diff --git a/dbus-1.12.8-CVE-2023-34969.patch b/dbus-1.12.8-fix-CVE-2023-34969.patch
similarity index 83%
rename from dbus-1.12.8-CVE-2023-34969.patch
rename to dbus-1.12.8-fix-CVE-2023-34969.patch
index dd053d0b5f4853c85b658856c855e08ec00d044f..535cd18025e6dbe0fb5d5b0fcc43bd800d5fcfe7 100644
--- a/dbus-1.12.8-CVE-2023-34969.patch
+++ b/dbus-1.12.8-fix-CVE-2023-34969.patch
@@ -1,9 +1,50 @@
+From 3a1b1e9a4010e581e2e940e61d37c4f617eb5eff Mon Sep 17 00:00:00 2001
+From: Simon McVittie <smcv@collabora.com>
+Date: Mon, 5 Jun 2023 17:56:33 +0100
+Subject: [PATCH 1/3] monitor test: Log the messages that we monitored
+
+This is helpful while debugging test failures.
+
+Helps: dbus/dbus#457
+Signed-off-by: Simon McVittie <smcv@collabora.com>
+(cherry picked from commit 8ee5d3e04420975107c27073b50f8758871a998b)
+---
+ test/monitor.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/test/monitor.c b/test/monitor.c
+index df5a7180..182110f8 100644
+--- a/test/monitor.c
++++ b/test/monitor.c
+@@ -196,6 +196,10 @@ _log_message (DBusMessage *m,
+       not_null (dbus_message_get_signature (m)));
+   g_test_message ("\terror name: %s",
+       not_null (dbus_message_get_error_name (m)));
++  g_test_message ("\tserial number: %u",
++      dbus_message_get_serial (m));
++  g_test_message ("\tin reply to: %u",
++      dbus_message_get_reply_serial (m));
+ 
+   if (strcmp ("s", dbus_message_get_signature (m)) == 0)
+     {
+@@ -339,6 +343,9 @@ monitor_filter (DBusConnection *connection,
+ {
+   Fixture *f = user_data;
+ 
++  g_test_message ("Monitor received message:");
++  log_message (message);
++
+   g_assert_cmpstr (dbus_message_get_interface (message), !=,
+       "com.example.Tedious");
+ 
+-- 
+2.41.0
+
+
 From 37a4dc5835731a1f7a81f1b67c45b8dfb556dd1c Mon Sep 17 00:00:00 2001
 From: hongjinghao <q1204531485@163.com>
 Date: Mon, 5 Jun 2023 18:17:06 +0100
-Subject: [PATCH 1/2] bus: Assign a serial number for messages from the driver
-
-commit 37a4dc5835731a1f7a81f1b67c45b8dfb556dd1c upstream.
+Subject: [PATCH 2/3] bus: Assign a serial number for messages from the driver
 
 Normally, it's enough to rely on a message being given a serial number
 by the DBusConnection just before it is actually sent. However, in the
@@ -33,10 +74,10 @@ Resolves: dbus/dbus#457
  3 files changed, 27 insertions(+), 1 deletion(-)
 
 diff --git a/bus/connection.c b/bus/connection.c
-index a41b790b..4d46992c 100644
+index b3583433..215f0230 100644
 --- a/bus/connection.c
 +++ b/bus/connection.c
-@@ -2376,6 +2376,21 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
+@@ -2350,6 +2350,21 @@ bus_transaction_send_from_driver (BusTransaction *transaction,
    if (!dbus_message_set_sender (message, DBUS_SERVICE_DBUS))
      return FALSE;
  
