import UBI dbus-1.12.8-26.el8

2023-11-14 20:02:52 +00:00
4 changed files with 39 additions and 5 deletions
--- a/SOURCES/dbus-kill-process-with-session
+++ b/SOURCES/dbus-kill-process-with-session
@ -7,8 +7,10 @@
 exec >& /dev/null

 MONITOR_READY_FILE=$(mktemp dbus-session-monitor.XXXXXX --tmpdir)
+DBUS_SESSIONS="${XDG_RUNTIME_DIR}/dbus-1/sessions"
+DBUS_SESSION_ADDRESS_FILE="${DBUS_SESSIONS}/${XDG_SESSION_ID}"

-trap 'rm -f "${MONITOR_READY_FILE}"; kill -TERM $1; kill -HUP $(jobs -p)' EXIT
+trap 'rm -f "${MONITOR_READY_FILE}"; rm -f "${DBUS_SESSION_ADDRESS_FILE}"; kill -TERM $1; kill -HUP $(jobs -p)' EXIT

 export GVFS_DISABLE_FUSE=1
 coproc SESSION_MONITOR (gio monitor -f "/run/systemd/sessions/${XDG_SESSION_ID}" "${MONITOR_READY_FILE}")
--- a/SOURCES/ssh-x-forwarding.csh
+++ b/SOURCES/ssh-x-forwarding.csh
@ -1,10 +1,24 @@
 # DBus session bus over SSH with X11 forwarding
 if ( $?SSH_CONNECTION == 0 ) exit
+if ( $?XDG_SESSION_ID == 0) exit
 if ( $?DISPLAY == 0 ) exit
 if ( $SHLVL > 1 ) exit
+
+set DBUS_SESSIONS = "${XDG_RUNTIME_DIR}/dbus-1/sessions"
+set DBUS_SESSION_ADDRESS_FILE = "${DBUS_SESSIONS}/${XDG_SESSION_ID}"
+
+if ( -e "${DBUS_SESSION_ADDRESS_FILE}" ) then
+    setenv DBUS_SESSION_BUS_ADDRESS "`cat ${DBUS_SESSION_ADDRESS_FILE}`"
+    exit
+endif
+
 setenv GDK_BACKEND x11

 eval `dbus-launch --csh-syntax`

 if ( $?DBUS_SESSION_BUS_PID == 0 ) exit
+
+mkdir -p "${DBUS_SESSIONS}"
+echo "${DBUS_SESSION_BUS_ADDRESS}" > "${DBUS_SESSION_ADDRESS_FILE}"
+
 setsid -f /usr/libexec/dbus-1/dbus-kill-process-with-session $DBUS_SESSION_BUS_PID
--- a/SOURCES/ssh-x-forwarding.sh
+++ b/SOURCES/ssh-x-forwarding.sh
@ -1,12 +1,25 @@
 # DBus session bus over SSH with X11 forwarding
 [ -z "$SSH_CONNECTION" ] && return
+[ -z "$XDG_SESSION_ID" ] && return
 [ -z "$DISPLAY" ] && return
 [ "${DISPLAY:0:1}" = ":" ] && return
 [ "$SHLVL" -ne 1 ] && return

+DBUS_SESSIONS="${XDG_RUNTIME_DIR}/dbus-1/sessions"
+DBUS_SESSION_ADDRESS_FILE="${DBUS_SESSIONS}/${XDG_SESSION_ID}"
+
+if [ -e "${DBUS_SESSION_ADDRESS_FILE}" ]; then
+    export DBUS_SESSION_BUS_ADDRESS="$(cat ${DBUS_SESSION_ADDRESS_FILE})"
+    return
+fi
+
 export GDK_BACKEND=x11

 eval `dbus-launch --sh-syntax`

 [ -z "$DBUS_SESSION_BUS_PID" ] && return
+
+mkdir -p "${DBUS_SESSIONS}"
+echo "${DBUS_SESSION_BUS_ADDRESS}" > "${DBUS_SESSION_ADDRESS_FILE}"
+
 setsid -f /usr/libexec/dbus-1/dbus-kill-process-with-session "$DBUS_SESSION_BUS_PID"
--- a/SPECS/dbus.spec
+++ b/SPECS/dbus.spec
@ -19,7 +19,7 @@
 Name:    dbus
 Epoch:   1
 Version: 1.12.8
-Release: 24%{?dist}.1
+Release: 26%{?dist}
 Summary: D-BUS message bus

 Group:   System Environment/Libraries
@ -47,7 +47,7 @@ Patch4: dbus-1.20.8-CVE-2022-42010.patch
 Patch5: dbus-1.20.8-CVE-2022-42011.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2133633
 Patch6: dbus-1.20.8-CVE-2022-42012.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=2213399
+# https://bugzilla.redhat.com/show_bug.cgi?id=2213400
 Patch7: dbus-1.12.8-fix-CVE-2023-34969.patch

 BuildRequires: autoconf-archive
@ -423,8 +423,13 @@ popd
 %{_includedir}/*

 %changelog
-* Mon Jun 19 2023 David King <dking@redhat.com> - 1:1.12.8-24.1
- Fix CVE-2023-34969 (#2213399)
+* Mon Jun 19 2023 David King <amigadave@amigadave.com> - 1.12.8-26
+- Fix CVE-2023-34969 (#2213400)
+
+* Mon Apr 24 2023 Ray Strode <rstrode@redhat.com> - 1.12.8-25
+- Ensure only one dbus-daemon is spawned for all shells sharing
+  a single connection.
+  Resolves: #2189201

 * Wed Oct 19 2022 David King <dking@redhat.com> - 1:1.12.8-24
 - Fix CVE-2022-42010 (#2133645)