[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
03/03: gnu: dbus: Update to 1.13.18.
|
From: |
guix-commits |
|
Subject: |
03/03: gnu: dbus: Update to 1.13.18. |
|
Date: |
Sat, 28 Nov 2020 12:48:28 -0500 (EST) |
civodul pushed a commit to branch core-updates
in repository guix.
commit 8ae794ed4b0ef342a9cfc7ac31c2d9dd43723c7c
Author: Ludovic Courtès <ludo@gnu.org>
AuthorDate: Sat Nov 28 18:47:25 2020 +0100
gnu: dbus: Update to 1.13.18.
* gnu/packages/glib.scm (dbus): Update to 1.13.18.
[source]: Remove "dbus-CVE-2020-12049.patch".
* gnu/packages/patches/dbus-CVE-2020-12049.patch: Remove.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
gnu/local.mk | 1 -
gnu/packages/glib.scm | 9 ++--
gnu/packages/patches/dbus-CVE-2020-12049.patch | 58 --------------------------
3 files changed, 4 insertions(+), 64 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 3282394..4924c93 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -895,7 +895,6 @@ dist_patch_DATA =
\
%D%/packages/patches/datefudge-gettimeofday.patch \
%D%/packages/patches/dbacl-include-locale.h.patch \
%D%/packages/patches/dbus-helper-search-path.patch \
- %D%/packages/patches/dbus-CVE-2020-12049.patch \
%D%/packages/patches/dbus-c++-gcc-compat.patch \
%D%/packages/patches/dbus-c++-threading-mutex.patch \
%D%/packages/patches/dbxfs-remove-sentry-sdk.patch \
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 3f5dd93..606802e 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -89,17 +89,16 @@
(define dbus
(package
(name "dbus")
- (version "1.12.16")
+ (version "1.13.18")
(source (origin
(method url-fetch)
(uri (string-append
"https://dbus.freedesktop.org/releases/dbus/dbus-";
- version ".tar.gz"))
+ version ".tar.xz"))
(sha256
(base32
- "107ckxaff1cv4q6kmfdi2fb1nlsv03312a7kf6lb4biglhpjv8jl"))
- (patches (search-patches "dbus-CVE-2020-12049.patch"
- "dbus-helper-search-path.patch"))))
+ "0ki5yih89kvygiqf3qb7qfzcrw4fvilxj1b9w1y91arlbv1gay40"))
+ (patches (search-patches "dbus-helper-search-path.patch"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
diff --git a/gnu/packages/patches/dbus-CVE-2020-12049.patch
b/gnu/packages/patches/dbus-CVE-2020-12049.patch
deleted file mode 100644
index 7128014..0000000
--- a/gnu/packages/patches/dbus-CVE-2020-12049.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-Fix CVE-2020-12049:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12049
-https://lists.freedesktop.org/archives/ftp-release/2020-June/000753.html
-
-Taken from upstream:
-
-https://gitlab.freedesktop.org/dbus/dbus/-/commit/272d484283883fa9ff95b69d924fff6cd34842f5
-
-diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
---- a/dbus/dbus-sysdeps-unix.c
-+++ b/dbus/dbus-sysdeps-unix.c
-@@ -435,18 +435,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
- struct cmsghdr *cm;
- dbus_bool_t found = FALSE;
-
-- if (m.msg_flags & MSG_CTRUNC)
-- {
-- /* Hmm, apparently the control data was truncated. The bad
-- thing is that we might have completely lost a couple of fds
-- without chance to recover them. Hence let's treat this as a
-- serious error. */
--
-- errno = ENOSPC;
-- _dbus_string_set_length (buffer, start);
-- return -1;
-- }
--
- for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
- if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
- {
-@@ -501,6 +489,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
- if (!found)
- *n_fds = 0;
-
-+ if (m.msg_flags & MSG_CTRUNC)
-+ {
-+ unsigned int i;
-+
-+ /* Hmm, apparently the control data was truncated. The bad
-+ thing is that we might have completely lost a couple of fds
-+ without chance to recover them. Hence let's treat this as a
-+ serious error. */
-+
-+ /* We still need to close whatever fds we *did* receive,
-+ * otherwise they'll never get closed. (CVE-2020-12049) */
-+ for (i = 0; i < *n_fds; i++)
-+ close (fds[i]);
-+
-+ *n_fds = 0;
-+ errno = ENOSPC;
-+ _dbus_string_set_length (buffer, start);
-+ return -1;
-+ }
-+
- /* put length back (doesn't actually realloc) */
- _dbus_string_set_length (buffer, start + bytes_read);
-