[ubuntu/groovy-proposed] dbus 1.12.18-1ubuntu1 (Accepted)

Steve Langasek steve.langasek at ubuntu.com
Tue Jun 9 21:07:12 UTC 2020 

dbus (1.12.18-1ubuntu1) groovy; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Add dont-stop-dbus.patch: Don't stop D-Bus in the service unit.
    - debian/dbus.postinst, debian/rules: Don't start D-Bus on package
      installation, as that doesn't work any more with dont-stop-dbus.patch.
      Instead, start dbus.socket in postinst, which will then start D-Bus
      on demand after package installation.
    - Add aa-get-connection-apparmor-security-context.patch: This is not
      intended for upstream inclusion. It implements a bus method
      (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
      security context but upstream D-Bus has recently added a generic way of
      getting a connection's security credentials (GetConnectionCredentials).
      Ubuntu should carry this patch until packages in the archive are moved
      over to the new, generic method of getting a connection's credentials.
    - Make autopkgtests cross-test-friendly.

dbus (1.12.18-1) unstable; urgency=medium

  [ Simon McVittie ]
  * New upstream stable release
    - CVE-2020-12049: Prevent a denial of service attack in which a local
      user can make the system dbus-daemon run out of file descriptors
    - d/p/dbus-daemon-test-Don-t-test-fd-limits-if-in-an-unprivileg.patch:
      Drop patch, applied upstream.
  * Switch to debhelper-compat 12
    - Don't restart systemd units on upgrade.
      Previously, this was handled by the dh_installinit override.
    - Add ${misc:Pre-Depends} to all binary packages.
      This is required for dbus for dh_installsystemd under dh compat
      level 12, and is harmless for the others.
  * dbus: Remove an unused Lintian override.
    Lintian used to warn twice for the statically-enabled dbus.service unit,
    but now only warns once.
  * dbus-tests: Silence package-contains-documentation-outside-usr-share-doc
    Lintian tag.
    The tests contain some READMEs that describe what is in their directory.
  * d/tests: Remove compatibility with deprecated ADTTMP.
    autopkgtest has supported AUTOPKGTEST_TMP long enough to use it
    unconditionally.
  * Introduce noinsttest build profile.
    This disables dbus-tests, and when combined with nocheck it disables
    the circular GLib dependency.
  * Remove non-standard pkg.dbus.minimal build profile.
    It was not a "safe" build profile (it altered the contents of binary
    packages, notably dropping LSM and systemd support, which could result
    in dependent packages being broken), and the combination of nocheck,
    nodoc and noinsttest achieves most of the same build-dependency
    reductions.
  * Explicitly build-depend on pkg-config.
    Previously, this was pulled in by libglib2.0-dev. (Closes: #945201)
  * d/upstream/metadata: Distinguish between Bug-Submit and Bug-Database
  * Change system bus socket to /run/dbus/system_bus_socket.
    The interoperable cross-distro path is /var/run/dbus/system_bus_socket,
    so this remains the upstream default for the benefit of distributions
    where /var/run and /run are (problematically) not guaranteed to be
    equivalent. However, Debian Policy since at least v4.1.5 guarantees
    that /var/run is a symlink to /run, and this has been implemented
    for several stable releases (since at least initscripts 2.88dsf-29
    in 2012, in the sysvinit case), so it is harmless to prefer the
    path in /run, which has advantages in a few corner cases (ability
    to unmount /var is the main one) and avoids warnings from systemd.
    (Closes: #783321, #857678, #932105, #958289)
  * Standards-Version: 4.5.0
    - Note that the user for `dbus-daemon --system` is still named
      'messagebus' for historical reasons. If it was added today,
      we'd call it _dbus as per Policy §9.2.1, but this is not the right
      package to be experimenting with renaming system users.
  * d/dbus-udeb.postinst: Remove #DEBHELPER# token.
    debhelper doesn't actually substitute this in udebs, making it just
    an ordinary comment.

  [ Debian Janitor ]
  * Remove trailing whitespace in d/changelog.
  * Use secure URI in Homepage field.
  * Re-export upstream signing key without extra signatures.
  * Set upstream metadata fields: Bug-Submit (from ./configure),
    Repository, Repository-Browse.

