From: Colin Walters Date: Fri, 28 Sep 2012 18:03:29 +0000 (-0400) Subject: Release 1.4.22 X-Git-Tag: dbus-1.4.24~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0899b0060697978de3fb5faeb1aa979bd68b1667;p=thirdparty%2Fdbus.git Release 1.4.22 --- diff --git a/NEWS b/NEWS index 187b215d1..ba4f37de1 100644 --- a/NEWS +++ b/NEWS @@ -1,7 +1,9 @@ -D-Bus 1.4.22 (UNRELEASED) +D-Bus 1.4.22 (2012-09-28) == -Changes: +• CVE-2012-3524: Don't access environment variables (fd.o #52202) + Thanks to work and input from Colin Walters, Simon McVittie, + Geoffrey Thomas, and others. • Be more careful about monotonic time vs. real time, fixing DBUS_COOKIE_SHA1 spec-compliance (fd.o #48580, David Zeuthen) diff --git a/configure.ac b/configure.ac index 9f57a0000..e63ede38a 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ([2.63]) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [4]) -m4_define([dbus_micro_version], [21]) +m4_define([dbus_micro_version], [22]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])