summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/glib.scm9
-rw-r--r--gnu/packages/patches/dbus-CVE-2020-12049.patch58
3 files changed, 4 insertions, 64 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 3282394eec..4924c932c6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -895,7 +895,6 @@ dist_patch_DATA = \
%D%/packages/patches/datefudge-gettimeofday.patch \
%D%/packages/patches/dbacl-include-locale.h.patch \
%D%/packages/patches/dbus-helper-search-path.patch \
- %D%/packages/patches/dbus-CVE-2020-12049.patch \
%D%/packages/patches/dbus-c++-gcc-compat.patch \
%D%/packages/patches/dbus-c++-threading-mutex.patch \
%D%/packages/patches/dbxfs-remove-sentry-sdk.patch \
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 3f5dd936d2..606802e7de 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -89,17 +89,16 @@
(define dbus
(package
(name "dbus")
- (version "1.12.16")
+ (version "1.13.18")
(source (origin
(method url-fetch)
(uri (string-append
"https://dbus.freedesktop.org/releases/dbus/dbus-"
- version ".tar.gz"))
+ version ".tar.xz"))
(sha256
(base32
- "107ckxaff1cv4q6kmfdi2fb1nlsv03312a7kf6lb4biglhpjv8jl"))
- (patches (search-patches "dbus-CVE-2020-12049.patch"
- "dbus-helper-search-path.patch"))))
+ "0ki5yih89kvygiqf3qb7qfzcrw4fvilxj1b9w1y91arlbv1gay40"))
+ (patches (search-patches "dbus-helper-search-path.patch"))))
(build-system gnu-build-system)
(arguments
'(#:configure-flags
diff --git a/gnu/packages/patches/dbus-CVE-2020-12049.patch b/gnu/packages/patches/dbus-CVE-2020-12049.patch
deleted file mode 100644
index 71280144a1..0000000000
--- a/gnu/packages/patches/dbus-CVE-2020-12049.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-Fix CVE-2020-12049:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12049
-https://lists.freedesktop.org/archives/ftp-release/2020-June/000753.html
-
-Taken from upstream:
-
-https://gitlab.freedesktop.org/dbus/dbus/-/commit/272d484283883fa9ff95b69d924fff6cd34842f5
-
-diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
---- a/dbus/dbus-sysdeps-unix.c
-+++ b/dbus/dbus-sysdeps-unix.c
-@@ -435,18 +435,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
- struct cmsghdr *cm;
- dbus_bool_t found = FALSE;
-
-- if (m.msg_flags & MSG_CTRUNC)
-- {
-- /* Hmm, apparently the control data was truncated. The bad
-- thing is that we might have completely lost a couple of fds
-- without chance to recover them. Hence let's treat this as a
-- serious error. */
--
-- errno = ENOSPC;
-- _dbus_string_set_length (buffer, start);
-- return -1;
-- }
--
- for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
- if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
- {
-@@ -501,6 +489,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket fd,
- if (!found)
- *n_fds = 0;
-
-+ if (m.msg_flags & MSG_CTRUNC)
-+ {
-+ unsigned int i;
-+
-+ /* Hmm, apparently the control data was truncated. The bad
-+ thing is that we might have completely lost a couple of fds
-+ without chance to recover them. Hence let's treat this as a
-+ serious error. */
-+
-+ /* We still need to close whatever fds we *did* receive,
-+ * otherwise they'll never get closed. (CVE-2020-12049) */
-+ for (i = 0; i < *n_fds; i++)
-+ close (fds[i]);
-+
-+ *n_fds = 0;
-+ errno = ENOSPC;
-+ _dbus_string_set_length (buffer, start);
-+ return -1;
-+ }
-+
- /* put length back (doesn't actually realloc) */
- _dbus_string_set_length (buffer, start + bytes_read);
-