Date: Tue, 09 Jun 2020 13:55:57 -0700
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/dbus/1.12.18-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 09 Jun 2020 13:55:57 -0700
Source: dbus
Architecture: source
Version: 1.12.18-1ubuntu1
Distribution: groovy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Closes: 783321 857678 932105 945201 958289
Changes:
 dbus (1.12.18-1ubuntu1) groovy; urgency=low
 .
   * Merge from Debian unstable.  Remaining changes:
     - Add dont-stop-dbus.patch: Don't stop D-Bus in the service unit.
     - debian/dbus.postinst, debian/rules: Don't start D-Bus on package
       installation, as that doesn't work any more with dont-stop-dbus.patch.
       Instead, start dbus.socket in postinst, which will then start D-Bus
       on demand after package installation.
     - Add aa-get-connection-apparmor-security-context.patch: This is not
       intended for upstream inclusion. It implements a bus method
       (GetConnectionAppArmorSecurityContext) to get a connection's AppArmor
       security context but upstream D-Bus has recently added a generic way of
       getting a connection's security credentials (GetConnectionCredentials).
       Ubuntu should carry this patch until packages in the archive are moved
       over to the new, generic method of getting a connection's credentials.
     - Make autopkgtests cross-test-friendly.
 .
 dbus (1.12.18-1) unstable; urgency=medium
 .
   [ Simon McVittie ]
   * New upstream stable release
     - CVE-2020-12049: Prevent a denial of service attack in which a local
       user can make the system dbus-daemon run out of file descriptors
     - d/p/dbus-daemon-test-Don-t-test-fd-limits-if-in-an-unprivileg.patch:
       Drop patch, applied upstream.
   * Switch to debhelper-compat 12
     - Don't restart systemd units on upgrade.
       Previously, this was handled by the dh_installinit override.
     - Add ${misc:Pre-Depends} to all binary packages.
       This is required for dbus for dh_installsystemd under dh compat
       level 12, and is harmless for the others.
   * dbus: Remove an unused Lintian override.
     Lintian used to warn twice for the statically-enabled dbus.service unit,
     but now only warns once.
   * dbus-tests: Silence package-contains-documentation-outside-usr-share-doc
     Lintian tag.
     The tests contain some READMEs that describe what is in their directory.
   * d/tests: Remove compatibility with deprecated ADTTMP.
     autopkgtest has supported AUTOPKGTEST_TMP long enough to use it
     unconditionally.
   * Introduce noinsttest build profile.
     This disables dbus-tests, and when combined with nocheck it disables
     the circular GLib dependency.
   * Remove non-standard pkg.dbus.minimal build profile.
     It was not a "safe" build profile (it altered the contents of binary
     packages, notably dropping LSM and systemd support, which could result
     in dependent packages being broken), and the combination of nocheck,
     nodoc and noinsttest achieves most of the same build-dependency
     reductions.
   * Explicitly build-depend on pkg-config.
     Previously, this was pulled in by libglib2.0-dev. (Closes: #945201)
   * d/upstream/metadata: Distinguish between Bug-Submit and Bug-Database
   * Change system bus socket to /run/dbus/system_bus_socket.
     The interoperable cross-distro path is /var/run/dbus/system_bus_socket,
     so this remains the upstream default for the benefit of distributions
     where /var/run and /run are (problematically) not guaranteed to be