@@ -59,10 +100,10 @@ index a41b790b..4d46992c 100644
      {
        if (!dbus_message_set_destination (message,
 diff --git a/dbus/dbus-connection-internal.h b/dbus/dbus-connection-internal.h
-index 912b546e..747e6e54 100644
+index 48357321..ba79b192 100644
 --- a/dbus/dbus-connection-internal.h
 +++ b/dbus/dbus-connection-internal.h
-@@ -57,6 +57,8 @@ DBUS_PRIVATE_EXPORT
+@@ -54,6 +54,8 @@ DBUS_PRIVATE_EXPORT
  DBusConnection *  _dbus_connection_ref_unlocked                (DBusConnection     *connection);
  DBUS_PRIVATE_EXPORT
  void              _dbus_connection_unref_unlocked              (DBusConnection     *connection);
@@ -72,10 +113,10 @@ index 912b546e..747e6e54 100644
                                                                  DBusList           *link);
  dbus_bool_t       _dbus_connection_has_messages_to_send_unlocked (DBusConnection     *connection);
 diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c
-index 105bdf4e..34380293 100644
+index c525b6dc..09cef278 100644
 --- a/dbus/dbus-connection.c
 +++ b/dbus/dbus-connection.c
-@@ -1461,7 +1461,16 @@ _dbus_connection_unref_unlocked (DBusConnection *connection)
+@@ -1456,7 +1456,16 @@ _dbus_connection_unref_unlocked (DBusConnection *connection)
      _dbus_connection_last_unref (connection);
  }
  
@@ -94,15 +135,13 @@ index 105bdf4e..34380293 100644
  {
    dbus_uint32_t serial;
 -- 
-2.40.1
+2.41.0
 
 
 From 2c699f6ba9c162878c69d0728298c1ab7308db72 Mon Sep 17 00:00:00 2001
 From: Simon McVittie <smcv@collabora.com>
 Date: Mon, 5 Jun 2023 18:51:22 +0100
-Subject: [PATCH 2/2] monitor test: Reproduce dbus/dbus#457
-
-commit 2c699f6ba9c162878c69d0728298c1ab7308db72 upstream.
+Subject: [PATCH 3/3] monitor test: Reproduce dbus/dbus#457
 
 The exact failure mode reported in dbus/dbus#457 is quite difficult
 to achieve in a reliable way in a unit test, because we'd have to send
@@ -133,7 +172,7 @@ index d145613c..58b3cc6a 100644
    </policy>
  </busconfig>
 diff --git a/test/monitor.c b/test/monitor.c
-index d5a54b00..846a980c 100644
+index 182110f8..42e0734d 100644
 --- a/test/monitor.c
 +++ b/test/monitor.c
 @@ -155,6 +155,21 @@ static Config side_effects_config = {
@@ -205,7 +244,7 @@ index d5a54b00..846a980c 100644
  /* This is called after processing pending replies to our own method
   * calls, but before anything else.
   */
-@@ -727,6 +761,11 @@ test_become_monitor (Fixture *f,
+@@ -797,6 +831,11 @@ test_become_monitor (Fixture *f,
    test_assert_no_error (&f->e);
    g_assert_cmpint (ret, ==, DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER);
  
@@ -217,7 +256,7 @@ index d5a54b00..846a980c 100644
    while (!got_unique || !got_a || !got_b || !got_c)
      {
        if (g_queue_is_empty (&f->monitored))
-@@ -1378,6 +1417,7 @@ test_dbus_daemon (Fixture *f,
+@@ -1448,6 +1487,7 @@ test_dbus_daemon (Fixture *f,
  {
    DBusMessage *m;
    int res;
@@ -225,7 +264,7 @@ index d5a54b00..846a980c 100644
  
    if (f->address == NULL)
      return;
-@@ -1393,7 +1433,12 @@ test_dbus_daemon (Fixture *f,
+@@ -1463,7 +1503,12 @@ test_dbus_daemon (Fixture *f,
    test_assert_no_error (&f->e);
    g_assert_cmpint (res, ==, DBUS_RELEASE_NAME_REPLY_RELEASED);
  
@@ -239,7 +278,7 @@ index d5a54b00..846a980c 100644
      test_main_context_iterate (f->ctx, TRUE);
  
    m = g_queue_pop_head (&f->monitored);
-@@ -1406,10 +1451,12 @@ test_dbus_daemon (Fixture *f,
+@@ -1476,10 +1521,12 @@ test_dbus_daemon (Fixture *f,
        "NameOwnerChanged", "sss", NULL);
    dbus_message_unref (m);
  
@@ -255,7 +294,7 @@ index d5a54b00..846a980c 100644
    dbus_message_unref (m);
  
    m = g_queue_pop_head (&f->monitored);
-@@ -1631,8 +1678,14 @@ static void
+@@ -1701,8 +1748,14 @@ static void
  expect_new_connection (Fixture *f)
  {
    DBusMessage *m;
@@ -271,7 +310,7 @@ index d5a54b00..846a980c 100644
      test_main_context_iterate (f->ctx, TRUE);
  
    m = g_queue_pop_head (&f->monitored);
-@@ -1649,7 +1702,11 @@ expect_new_connection (Fixture *f)
+@@ -1719,7 +1772,11 @@ expect_new_connection (Fixture *f)
    dbus_message_unref (m);
  
    m = g_queue_pop_head (&f->monitored);
@@ -284,7 +323,7 @@ index d5a54b00..846a980c 100644
    dbus_message_unref (m);
  }
  
