summary refs log tree commit diff
path: root/gnu
diff options
context:
space:
mode:
Diffstat (limited to 'gnu')
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/glib.scm9
-rw-r--r--gnu/packages/patches/dbus-CVE-2020-12049.patch58
3 files changed, 4 insertions, 64 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 3282394eec..4924c932c6 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -895,7 +895,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/datefudge-gettimeofday.patch		\
   %D%/packages/patches/dbacl-include-locale.h.patch		\
   %D%/packages/patches/dbus-helper-search-path.patch		\
-  %D%/packages/patches/dbus-CVE-2020-12049.patch		\
   %D%/packages/patches/dbus-c++-gcc-compat.patch		\
   %D%/packages/patches/dbus-c++-threading-mutex.patch		\
   %D%/packages/patches/dbxfs-remove-sentry-sdk.patch		\
diff --git a/gnu/packages/glib.scm b/gnu/packages/glib.scm
index 3f5dd936d2..606802e7de 100644
--- a/gnu/packages/glib.scm
+++ b/gnu/packages/glib.scm
@@ -89,17 +89,16 @@
 (define dbus
   (package
     (name "dbus")
-    (version "1.12.16")
+    (version "1.13.18")
     (source (origin
               (method url-fetch)
               (uri (string-append
                     "https://dbus.freedesktop.org/releases/dbus/dbus-"
-                    version ".tar.gz"))
+                    version ".tar.xz"))
               (sha256
                (base32
-                "107ckxaff1cv4q6kmfdi2fb1nlsv03312a7kf6lb4biglhpjv8jl"))
-              (patches (search-patches "dbus-CVE-2020-12049.patch"
-                                       "dbus-helper-search-path.patch"))))
+                "0ki5yih89kvygiqf3qb7qfzcrw4fvilxj1b9w1y91arlbv1gay40"))
+              (patches (search-patches "dbus-helper-search-path.patch"))))
     (build-system gnu-build-system)
     (arguments
      '(#:configure-flags
diff --git a/gnu/packages/patches/dbus-CVE-2020-12049.patch b/gnu/packages/patches/dbus-CVE-2020-12049.patch
deleted file mode 100644
index 71280144a1..0000000000
--- a/gnu/packages/patches/dbus-CVE-2020-12049.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-Fix CVE-2020-12049:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12049
-https://lists.freedesktop.org/archives/ftp-release/2020-June/000753.html
-
-Taken from upstream:
-
-https://gitlab.freedesktop.org/dbus/dbus/-/commit/272d484283883fa9ff95b69d924fff6cd34842f5
-
-diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c
---- a/dbus/dbus-sysdeps-unix.c
-+++ b/dbus/dbus-sysdeps-unix.c
-@@ -435,18 +435,6 @@ _dbus_read_socket_with_unix_fds (DBusSocket        fd,
-       struct cmsghdr *cm;
-       dbus_bool_t found = FALSE;
- 
--      if (m.msg_flags & MSG_CTRUNC)
--        {
--          /* Hmm, apparently the control data was truncated. The bad
--             thing is that we might have completely lost a couple of fds
--             without chance to recover them. Hence let's treat this as a
--             serious error. */
--
--          errno = ENOSPC;
--          _dbus_string_set_length (buffer, start);
--          return -1;
--        }
--
-       for (cm = CMSG_FIRSTHDR(&m); cm; cm = CMSG_NXTHDR(&m, cm))
-         if (cm->cmsg_level == SOL_SOCKET && cm->cmsg_type == SCM_RIGHTS)
-           {
-@@ -501,6 +489,26 @@ _dbus_read_socket_with_unix_fds (DBusSocket        fd,
-       if (!found)
-         *n_fds = 0;
- 
-+      if (m.msg_flags & MSG_CTRUNC)
-+        {
-+          unsigned int i;
-+
-+          /* Hmm, apparently the control data was truncated. The bad
-+             thing is that we might have completely lost a couple of fds
-+             without chance to recover them. Hence let's treat this as a
-+             serious error. */
-+
-+          /* We still need to close whatever fds we *did* receive,
-+           * otherwise they'll never get closed. (CVE-2020-12049) */
-+          for (i = 0; i < *n_fds; i++)
-+            close (fds[i]);
-+
-+          *n_fds = 0;
-+          errno = ENOSPC;
-+          _dbus_string_set_length (buffer, start);
-+          return -1;
-+        }
-+
-       /* put length back (doesn't actually realloc) */
-       _dbus_string_set_length (buffer, start + bytes_read);
-