Opened 3 years ago

Closed 3 years ago

#10988 closed enhancement (fixed)

dbus-1.12.10

Reported by: Bruce Dubbs Owned by: DJ Lucas
Priority: normal Milestone: 8.3
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Fixes:

  • Prevent reading up to 3 bytes beyond the end of a truncated message. This could in principle be an information leak or denial of service on the system bus, but is not believed to be exploitable to crash the system bus or leak interesting information in practice. (fd.o #107332, Simon McVittie)
  • Fix build with gcc 8 -Werror=cast-function-type (fd.o #107349, Simon McVittie)
  • Fix warning from gcc 8 about suspicious use of strncpy() when populating struct sockaddr_un (fd.o #107350, Simon McVittie)
  • Fix a minor memory leak when a DBusServer listens on a new address (fd.o #107194, Simon McVittie)
  • Fix an invalid NULL argument to rmdir() if a nonce-tcp DBusServer runs out of memory (fd.o #107194, Simon McVittie)
  • Don't use misleading errno-derived error names if getaddrinfo() or getnameinfo() fails with a code other than EAI_SYSTEM (fd.o #106395, Simon McVittie)
  • Skip tests that require working TCP if we are in a container environment where 127.0.0.1 cannot be resolved (fd.o #106812, Simon McVittie)

Change History (2)

comment:1 by DJ Lucas, 3 years ago

Owner: changed from blfs-book to DJ Lucas
Status: newassigned

comment:2 by DJ Lucas, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed in r20301.

Note: See TracTickets for help on using tickets.