Update to 1.6.12.

I'm not completly sure this affects us, but beter safe then sorry. While here wordsmith Options description to try to make it clearer. Security: CVE-2013-2168
svn path=/head/; revision=320834
2025-07-18 01:39:16 -04:00 · 2013-06-13 19:54:25 +00:00 · 2013-06-13 19:54:25 +00:00 · 93fc4d80bf · 2021-03-31 03:12:20 +00:00
commit 93fc4d80bf
parent d82b0db767
3 changed files with 34 additions and 4 deletions
--- a/devel/dbus/Makefile
+++ b/devel/dbus/Makefile
@ -3,7 +3,7 @@
 #   $MCom: ports/devel/dbus/Makefile,v 1.58 2013/02/15 15:06:49 kwm Exp $

 PORTNAME=	dbus
-PORTVERSION=	1.6.8
+PORTVERSION=	1.6.12
 CATEGORIES=	devel gnome
 MASTER_SITES=	http://dbus.freedesktop.org/releases/dbus/

@ -41,7 +41,7 @@ MAN1=		dbus-cleanup-sockets.1 dbus-daemon.1 dbus-launch.1 \

 OPTIONS_DEFINE=	X11
 OPTIONS_DEFAULT=X11
-X11_DESC=	X11 Desktop Environments
+X11_DESC=	Support X11 Desktop Environments

 .include <bsd.port.options.mk>

--- a/devel/dbus/distinfo
+++ b/devel/dbus/distinfo
@ -1,2 +1,2 @@
-SHA256 (dbus-1.6.8.tar.gz) = fc1370ef38abeeb13f55c905ec002e60705fb0bfde3b8d21c8d6eb8056c11bac
-SIZE (dbus-1.6.8.tar.gz) = 1929630
+SHA256 (dbus-1.6.12.tar.gz) = f67a7abfd6d045c1e9eba2bba4199d301836bc0c6e8a727c765913aba780ee92
+SIZE (dbus-1.6.12.tar.gz) = 1933805
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -51,6 +51,36 @@ Note:  Please add new entries to the beginning of this file.

 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="4e9e410b-d462-11e2-8d57-080027019be0">
+    <topic>dbus -- local dos</topic>
+    <affects>
+      <package>
+	<name>dbus</name>
+	<range><lt>1.16.12</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Simon McVittie reports:</p>
+	<blockquote cite="http://lists.freedesktop.org/archives/dbus/2013-June/015696.html">
+	  <p>Alexandru Cornea discovered a vulnerability in libdbus caused
+	     by an implementation bug in _dbus_printf_string_upper_bound().
+	     This vulnerability can be exploited by a local user to crash
+	     system services that use libdbus, causing denial of service.
+	     It is platform-specific: x86-64 Linux is known to be affected.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2013-2168</cvename>
+      <url>http://lists.freedesktop.org/archives/dbus/2013-June/015696.html</url>
+    </references>
+    <dates>
+      <discovery>2013-06-13</discovery>
+      <entry>2013-06-13</entry>
+    </dates>
+  </vuln>
+
  <vuln vid="fce67546-d2e7-11e2-a9bf-98fc11cdc4f5">
    <topic>linux-flashplugin -- multiple vulnerabilities</topic>
    <affects>