Commit 23cc709d authored by Simon McVittie's avatar Simon McVittie

Prepare version 1.12.16

Signed-off-by: Simon McVittie's avatarSimon McVittie <>
parent 066aea77
Pipeline #41852 passed with stage
in 13 minutes and 16 seconds
dbus 1.12.16 (UNRELEASED)
dbus 1.12.16 (2019-06-11)
The tree cat release.
Security fixes:
CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
authentication for identities that differ from the user running the
DBusServer. Previously, a local attacker could manipulate symbolic
links in their own home directory to bypass authentication and connect
to a DBusServer with elevated privileges. The standard system and
session dbus-daemons in their default configuration were immune to this
attack because they did not allow DBUS_COOKIE_SHA1, but third-party
users of DBusServer such as Upstart could be vulnerable.
Thanks to Joe Vennix of Apple Information Security.
(dbus#269, Simon McVittie)
dbus 1.12.14 (2019-05-17)
......@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
m4_define([dbus_major_version], [1])
m4_define([dbus_minor_version], [12])
m4_define([dbus_micro_version], [15])
m4_define([dbus_micro_version], [16])
......@@ -42,7 +42,7 @@ LT_CURRENT=22
## increment any time the source changes; set to
## 0 if you increment CURRENT
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment