Commit ee0e42ae authored by Simon McVittie's avatar Simon McVittie

Update NEWS

parent aef44759
...@@ -11,6 +11,12 @@ Dependencies: ...@@ -11,6 +11,12 @@ Dependencies:
Enhancements: Enhancements:
• D-Bus Specification v0.32
· Be clearer about the security properties of TCP transports, which
have no integrity or confidentiality protection and so should not
normally be used, except via the loopback interface on Windows
(fd.o #106004, Simon McVittie)
• On Linux 4.13 or later, <policy group="…"> now uses the SO_PEERGROUPS • On Linux 4.13 or later, <policy group="…"> now uses the SO_PEERGROUPS
credentials-passing socket option to get the effective group IDs credentials-passing socket option to get the effective group IDs
of the initiator of the connection. On platforms where that socket of the initiator of the connection. On platforms where that socket
...@@ -38,6 +44,11 @@ Enhancements: ...@@ -38,6 +44,11 @@ Enhancements:
The Devhelp documentation index is now in version 2 format The Devhelp documentation index is now in version 2 format
(fd.o #106186, Simon McVittie) (fd.o #106186, Simon McVittie)
Give the dbus-daemon man page some scarier warnings about
<allow_anonymous/>, which is insecure and should not be used,
particularly for the standard system and session buses
(fd.o #106004, Simon McVittie)
Fixes: Fixes:
Listening on TCP sockets copes better with IPv6 being disabled Listening on TCP sockets copes better with IPv6 being disabled
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment