diff options
author | Simon McVittie <smcv@collabora.com> | 2023-02-08 10:47:08 +0000 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2023-02-08 12:04:12 +0000 |
commit | a2cda736e4763517c1eb35fa8d8cebc747e313a2 (patch) | |
tree | dad57bc3d8a7200a3976bfd8bd0847095f9cec15 | |
parent | 27581805e1b8fba91534840ae1a7d65f99954d76 (diff) |
NEWS: Add #421
Signed-off-by: Simon McVittie <smcv@collabora.com>
-rw-r--r-- | NEWS | 11 |
1 files changed, 10 insertions, 1 deletions
@@ -1,7 +1,16 @@ dbus 1.14.6 (UNRELEASED) ======================== -Fixes: +Denial of service fixes: + +• Fix an incorrect assertion that could be used to crash dbus-daemon or + other users of DBusServer prior to authentication, if libdbus was compiled + with assertions enabled. + We recommend that production builds of dbus, for example in OS distributions, + should be compiled with checks but without assertions. + (dbus#421, Ralf Habacker; thanks to Evgeny Vereshchagin) + +Other fixes: • When connected to a dbus-broker, stop dbus-monitor from incorrectly replying to Peer method calls that were sent to the dbus-broker with |