     equivalent. However, Debian Policy since at least v4.1.5 guarantees
     that /var/run is a symlink to /run, and this has been implemented
     for several stable releases (since at least initscripts 2.88dsf-29
     in 2012, in the sysvinit case), so it is harmless to prefer the
     path in /run, which has advantages in a few corner cases (ability
     to unmount /var is the main one) and avoids warnings from systemd.
     (Closes: #783321, #857678, #932105, #958289)
   * Standards-Version: 4.5.0
     - Note that the user for `dbus-daemon --system` is still named
       'messagebus' for historical reasons. If it was added today,
       we'd call it _dbus as per Policy §9.2.1, but this is not the right
       package to be experimenting with renaming system users.
   * d/dbus-udeb.postinst: Remove #DEBHELPER# token.
     debhelper doesn't actually substitute this in udebs, making it just
     an ordinary comment.
 .
   [ Debian Janitor ]
   * Remove trailing whitespace in d/changelog.
   * Use secure URI in Homepage field.
   * Re-export upstream signing key without extra signatures.
   * Set upstream metadata fields: Bug-Submit (from ./configure),
     Repository, Repository-Browse.
Checksums-Sha1:
 f381ae05100ce9c52ef4db7dcc985e32cd07d3ca 3671 dbus_1.12.18-1ubuntu1.dsc
 06a8faeb4c3c2c9739fda04f81c6ccdb1a0e5f77 2094453 dbus_1.12.18.orig.tar.gz
 c73ec1e0ab00bbe830b8535a273586bf9c1743de 833 dbus_1.12.18.orig.tar.gz.asc
 e59a80c6e977c553ee317c531324eca40ae2e613 61152 dbus_1.12.18-1ubuntu1.debian.tar.xz
 e7e5845e85a65c94ef95c8c854b49fcd3e502483 7003 dbus_1.12.18-1ubuntu1_source.buildinfo
Checksums-Sha256:
 24cb2be4c74a2b1e3871a0f477adca28f960b4b60692da55762304700e1f5455 3671 dbus_1.12.18-1ubuntu1.dsc
 64cf4d70840230e5e9bc784d153880775ab3db19d656ead8a0cb9c0ab5a95306 2094453 dbus_1.12.18.orig.tar.gz
 0daddfcc8e30facf66c1a79a1d0fd776e18a180f9a6fe634874f404f9972ce30 833 dbus_1.12.18.orig.tar.gz.asc
 54c4c9ece3590b015fa65d02a835a12a5d7d62550afcbf9d84118c53932d1139 61152 dbus_1.12.18-1ubuntu1.debian.tar.xz
 d5c9fb0e5a6f1b03aa21c5e8a42b1bd40ab3c709a01f256aa9ec25a1e2c3dcae 7003 dbus_1.12.18-1ubuntu1_source.buildinfo
Files:
 e3e70ddf8d44376521b36254aa682308 3671 admin optional dbus_1.12.18-1ubuntu1.dsc
 4ca570c281be35d0b30ab83436712242 2094453 admin optional dbus_1.12.18.orig.tar.gz
 0a724430ba9292ee0a8ea4862b72471d 833 admin optional dbus_1.12.18.orig.tar.gz.asc
 4ba025413e26549b0a28ce1c680cc695 61152 admin optional dbus_1.12.18-1ubuntu1.debian.tar.xz
 5ab77b15dd3b909b81bb5803ce848ed6 7003 admin optional dbus_1.12.18-1ubuntu1_source.buildinfo
Original-Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQJOBAEBCgA4FiEErEg/aN5yj0PyIC/KVo0w8yGyEz0FAl7f+WoaHHN0ZXZlLmxh
bmdhc2VrQHVidW50dS5jb20ACgkQVo0w8yGyEz0jYg/+NoFCdQlDYoUy0see7dCP
u88gvnMwnq8G19KswbAV2FwUTFhAdcOUNZMEfIpjsbCgzQ76E90jIE9LsOEGuYyH
UBvemQnXzt2ZUW5UOvu1gbivczK34dY6ZWvPfRzd2cA+2JbhnwdYgc7znbh+MNiB
l/SX0m0LbR33uF9NGu7kotFQTMdeHeRGFskos+K+UFihZ/xro4CL825bxxlFmXru
flJXCOwWO/Ek9dEmpxSfWX2hIymtLi2mlV/WEzFqy+Jgri+J9c2ayeH67BJdDrKh
6//wmBZaRtrd671wHIc78bVenbr7JIXCCBCO0lyzZSOqf/VWKzzJYrOCLwcR2VSm
Hdrn/VZZHcm5LegwE1W+hFLUEacz7nzTIcphSqu73DpSNnKyHYiBdpw30yTaIf43
Cge/pUUNoRt+VMb4vwd5y86WmoPbgmKUFAZJ8BDDoFnbRBaB35xy1sHHXGvOj5DT
kNtOepc18VpH+TkrvuUwT+kWADJqW/hmNvx+MF6dlQO97ZJiz9AbjczndeBXDrQf
Xi1FV4FmPYk4yPvhge0X6M/tv+7xfJO/vs4ZEX/9mp4Jr164JJQI3UKdcOgz1fkW
wcJU1QJHEOX8tSwQgq3SG+u9jsPBKV1oSZl1lGrVqHoDBQcyRtq/l7cQyScym0x5
dhU095sJ05ce5MtHHOB4QnA=
=uxtX
-----END PGP SIGNATURE-----

More information about the Groovy-changes mailing list