From: Colin Walters Date: Fri, 28 Sep 2012 17:08:42 +0000 (-0400) Subject: Release 1.6.6 X-Git-Tag: dbus-1.6.6^0 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cf13cd08c74bd35bf834befb27af56a7f7ed7de1;p=thirdparty%2Fdbus.git Release 1.6.6 --- diff --git a/NEWS b/NEWS index bab9dda52..ae87020c5 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,11 @@ -D-Bus 1.6.6 (UNRELEASED) +D-Bus 1.6.6 (2012-09-28) == +The "Clear the environment in your setuid binaries, please" release. + +• CVE-2012-3524: Don't access environment variables (fd.o #52202) + Thanks to work and input from Colin Walters, Simon McVittie, + Geoffrey Thomas, and others. • Unix-specific: · Fix compilation on Solaris (fd.o #53286, Jonathan Perkin) · Work around interdependent headers on OpenBSD by including sys/types.h diff --git a/configure.ac b/configure.ac index 4eb530ae0..4cdb71b85 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ([2.63]) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [6]) -m4_define([dbus_micro_version], [5]) +m4_define([dbus_micro_version], [6]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])