kumquat-buildroot/package/dbus
Peter Korsgaard 52ae2a4e1d package/dbus: security bump to version 1.2.28
Fixes the following security issues:

- CVE-2023-34969: Fix an assertion failure in dbus-daemon when a privileged
  Monitoring connection (dbus-monitor, busctl monitor, gdbus monitor or
  similar) is active, and a message from the bus driver cannot be delivered
  to a client connection due to <deny> rules or outgoing message quota.
  This is a denial of service if triggered maliciously by a local attacker.

- Fix an incorrect assertion that could be used to crash dbus-daemon or
  other users of DBusServer prior to authentication, if libdbus was compiled
  with assertions enabled.

For details, see the NEWS file:
https://gitlab.freedesktop.org/dbus/dbus/blob/dbus-1.12/NEWS

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-06-25 21:24:32 +02:00
..
Config.in
dbus.hash package/dbus: security bump to version 1.2.28 2023-06-25 21:24:32 +02:00
dbus.mk package/dbus: security bump to version 1.2.28 2023-06-25 21:24:32 +02:00
S30dbus