dbus-1-x11-1.8.10-4.1.x86_64.rpm


Advertisement

Description

dbus-1-x11 - D-Bus Message Bus System

Distribution: openSUSE 13.2
Repository: openSUSE Update all
Package name: dbus-1-x11
Package version: 1.8.10
Package release: 4.1
Package architecture: x86_64
Package type: rpm
Installed size: 46.11 KB
Download size: 67.26 KB
Official Mirror: ftp.gwdg.de
D-Bus contains some tools that require Xlib to be installed, those are in this separate package so server systems need not install X.

Provides

  • dbus-1-x11 = 1.8.10-4.1
  • dbus-1-x11(x86-64) = 1.8.10-4.1

    Download

    Install Howto

    Install dbus-1-x11 rpm package:

    # zypper install dbus-1-x11

    Files

    • /usr/bin/dbus-launch
    • /usr/bin/dbus-run-session
    • /usr/share/man/man1/dbus-launch.1.gz
    • /usr/share/man/man1/dbus-run-session.1.gz

    Changelog

    2014-11-10 - fstrba@suse.com - Update to 1.8.10: * Security fixes: - Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536 so that CVE-2014-3636 part A cannot exhaust the system bus' file descriptors, completing the incomplete fix in 1.8.8. (CVE-2014-7824, fd.o #85105; Simon McVittie, Alban Crequy)

    2014-09-30 - fstrba@suse.com - Reformat the spec file using spec-cleaner

    2014-09-18 - fstrba@suse.com - Update baselibs.conf: Provides dbus-1-32bit in lib package

    2014-09-16 - fstrba@suse.com - Update to 1.8.8: + Security fixes: - Do not accept an extra fd in the padding of a cmsg message, which could lead to a 4-byte heap buffer overrun. (CVE-2014-3635, fdo#83622, bnc#896453; Simon McVittie) - Reduce default for maximum Unix file descriptors passed per message from 1024 to 16, preventing a uid with the default maximum number of connections from exhausting the system bus' file descriptors under Linux's default rlimit. Distributors or system administrators with a more restrictive fd limit may wish to reduce these limits further. Additionally, on Linux this prevents a second denial of service in which the dbus-daemon can be made to exceed the maximum number of fds per sendmsg() and disconnect the process that would have received them. (CVE-2014-3636, fdo#82820, bnc#896453; Alban Crequy) - Disconnect connections that still have a fd pending unmarshalling after a new configurable limit, pending_fd_timeout (defaulting to 150 seconds), removing the possibility of creating an abusive connection that cannot be disconnected by setting up a circular reference to a connection's file descriptor. (CVE-2014-3637, fdo#80559, bnc#896453; Alban Crequy) - Reduce default for maximum pending replies per connection from 8192 to 128, mitigating an algorithmic complexity denial-of-service attack (CVE-2014-3638, fdo#81053, bnc#896453; Alban Crequy) - Reduce default for authentication timeout on the system bus from 30 seconds to 5 seconds, avoiding denial of service by using up all unauthenticated connection slots; and when all unauthenticated connection slots are used up, make new connection attempts block instead of disconnecting them. (CVE-2014-3639, fdo#80919, bnc#896453; Alban Crequy) + Other fixes: - Check for libsystemd from systemd >= 209, falling back to the older separate libraries if not found (Umut Tezduyar Lindskog, Simon McVittie) - On Linux, use prctl() to disable core dumps from a test executable that deliberately raises SIGSEGV to test dbus-daemon's handling of that condition (fdo#83772, Simon McVittie) - Fix compilation with --enable-stats (fdo#81043, Gentoo #507232; Alban Crequy) - Improve documentation for running tests on Windows (fdo#41252, Ralf Habacker)

    2014-07-19 - crrodriguez@opensuse.org - Remove all remains of sysvinit compatibility. - Do not force-fed -fstack-protector in CFLAGS, already there and obsoleted by stack-protector-strong in gcc 4.9. - Ensure doxygen never generates timestampted html docs.

    2014-07-10 - fcrozat@suse.com - Update baselibs.conf: Obsoletes dbus-1-32bit in lib package.

    Advertisement
    Advertisement