diffstat for xdg-dbus-proxy-0.1.6 xdg-dbus-proxy-0.1.6

 debian/changelog                                         |   11 ++
 debian/gbp.conf                                          |    2 
 debian/patches/Improve-detection-of-eavesdrop-true.patch |   70 +++++++++++++++
 debian/patches/series                                    |    2 
 flatpak-proxy.c                                          |   29 +++++-
 5 files changed, 109 insertions(+), 5 deletions(-)

diff -Nru xdg-dbus-proxy-0.1.6/debian/changelog xdg-dbus-proxy-0.1.6/debian/changelog
--- xdg-dbus-proxy-0.1.6/debian/changelog	2024-08-22 16:36:07.000000000 +0100
+++ xdg-dbus-proxy-0.1.6/debian/changelog	2026-04-10 23:31:23.000000000 +0100
@@ -1,3 +1,14 @@
+xdg-dbus-proxy (0.1.6-1+deb13u1) trixie-security; urgency=high
+
+  * d/gbp.conf: Configure for trixie
+  * d/p/Improve-detection-of-eavesdrop-true.patch:
+    Fix detection of eavesdrop=true match rules, resolving a vulnerability
+    in which a malicious or compromised Flatpak app could monitor D-Bus
+    traffic that it was not intended to be able to access.
+    (CVE-2026-34080) (Closes: #1132939)
+
+ -- Simon McVittie <smcv@debian.org>  Fri, 10 Apr 2026 23:31:23 +0100
+
 xdg-dbus-proxy (0.1.6-1) unstable; urgency=medium
 