-@@ -1988,6 +2045,8 @@ main (int argc,
+@@ -2044,6 +2101,8 @@ main (int argc,
        setup, test_method_call, teardown);
    g_test_add ("/monitor/forbidden-method", Fixture, &forbidding_config,
        setup, test_forbidden_method_call, teardown);
@@ -294,5 +333,5 @@ index d5a54b00..846a980c 100644
        setup, test_dbus_daemon, teardown);
    g_test_add ("/monitor/selective", Fixture, &selective_config,
 -- 
-2.40.1
+2.41.0
 
diff --git a/dbus-kill-process-with-session b/dbus-kill-process-with-session
index f89156832acfd62b9b44ee8c582ade6b5e10ce80..6adfee9fdfba1078b84b0e6dfcef30fec77790f8 100644
--- a/dbus-kill-process-with-session
+++ b/dbus-kill-process-with-session
@@ -7,8 +7,10 @@
 exec >& /dev/null
 
 MONITOR_READY_FILE=$(mktemp dbus-session-monitor.XXXXXX --tmpdir)
+DBUS_SESSIONS="${XDG_RUNTIME_DIR}/dbus-1/sessions"
+DBUS_SESSION_ADDRESS_FILE="${DBUS_SESSIONS}/${XDG_SESSION_ID}"
 
-trap 'rm -f "${MONITOR_READY_FILE}"; kill -TERM $1; kill -HUP $(jobs -p)' EXIT
+trap 'rm -f "${MONITOR_READY_FILE}"; rm -f "${DBUS_SESSION_ADDRESS_FILE}"; kill -TERM $1; kill -HUP $(jobs -p)' EXIT
 
 export GVFS_DISABLE_FUSE=1
 coproc SESSION_MONITOR (gio monitor -f "/run/systemd/sessions/${XDG_SESSION_ID}" "${MONITOR_READY_FILE}")
diff --git a/dbus.spec b/dbus.spec
index 1ceb1be2534362af94ac29636a1b988d0d29271b..70f122f4bbc41bfc65e1fda9c7f739c2119aed64 100644
--- a/dbus.spec
+++ b/dbus.spec
@@ -21,7 +21,7 @@
 Name:    dbus
 Epoch:   1
 Version: 1.12.8
-Release: 25%{anolis_release}%{?dist}
+Release: 26%{anolis_release}%{?dist}
 Summary: D-BUS message bus
 
 Group:   System Environment/Libraries
@@ -49,12 +49,11 @@ Patch4: dbus-1.20.8-CVE-2022-42010.patch
 Patch5: dbus-1.20.8-CVE-2022-42011.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=2133633
 Patch6: dbus-1.20.8-CVE-2022-42012.patch
+# https://bugzilla.redhat.com/show_bug.cgi?id=2213400
+Patch7: dbus-1.12.8-fix-CVE-2023-34969.patch
 # Added by Anolis OS
-Patch7:  0002-Forbid-AX_-prefixed-patterns-more-selectively.patch 
-Patch8:  0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch
-# https://gitlab.freedesktop.org/dbus/dbus/-/commit/37a4dc5835731a1f7a81f1b67c45b8dfb556dd1c
-# https://gitlab.freedesktop.org/dbus/dbus/-/commit/2c699f6ba9c162878c69d0728298c1ab7308db72
-Patch9: dbus-1.12.8-CVE-2023-34969.patch
+Patch1000:  0002-Forbid-AX_-prefixed-patterns-more-selectively.patch 
+Patch1001:  0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch
 
 BuildRequires: autoconf-archive
 BuildRequires: libtool
@@ -450,12 +449,18 @@ popd
 %doc AUTHORS ChangeLog HACKING NEWS README
 
