diff options
| author | Simon McVittie <smcv@collabora.com> | 2020-07-02 10:25:04 +0100 |
|---|---|---|
| committer | Simon McVittie <smcv@collabora.com> | 2020-07-02 10:25:04 +0100 |
| commit | 5757fd54804b81fe860fafccf6b59b30ec16f3bd (patch) | |
| tree | b17c5c737fea5ce3493b9fd3f472a79370b34119 | |
| parent | f3b2574f0c9faa32a59efec905921f7ef4438a60 (diff) | |
| download | dbus-5757fd54804b81fe860fafccf6b59b30ec16f3bd.tar.gz | |
Update NEWS
Signed-off-by: Simon McVittie <smcv@collabora.com>
| -rw-r--r-- | NEWS | 21 |
1 files changed, 20 insertions, 1 deletions
@@ -1,7 +1,26 @@ dbus 1.12.20 (UNRELEASED) ========================= -... +The “temporary nemesis” release. + +Maybe security fixes: + +• On Unix, avoid a use-after-free if two usernames have the same + numeric uid. In older versions this could lead to a crash (denial of + service) or other undefined behaviour, possibly including incorrect + authorization decisions if <policy group=...> is used. + Like Unix filesystems, D-Bus' model of identity cannot distinguish + between users of different names with the same numeric uid, so this + configuration is not advisable on systems where D-Bus will be used. + Thanks to Daniel Onaca. + (dbus#305, dbus!166; Simon McVittie) + +Other fixes: + +• On Solaris and its derivatives, if a cmsg header is truncated, ensure + that we do not overrun the buffer used for fd-passing, even if the + kernel tells us to. + (dbus#304, dbus!165; Andy Fiddaman) dbus 1.12.18 (2020-06-02) ========================= |