dbus-broker-28-bp154.2.3.1

- Fix a stack buffer over-read in bundled c-shquote (bsc#1200332,
  CVE-2022-31212)
  * fix-upstream-CVE-2022-31212.patch
- Fix a NULL pointer dereferences in bundled c-shquote (bsc#1200333,
  CVE-2022-31213)
  * fix-upstream-CVE-2022-31213.patch
  * this patch also backports some c_mem* functions to c-stdaux
    as they didnt exist in this version

- Update to release 28
  * Further improvements to the service activation tracking. This
    better tracks units in systemd and closes some races where a
    repeated activation would incorrectly fail.
  * Fix a crash where duplicate monitor matches would be
    incorrectly installed in the broker.

- Update to release 27
  * Fix several bugs with the new service-activation tracking,
    including a race-condition when restarting activatable
    services.
  * Be more verbose about denied configuration access and print
    the file-path for better diagnostics.

- Update to release 26
  * Improve the service activation tracking of the compatibility
    launcher. We now track spawned systemd units for their entire
    lifetime, so we can properly detect when activations fail.
  * Work around a kernel off-by-one error in the socket queue
    accounting to fix a race-condition where dbus clients might
    not be dispatched.
  * Support running without `shmem` configured in the kernel.
    This will make the broker run better on limited embedded
    devices.

- Update to release 25
  * Fix an assertion failure when disconnecting monitors with active
    unique-name matches.
  * Fix the selinux error-handling to no longer mark all errors as
    auditable by default.

- Update to release 24
  * Make audit-events properly typed and prevent non-auditable
    events from being forwarded to the linux audit system.

- Update to release 23
  * Expose supplementary groups as `UnixGroupIDs` as defined by
    the dbus specification in 0.53.
  * The broker now uses the peer-pid from `SO_PEERCRED` on the
    controller socket, rather than relying on `getppid()`. This
    allows creating the broker from intermediate processes
    without having any credentials of the intermediate leak into
    the broker.

- Update to release 22
  * Implement org.freedesktop.DBus.Debug.Stats in the driver.
  * Support no-op activation files.
  * The new configuration option `linux-4-17`, if set to true
    (default is false), makes dbus-broker assume it runs on
    linux-v4.17 or newer. It will make use of features introduced
    up to linux-v4.17. This allows to forcibly disable
    workarounds for old kernels.

- Update to new upstream release 21
  * Previously, resource limits were incorrectly calculated,
    leading too limits that were higher than intended.
  * Messages are now directly forwarded to the journal and
    amended with additional fields. The journal-catalog now
    contains entries with background information on runtime log
    messages.

- Update to new upstream release 18
  * The compatibility launcher is no longer isolated in its own
    network namespace, since the SELinux APIs require access to
    the root network namespace.

- Update RPM group.

- Update to new upstream release 17
  * The compatibility launcher now namespaces transient systemd
    units based on its own name on the scope-bus.
  * The launcher now respects the `<user>NAME</user>'
    configuration and correctly drops privileges of the broker
    and itself after startup.
  * Messages with file-descriptors will now be refused if the
    client did not negotiate file-descriptor passing before.
- Drop use-system-deps.diff

- Update to new upstream release 11
  * The policy-type of the dbus-broker API has been simplified.
    It is now reduced to a policy-batch indexed by uids, in
    combination with a policy-batch indexed either by gid or
    uid-range.
  * The launcher now supports a `--config-file PATH` commandline
    option to override the root configuration file, which is
    still deduced based on the passed scope parameter.

- Update to new upstream release 9
  * AddListener() on org.bus1.DBus.Broker now supports UID ranges.
  * dbus-broker.service unit is now ordered before basic.target.
  * The launcher now uses instantiated systemd template units
    when activating a service that has no associated systemd
    service file.
  * The launcher now supports configuration reloading.
  * Activated units now inherit their user from the actual D-Bus
    service, if provided.

- Update to new upstream release 4
  * Support for sending SELinux AVC violations to audit rather
    than syslog.
  * Units will now be activated via explicit calls to StartUnit()
    rather than faking a ActivationRequest directed signal. This
    allows to catch startup failures (or rejections) and allows
    to reject all pending activation requests right away.
  * The broker now logs policy violations to the system log.
- Add use-system-deps.diff

- Initial package (version 3) for build.opensuse.org