 %changelog
-* Thu Aug 10 2023 Bo Liu <liubo03@inspur.com> - 1.12.8-25.0.1
-- Fix CVE-2023-34969
-
-* Wed Jun 28 2023 Zhao Hang <wb-zh951434@alibaba-inc.com> - 1.12.8-24.1.0.1
+* Fri Dec 15 2023 Zhao Hang <wb-zh951434@alibaba-inc.com> - 1.12.8-26.0.1
 - Add doc sub package, requires and provides
 - Fix build failure(Chang Gao)
+- Fix CVE-2023-34969 (Bo Liu)
+
+* Mon Jun 19 2023 David King <amigadave@amigadave.com> - 1.12.8-26
+- Fix CVE-2023-34969 (#2213400)
+
+* Mon Apr 24 2023 Ray Strode <rstrode@redhat.com> - 1.12.8-25
+- Ensure only one dbus-daemon is spawned for all shells sharing
+  a single connection.
+  Resolves: #2189201
 
 * Wed Oct 19 2022 David King <dking@redhat.com> - 1:1.12.8-24
 - Fix CVE-2022-42010 (#2133645)
diff --git a/ssh-x-forwarding.csh b/ssh-x-forwarding.csh
index 10d87ed650cad44161c52c34cc345398d32dc0d7..47424e533702f5fb964e01729712756f17ae7ef8 100644
--- a/ssh-x-forwarding.csh
+++ b/ssh-x-forwarding.csh
@@ -1,10 +1,24 @@
 # DBus session bus over SSH with X11 forwarding
 if ( $?SSH_CONNECTION == 0 ) exit
+if ( $?XDG_SESSION_ID == 0) exit
 if ( $?DISPLAY == 0 ) exit
 if ( $SHLVL > 1 ) exit
+
+set DBUS_SESSIONS = "${XDG_RUNTIME_DIR}/dbus-1/sessions"
+set DBUS_SESSION_ADDRESS_FILE = "${DBUS_SESSIONS}/${XDG_SESSION_ID}"
+
+if ( -e "${DBUS_SESSION_ADDRESS_FILE}" ) then
+    setenv DBUS_SESSION_BUS_ADDRESS "`cat ${DBUS_SESSION_ADDRESS_FILE}`"
+    exit
+endif
+
 setenv GDK_BACKEND x11
 
 eval `dbus-launch --csh-syntax`
 
 if ( $?DBUS_SESSION_BUS_PID == 0 ) exit
+
+mkdir -p "${DBUS_SESSIONS}"
+echo "${DBUS_SESSION_BUS_ADDRESS}" > "${DBUS_SESSION_ADDRESS_FILE}"
+
 setsid -f /usr/libexec/dbus-1/dbus-kill-process-with-session $DBUS_SESSION_BUS_PID
diff --git a/ssh-x-forwarding.sh b/ssh-x-forwarding.sh
index 37c48f482e0412d376daed8c0aebe827e21482b2..9fbb8d1fe7e1f1ae32c9860b37ec0022fbf3d81a 100644
--- a/ssh-x-forwarding.sh
+++ b/ssh-x-forwarding.sh
@@ -1,12 +1,25 @@
 # DBus session bus over SSH with X11 forwarding
 [ -z "$SSH_CONNECTION" ] && return
+[ -z "$XDG_SESSION_ID" ] && return
 [ -z "$DISPLAY" ] && return
 [ "${DISPLAY:0:1}" = ":" ] && return
 [ "$SHLVL" -ne 1 ] && return
 
+DBUS_SESSIONS="${XDG_RUNTIME_DIR}/dbus-1/sessions"
+DBUS_SESSION_ADDRESS_FILE="${DBUS_SESSIONS}/${XDG_SESSION_ID}"
+
+if [ -e "${DBUS_SESSION_ADDRESS_FILE}" ]; then
+    export DBUS_SESSION_BUS_ADDRESS="$(cat ${DBUS_SESSION_ADDRESS_FILE})"
+    return
+fi
+
 export GDK_BACKEND=x11
 
 eval `dbus-launch --sh-syntax`
 
 [ -z "$DBUS_SESSION_BUS_PID" ] && return
+
+mkdir -p "${DBUS_SESSIONS}"
+echo "${DBUS_SESSION_BUS_ADDRESS}" > "${DBUS_SESSION_ADDRESS_FILE}"
+
 setsid -f /usr/libexec/dbus-1/dbus-kill-process-with-session "$DBUS_SESSION_BUS_PID"