   * Team upload
diff -Nru xdg-dbus-proxy-0.1.6/debian/gbp.conf xdg-dbus-proxy-0.1.6/debian/gbp.conf
--- xdg-dbus-proxy-0.1.6/debian/gbp.conf	2024-08-22 16:36:07.000000000 +0100
+++ xdg-dbus-proxy-0.1.6/debian/gbp.conf	2026-04-10 23:31:23.000000000 +0100
@@ -1,7 +1,7 @@
 [DEFAULT]
 pristine-tar = True
 compression = xz
-debian-branch = debian/latest
+debian-branch = debian/trixie
 upstream-branch = upstream/latest
 patch-numbers = False
 upstream-vcs-tag = %(version)s
diff -Nru xdg-dbus-proxy-0.1.6/debian/patches/Improve-detection-of-eavesdrop-true.patch xdg-dbus-proxy-0.1.6/debian/patches/Improve-detection-of-eavesdrop-true.patch
--- xdg-dbus-proxy-0.1.6/debian/patches/Improve-detection-of-eavesdrop-true.patch	1970-01-01 01:00:00.000000000 +0100
+++ xdg-dbus-proxy-0.1.6/debian/patches/Improve-detection-of-eavesdrop-true.patch	2026-04-10 23:31:23.000000000 +0100
@@ -0,0 +1,70 @@
+From: Sebastian Wick <sebastian.wick@redhat.com>
+Date: Wed, 25 Feb 2026 04:33:50 +0100
+Subject: Improve detection of eavesdrop=true
+
+While in bus-broker, the eavesdrop match must follow the form of
+`eavesdrop=[true|false]`, dbus-broker is more forgiving in its parsing
+and also accepts `eavesdrop =[true|false]` and other whitespace (\t\r\n)
+between `eavesdrop` and `=`. Let's make sure we also find those cases.
+
+Origin: upstream, 0.1.7, commit:4d0d1d74d4f40260a79161163b4b2f7276bce0b0
+Bug: https://github.com/flatpak/xdg-dbus-proxy/security/advisories/GHSA-vjp5-hjfm-7677
+Bug-CVE: CVE-2026-34080
+Bug-Debian: https://bugs.debian.org/1132939
+---
+ flatpak-proxy.c | 29 ++++++++++++++++++++++++++---
+ 1 file changed, 26 insertions(+), 3 deletions(-)
+
+diff --git a/flatpak-proxy.c b/flatpak-proxy.c
+index 7153135..8a4d597 100644
+--- a/flatpak-proxy.c
++++ b/flatpak-proxy.c
+@@ -2108,6 +2108,31 @@ get_arg0_string (Buffer *buffer)
+   return NULL;
+ }
+ 
++/* Matches against any "eavesdrop=", "eavesdrop =", etc. in str */
++static gboolean
++is_eavesdrop (const char *str)
++{
++  const char *e = str;
++
++  while (TRUE)
++    {
++      e = strstr (e, "eavesdrop");
++      if (e == NULL)
++        return FALSE;
++
++      e += strlen ("eavesdrop");
++
++      while (*e == ' '||
++             *e == '\t' ||
++             *e == '\n' ||
++             *e == '\r')
++        e++;
++
++      if (e[0] == '=')
++        return TRUE;
++    }
++}
++
+ static gboolean
+ validate_arg0_match (FlatpakProxyClient *client, Buffer *buffer)
+ {
+@@ -2115,15 +2140,13 @@ validate_arg0_match (FlatpakProxyClient *client, Buffer *buffer)
+     g_dbus_message_new_from_blob (buffer->data, buffer->size, 0, NULL);
+   GVariant *body;
+   g_autoptr(GVariant) arg0 = NULL;
+-  const char *match;
+ 
+   if (message != NULL &&
+       (body = g_dbus_message_get_body (message)) != NULL &&
+       (arg0 = g_variant_get_child_value (body, 0)) != NULL &&
+       g_variant_is_of_type (arg0, G_VARIANT_TYPE_STRING))
+     {
+-      match = g_variant_get_string (arg0, NULL);
+-      if (strstr (match, "eavesdrop=") != NULL)
++      if (is_eavesdrop (g_variant_get_string (arg0, NULL)))
+         return FALSE;
+     }
+ 
diff -Nru xdg-dbus-proxy-0.1.6/debian/patches/series xdg-dbus-proxy-0.1.6/debian/patches/series
--- xdg-dbus-proxy-0.1.6/debian/patches/series	2024-08-22 16:36:07.000000000 +0100
+++ xdg-dbus-proxy-0.1.6/debian/patches/series	2026-04-10 23:31:23.000000000 +0100
@@ -1 +1 @@
-
+Improve-detection-of-eavesdrop-true.patch
diff -Nru xdg-dbus-proxy-0.1.6/flatpak-proxy.c xdg-dbus-proxy-0.1.6/flatpak-proxy.c
--- xdg-dbus-proxy-0.1.6/flatpak-proxy.c	2024-08-22 15:42:11.000000000 +0100
+++ xdg-dbus-proxy-0.1.6/flatpak-proxy.c	2026-04-10 23:38:19.000000000 +0100
@@ -2108,6 +2108,31 @@
   return NULL;
 }
 
+/* Matches against any "eavesdrop=", "eavesdrop =", etc. in str */
+static gboolean
+is_eavesdrop (const char *str)
+{
+  const char *e = str;
+
+  while (TRUE)
+    {
+      e = strstr (e, "eavesdrop");
+      if (e == NULL)
+        return FALSE;
+
+      e += strlen ("eavesdrop");
+
+      while (*e == ' '||
+             *e == '\t' ||
+             *e == '\n' ||
+             *e == '\r')
+        e++;
+
+      if (e[0] == '=')
+        return TRUE;
+    }
+}
+
 static gboolean
 validate_arg0_match (FlatpakProxyClient *client, Buffer *buffer)
 {
@@ -2115,15 +2140,13 @@
     g_dbus_message_new_from_blob (buffer->data, buffer->size, 0, NULL);
   GVariant *body;
   g_autoptr(GVariant) arg0 = NULL;
-  const char *match;
 
   if (message != NULL &&
       (body = g_dbus_message_get_body (message)) != NULL &&
       (arg0 = g_variant_get_child_value (body, 0)) != NULL &&
       g_variant_is_of_type (arg0, G_VARIANT_TYPE_STRING))
     {
-      match = g_variant_get_string (arg0, NULL);
-      if (strstr (match, "eavesdrop=") != NULL)
+      if (is_eavesdrop (g_variant_get_string (arg0, NULL)))
         return FALSE;
     }