Nick Lewycky)
+
+• Correct the expected error from one marshal-validate test, which was
+ previously not run due to the above bug (fd.o #93908, Simon McVittie)
+
+• Fix compilation under CMake when embedded tests are disabled
+ (fd.o #94094, eric.hyer)
+
+Internal changes:
+
+• Fix all -Wpointer-sign (signed/unsigned mismatch) warnings, and enable the
+ warning (fd.o #93069; Ralf Habacker, Simon McVittie)
+
+• When building with CMake, use the same gcc/clang warnings as under Autotools,
+ or MSVC warnings that are broadly similar (fd.o #93069, Ralf Habacker)
+
+• test/name-test: make C tests produce TAP output and run them directly, not
+ via run-test.sh (fd.o #92899, Simon McVittie)
+
+• Under CMake when cross-compiling for Windows on Unix, run the tests
+ under Wine even if binfmt_misc support is not available
+ (fd.o #88966, Ralf Habacker)
+
+• The DBUS_USE_TEST_BINARY environment variable is no longer used by builds with
+ embedded tests; DBUS_TEST_DBUS_LAUNCH replaces it (fd.o #92899, Simon McVittie)
+
+• Factor out some functions that will be needed in future for a Windows
+ implementation of dbus-run-session (fd.o #92899, Ralf Habacker)
+
+D-Bus 1.11.0 (2015-12-02)
+==
+
+The “peppermint deer” release.
+
+Dependencies:
+
+• On non-Windows platforms, dbus now requires an <inttypes.h> that defines
+ C99 constants such as PRId64 and PRIu64.
+
+Enhancements:
+
+• D-Bus Specification version 0.27
+ · Specify that services should not reply if NO_REPLY_EXPECTED was used
+ (fd.o #75749, Lars Uebernickel)
+
+• Add a script to do continuous-integration builds, and metadata to run it
+ on travis-ci.org. To use this, clone the dbus git repository on GitHub
+ and set it up with travis-ci.org; the only special setting needed is
+ "only build branches with a .travis.yml". (fd.o #93194, Simon McVittie)
+
+• If dbus-daemon is run with --systemd-activation, do not require
+ org.freedesktop.systemd1.service to exist (fd.o #93194, Simon McVittie)
+
+Fixes:
+
+• Re-order dbus-daemon startup so that on SELinux systems, the thread
+ that reads AVC notifications retains the ability to write to the
+ audit log (fd.o #92832, Laurent Bigonville)
+
+• Print 64-bit integers on non-GNU Unix platforms (fd.o #92043, Natanael Copa)
+
+• When using the Monitoring interface, match messages' destinations
+ (fd.o #92074, Simon McVittie)
+
+• On Linux with systemd, stop installing a reference to the obsolete
+ dbus.target, and enable dbus.socket statically (fd.o #78412, #92402;
+ Simon McVittie)
+
+• On Windows, when including configuration files with <include> or
+ <includedir>, apply the same relocation as for the Exec paths
+ in .service files (fd.o #92028, Simon McVittie)
+
+• Add support for backtraces on Windows (fd.o #92721, Ralf Habacker)
+
+• Fix many -Wpointer-sign warnings (fd.o #93069, Ralf Habacker)
+
+D-Bus 1.10.6 (2015-12-01)
+==
+
+The “marzipan beetles” release.
+
+Fixes:
+
+• On Unix when running tests as root, don't assert that root and
+ the dbus-daemon user can still call UpdateActivationEnvironment;
+ assert that those privileged users can call BecomeMonitor instead
+ (fd.o #93036, Simon McVittie)
+
+• On Windows, fix a memory leak in the autolaunch transport (fd.o #92899,
+ Simon McVittie)
+
+• On Windows Autotools builds, don't run tests that rely on
+ dbus-run-session and other Unix-specifics (fd.o #92899, Simon McVittie)
+
+D-Bus 1.10.4 (2015-11-17)
+==
+
+The “Frostburn Canyon” release.
+
+Enhancements:
+
+• GetConnectionCredentials, GetConnectionUnixUser and
+ GetConnectionUnixProcessID with argument "org.freedesktop.DBus"
+ will now return details of the dbus-daemon itself. This is required
+ to be able to call SetEnvironment on systemd.
+ (fd.o #92857, Jan Alexander Steffens)
+
+Fixes:
+
+• Make UpdateActivationEnvironment always fail with AccessDenied on the
+ system bus. Previously, it was possible to configure it so root could
+ call it, but the environment variables were not actually used,
+ because the launch helper would discard them.
+ (fd.o #92857, Jan Alexander Steffens)
+
+• On Unix with --systemd-activation on a user bus, make
+ UpdateActivationEnvironment pass on its arguments to systemd's
+ SetEnvironment method, solving inconsistency between the environments
+ used for traditional activation and systemd user-service activation.
