2019-11-06 13:10:01 UTC
A recent security fix to ibus (CVE-2019-14822, #940267, DSA-4525-1)
exposed an interoperability bug between GLib's implementation of D-Bus
and the reference implementation libdbus (#941018). The practical impact
is that Qt clients cannot use the updated ibus input method until GLib
This is the same as #944133, but for the older GLib in stretch. I've
tested both this and the buster update in corresponding GNOME virtual
machines; in both cases I can reproduce #941018 with the updated ibus,
and installing this version of GLib appears to fix it.
I haven't included the new unit test in this version. It usually passes
when run manually (confirming that the fix does work), but intermittently
hangs, and seems to hang more frequently when run in sbuild. I suspect
this is an unrelated multi-threading issue in GDBus message processing
(the GDBus tests tend to exercise this more aggressively than normal
applications). If so, it's unlikely to be a regression.