-
policykit-1 (0.105-20ubuntu0.18.04.6) bionic-security; urgency=medium
* SECURITY UPDATE: Local Privilege Escalation in pkexec
- debian/patches/CVE-2021-4034.patch: properly handle command-line
arguments in src/programs/pkcheck.c, src/programs/pkexec.c.
- CVE-2021-4034
-- Marc Deslauriers <email address hidden> Wed, 12 Jan 2022 07:34:00 -0500
-
policykit-1 (0.105-20ubuntu0.18.04.5) bionic-security; urgency=medium
* SECURITY UPDATE: start time protection mechanism bypass
- debian/patches/CVE-2019-6133.patch: Compare PolkitUnixProcess uids
for temporary authorizations in src/polkit/polkitsubject.c,
src/polkit/polkitunixprocess.c,
src/polkitbackend/polkitbackendinteractiveauthority.c.
- CVE-2019-6133
-- Marc Deslauriers <email address hidden> Wed, 27 Mar 2019 09:57:02 -0400
-
policykit-1 (0.105-20ubuntu0.18.04.4) bionic-security; urgency=medium
* SECURITY UPDATE: authorization bypass with large uid
- debian/patches/CVE-2018-19788-1.patch: allow negative uids/gids in
PolkitUnixUser and Group objects in src/polkit/polkitunixgroup.c,
src/polkit/polkitunixprocess.c, src/polkit/polkitunixuser.c.
- debian/patches/CVE-2018-19788-2.patch: add tests to
test/data/etc/group, test/data/etc/passwd,
test/data/etc/polkit-1/localauthority/10-test/com.example.pkla,
test/polkitbackend/polkitbackendlocalauthoritytest.c.
- debian/patches/CVE-2018-19788-3.patch: allow uid of -1 for a
PolkitUnixProcess in src/polkit/polkitunixprocess.c.
- CVE-2018-19788
-- Marc Deslauriers <email address hidden> Tue, 15 Jan 2019 08:18:22 -0500
-
policykit-1 (0.105-20ubuntu0.18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: DoS and information disclosure
- debian/patches/CVE-2018-1116.patch: properly check UID in
src/polkit/polkitprivate.h, src/polkit/polkitunixprocess.c,
src/polkitbackend/polkitbackendinteractiveauthority.c,
src/polkitbackend/polkitbackendsessionmonitor-systemd.c,
src/polkitbackend/polkitbackendsessionmonitor.c,
src/polkitbackend/polkitbackendsessionmonitor.h.
- debian/libpolkit-gobject-1-0.symbols: updated for new private symbol.
- CVE-2018-1116
-- Marc Deslauriers <email address hidden> Fri, 13 Jul 2018 07:42:06 -0400
-
policykit-1 (0.105-20) unstable; urgency=medium
* Team upload
* d/p/0.108/build-Fix-.gir-generation-for-parallel-make.patch:
Add patch from upstream to fix parallel builds (Closes: #894205)
-- Simon McVittie <email address hidden> Tue, 27 Mar 2018 13:50:28 +0100
-
policykit-1 (0.105-18) unstable; urgency=medium
* Team upload.
* master/Add-gettext-support-for-.policy-files.patch: Backport from master:
Add .loc and .its files so that gettext can be used to translate policy
files. Some upstreams, particularly those that are switching to meson,
expect these files to be present so that their PK policy files can be
translated. (Closes: #863207)
-- Iain Lane <email address hidden> Wed, 24 May 2017 11:21:35 +0100