+ (fd.o #92857, Jan Alexander Steffens)
+
+• On Windows, don't crash if <syslog/> or --syslog is used
+ (fd.o #92538, Ralf Habacker)
+
+• On Windows, fix a memory leak when setting a DBusError from a Windows
+ error (fd.o #92721, Ralf Habacker)
+
+• On Windows, don't go into infinite recursion if we abort the process
+ with backtraces enabled (fd.o #92721, Ralf Habacker)
+
+• Fix various failing tests, variously on Windows and cross-platform:
+ · don't test system.conf features (users, groups) that only make sense
+ on the system bus, which is not supported on Windows
+ · don't call _dbus_warn() when we skip a test, since it is fatal
+ · fix computation of expected <standard_session_servicedirs/>
+ · when running TAP tests, translate newlines to Unix format, fixing
+ cross-compiled tests under Wine on Linux
+ · don't stress-test refcounting under Wine, where it's really slow
+ · stop assuming that a message looped-back to the test will be received
+ immediately
+ · skip some system bus tests on Windows since they make no sense there
+ (fd.o #92538, fd.o #92721; Ralf Habacker, Simon McVittie)
+
+D-Bus 1.10.2 (2015-10-26)
+==
+
+The “worst pies in London” release.
+
+Fixes:
+
+• Correct error handling for activation: if there are multiple attempts
+ to activate the same service and it fails immediately, the first attempt
+ would get the correct reply, but the rest would time out. We now send
+ the same error reply to each attempt. (fd.o #92200, Simon McVittie)
+
+• If BecomeMonitor is called with a syntactically invalid match rule,
+ don't crash with an assertion failure, fixing a regression in 1.9.10.
+ This was not exploitable as a denial of service, because the check
+ for a privileged user is done first. (fd.o #92298, Simon McVittie)
+
+• On Linux with --enable-user-session, add the bus address to the
+ environment of systemd services for better backwards compatibility
+ (fd.o #92612, Jan Alexander Steffens)
+
+• On Windows, fix the logic for replacing the installation prefix
+ in service files' Exec lines (fd.o #83539; Milan Crha, Simon McVittie)
+
+• On Windows, if installed in the conventional layout with ${prefix}/etc
+ and ${prefix}/share, use relative paths between bus configuration files
+ to allow the tree to be relocated (fd.o #92028, Simon McVittie)
+
+• Make more of the regression tests pass in Windows builds (fd.o #92538,
+ Simon McVittie)
+
+D-Bus 1.10.0 (2015-08-25)
+==
+
+The “0x20” release.
+
+This is a new stable branch, recommended for use in OS distributions.
+
+Fixes since 1.9.20:
+
+• distribute test/tap-test.sh.in, even if the tarball was built without
+ tests enabled (fd.o #91684, Simon McVittie)
+• work around a fd leak in libcap-ng < 0.7.7 (fd.o #91684, Simon McVittie)
+
+Summary of major changes since 1.8.0:
+
+• The basic setup for the well-known system and session buses is
+ now done in read-only files in ${datadir} (normally /usr/share).
+ See the NEWS entry for 1.9.18 for details.
+
+• AppArmor integration has been merged, with features similar to the
+ pre-existing SELinux integration. It is mostly compatible with the
+ patches previously shipped by Ubuntu, with one significant change:
+ Ubuntu's GetConnectionAppArmorSecurityContext method has been superseded
+ by GetConnectionCredentials and was not included.
+
+• The --enable-user-session configure option can be enabled
+ by OS integrators intending to use systemd to provide a session bus
+ per user (in effect, treating all concurrent graphical and non-graphical
+ login sessions as one large session).
+
+• The new listenable address mode "unix:runtime=yes" listens on
+ $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the systemd
+ user session. libdbus and "dbus-launch --autolaunch" will connect to
+ this address by default. GLib ≥ 2.45.3 and sd-bus ≥ 209 have a
+ matching default.
+
+• All executables are now dynamically linked to libdbus-1.
+ Previously, some executables, most notably dbus-daemon, were statically
+ linked to a specially-compiled variant of libdbus. This results in
+ various private functions in the _dbus namespace being exposed by the
+ shared library. These are not API, and must not be used outside
+ the dbus source tree.
+
+• On platforms with ELF symbol versioning, all public symbols
+ are versioned LIBDBUS_1_3.
+
+New bus APIs:
+
+• org.freedesktop.DBus.GetConnectionCredentials returns
+ LinuxSecurityLabel where supported
+• org.freedesktop.DBus.Monitoring interface (privileged)
+ · BecomeMonitor method supersedes match rules with eavesdrop=true,
+ which are now deprecated
+• org.freedesktop.DBus.Stats interface (semi-privileged)
+ · now enabled by default
+ · new GetAllMatchRules method
+• org.freedesktop.DBus.Verbose interface (not normally compiled)
+ · toggles the effect of DBUS_VERBOSE
+
+New executables:
+
+• dbus-test-tool
+• dbus-update-activation-environment
+
+New optional dependencies:
+
+• The systemd: pseudo-transport requires libsystemd or libsd-daemon
+• Complete documentation requires Ducktype and yelp-tools
+• Full test coverage requires GLib 2.36 and PyGI
+• AppArmor integration requires libapparmor and optionally libaudit
+
+Dependencies removed:
+
+• dbus-glib
projects / thirdparty / dbus.git / commitdiff
