Prepare embargoed 1.8.16 releasedbus-1.8.16

2 files changed, 18 insertions, 4 deletions

diff --git a/NEWS b/NEWS
index 47335526..d45c4ad7 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,21 @@
-D-Bus 1.8.16 (UNRELEASED)
+D-Bus 1.8.16 (2015-02-09)
 ==
 
-Fixes:
+The “poorly concealed wrestlers” release.
+
+Security fixes:
+
+• Do not allow non-uid-0 processes to send forged ActivationFailure
+  messages. On Linux systems with systemd activation, this would
+  allow a local denial of service: unprivileged processes could
+  flood the bus with these forged messages, winning the race with
+  the actual service activation and causing an error reply
+  to be sent back when service auto-activation was requested.
+  This does not prevent the real service from being started,
+  so it only works while the real service is not running.
+  (CVE-2015-0245, fd.o #88811; Simon McVittie)
+
+Other fixes:
 
 • fix a Windows build failure (fd.o #88009, Ralf Habacker)
 
diff --git a/configure.ac b/configure.ac
index e4d0f0f8..0d0d5d5d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
 
 m4_define([dbus_major_version], [1])
 m4_define([dbus_minor_version], [8])
-m4_define([dbus_micro_version], [15])
+m4_define([dbus_micro_version], [16])
 m4_define([dbus_version],
           [dbus_major_version.dbus_minor_version.dbus_micro_version])
 AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])
@@ -37,7 +37,7 @@ LT_CURRENT=11
 
 ## increment any time the source changes; set to
 ##  0 if you increment CURRENT
-LT_REVISION=10
+LT_REVISION=11
 
 ## increment if any interfaces have been added; set to 0
 ## if any interfaces have been changed or removed. removal has