JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6d7cdd7f8b
nixpkgs/pkgs/development
History
Will Dietz 6d7cdd7f8b dbus: 1.12.14 -> 1.12.16 
https://gitlab.freedesktop.org/dbus/dbus/blob/dbus-1.12.16/NEWS

It's short and explains the CVE a bit, including below:

> CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
> authentication for identities that differ from the user running the
> DBusServer. Previously, a local attacker could manipulate symbolic
> links in their own home directory to bypass authentication and connect
> to a DBusServer with elevated privileges. The standard system and
> session dbus-daemons in their default configuration were immune to this
> attack because they did not allow DBUS_COOKIE_SHA1, but third-party
> users of DBusServer such as Upstart could be vulnerable.   Thanks to Joe
> Vennix of Apple Information Security.   (dbus#269, Simon McVittie)
2019-06-15 18:16:58 +02:00
..
androidndk-pkgs
arduino
beam-modules
bower-modules/generic
compilers Merge staging-next into staging 2019-06-15 08:43:33 +02:00
coq-modules coqPackages.simple-io: 1.0.0 -> 1.2.0 2019-06-06 15:06:08 +00:00
dhall-modules
dotnet-modules/patches
em-modules/generic
go-modules buildGoModule: pre-initialize module cache (#61967) 2019-05-24 09:10:35 -07:00
go-packages
guile-modules guile-lib: 0.2.2 -> 0.2.6.1 (#60978) 2019-05-18 19:07:56 +02:00
haskell-modules Merge pull request #62876 from endgame/unbreak-reflex 2019-06-14 17:21:46 +02:00
idris-modules
interpreters Merge pull request #62783 from Izorkin/php-packages 2019-06-12 13:14:22 +02:00
java-modules
libraries dbus: 1.12.14 -> 1.12.16 2019-06-15 18:16:58 +02:00
lisp-modules
lua-modules luaPackages.lpeg: 1.0.1 -> 1.0.2 2019-06-07 21:17:01 +09:00
misc treewide: update cargoSha256 hashes for cargo-vendor upgrade 2019-06-01 15:17:52 +00:00
mobile Merge staging-next into master 2019-06-15 10:46:55 +02:00
node-packages node2nix: 1.6.0 -> 1.7.0 and regenerate all Nix expressions, introduce nodePackages_12_x attribute set 2019-06-05 23:48:42 +02:00
ocaml-modules ocamlPackages.alcotest: 0.8.2 -> 0.8.5 2019-06-04 17:27:15 +02:00
perl-modules perl: get perl in HOST_PATH for patch-shebangs 2019-05-17 17:04:29 -04:00
pharo
pure-modules
python-modules Merge staging-next into master 2019-06-15 10:46:55 +02:00
r-modules rPackages.git2r: Use system libgit2 2019-06-14 10:05:07 -05:00
ruby-modules
tools Merge branch 'master' into staging-next 2019-06-14 17:47:23 +02:00
web grails: 3.3.9 -> 3.3.10 2019-06-10 23:20:58 +02:00