Commit 6986e22b authored by Simon McVittie's avatar Simon McVittie


parent b57223d7
D-Bus 1.9.16 (UNRELEASED)
D-Bus 1.9.16 (2015-05-14)
Security hardening:
......@@ -8,11 +8,7 @@ Security hardening:
credentials-passing), as was already done for the system bus.
This avoids falling back to DBUS_COOKIE_SHA1, which relies on strongly
unpredictable pseudo-random numbers; under certain circumstances
(/dev/urandom unreadable or malloc() returns NULL), dbus could
fall back to using rand(), which does not have the desired unpredictability.
The fallback to rand() has not been changed in this stable-branch since
the necessary code changes for correct error-handling are rather intrusive.
unpredictable pseudo-random numbers.
If you are using D-Bus over the (unencrypted!) tcp: or nonce-tcp: transport,
in conjunction with DBUS_COOKIE_SHA1 and a shared home directory using
......@@ -22,6 +18,12 @@ Security hardening:
(fd.o #90414, Simon McVittie)
• When asked for random numbers for DBUS_COOKIE_SHA1, the nonce-tcp:
transport, UUIDs or any other reason, fail if we cannot obtain entropy
(from /dev/urandom or CryptGenRandom()) or an out-of-memory condition
occurs, instead of silently falling back to low-entropy pseudorandom
numbers from rand(). (fd.o #90414; Simon McVittie, Ralf Habacker)
• Add dbus_message_iter_get_element_count()
......@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
m4_define([dbus_major_version], [1])
m4_define([dbus_minor_version], [9])
m4_define([dbus_micro_version], [15])
m4_define([dbus_micro_version], [16])
......@@ -34,7 +34,7 @@ AC_DEFINE_UNQUOTED(DBUS_DAEMON_NAME,"dbus-daemon",[Name of executable])
## increment if the interface has additions, changes, removals.
## increment any time the source changes; set to
## 0 if you increment CURRENT
......@@ -43,7 +43,7 @@ LT_REVISION=0
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has
## precedence over adding, so set to 0 if both happened.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment