Mailinglist Archive: yast-commit (819 mails)

< Previous Next >
[yast-commit] r55025 - in /branches/SuSE-Code-11-Branch/core: ./ VERSION dbus/SCR_service/ dbus/SCR_service/org.opensuse.yast.SCR.conf.in package/yast2-core.changes
  • From: mvidner@xxxxxxxxxxxxxxxx
  • Date: Mon, 26 Jan 2009 14:05:06 -0000
  • Message-id: <E1LRS5K-0001J1-Cx@xxxxxxxxxxxxxxxx>
Author: mvidner
Date: Mon Jan 26 15:05:06 2009
New Revision: 55025

URL: http://svn.opensuse.org/viewcvs/yast?rev=55025&view=rev
Log:
Merged revisions 55003 via svnmerge from
http://svn.opensuse.org/svn/yast/trunk/core

........
r55003 | mvidner | 2009-01-26 14:00:40 +0100 (Po, 26 led 2009) | 2 lines

Fixed the D-Bus access policy (bnc#468390, CVE-2008-4311).
........

Modified:
branches/SuSE-Code-11-Branch/core/ (props changed)
branches/SuSE-Code-11-Branch/core/VERSION
branches/SuSE-Code-11-Branch/core/dbus/SCR_service/ (props changed)

branches/SuSE-Code-11-Branch/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
branches/SuSE-Code-11-Branch/core/package/yast2-core.changes

Modified: branches/SuSE-Code-11-Branch/core/VERSION
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/core/VERSION?rev=55025&r1=55024&r2=55025&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/core/VERSION (original)
+++ branches/SuSE-Code-11-Branch/core/VERSION Mon Jan 26 15:05:06 2009
@@ -1 +1 @@
-2.17.26
+2.17.27

Modified:
branches/SuSE-Code-11-Branch/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in?rev=55025&r1=55024&r2=55025&view=diff
==============================================================================
---
branches/SuSE-Code-11-Branch/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
(original)
+++
branches/SuSE-Code-11-Branch/core/dbus/SCR_service/org.opensuse.yast.SCR.conf.in
Mon Jan 26 15:05:06 2009
@@ -1,11 +1,20 @@
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration
1.0//EN" "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";>
<busconfig>
+<!--
+ Rationale:
+ http://lists.opensuse.org/opensuse-packaging/2009-01/msg00132.html
+ https://bugzilla.novell.com/show_bug.cgi?id=468390
+-->
<policy user="root">
<allow own="org.opensuse.yast.SCR"/>
- <allow send_interface="org.opensuse.yast.SCR.Methods"/>
+ <allow send_destination="org.opensuse.yast.SCR"/>
</policy>
<policy context="default">
- <deny own="org.opensuse.yast.SCR"/>
- <@ACCESS_MODE@ send_interface="org.opensuse.yast.SCR.Methods"/>
+ <!-- allowed iff compiled with PolicyKit -->
+ <@ACCESS_MODE@ send_destination="org.opensuse.yast.SCR"
+ send_interface="org.opensuse.yast.SCR.Methods"/>
+ <!-- introspection is allowed -->
+ <allow send_destination="org.opensuse.yast.SCR"
+ send_interface="org.freedesktop.DBus.Introspectable" />
</policy>
</busconfig>

Modified: branches/SuSE-Code-11-Branch/core/package/yast2-core.changes
URL:
http://svn.opensuse.org/viewcvs/yast/branches/SuSE-Code-11-Branch/core/package/yast2-core.changes?rev=55025&r1=55024&r2=55025&view=diff
==============================================================================
--- branches/SuSE-Code-11-Branch/core/package/yast2-core.changes (original)
+++ branches/SuSE-Code-11-Branch/core/package/yast2-core.changes Mon Jan 26
15:05:06 2009
@@ -1,4 +1,10 @@
-------------------------------------------------------------------
+Mon Jan 26 14:00:31 CET 2009 - mvidner@xxxxxxx
+
+- Fixed the D-Bus access policy (bnc#468390, CVE-2008-4311).
+- 2.18.27
+
+-------------------------------------------------------------------
Mon Dec 22 13:16:02 CET 2008 - mvidner@xxxxxxx

- Reverted r50800 which, in an attempt to fix another bug, encoded to

--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages