-
policykit-1 (0.105-31ubuntu0.2) impish-security; urgency=medium
* SECURITY UPDATE: DoS via file descriptor leak
- debian/patches/CVE-2021-4115.patch: wait for both calls in
src/polkit/polkitsystembusname.c.
- CVE-2021-4115
* debian/patches/CVE-2021-4034.patch: replaced with final upstream
version.
-- Marc Deslauriers <email address hidden> Mon, 21 Feb 2022 07:58:33 -0500
-
policykit-1 (0.105-31ubuntu0.1) impish-security; urgency=medium
* SECURITY UPDATE: Local Privilege Escalation in pkexec
- debian/patches/CVE-2021-4034.patch: properly handle command-line
arguments in src/programs/pkcheck.c, src/programs/pkexec.c.
- CVE-2021-4034
-- Marc Deslauriers <email address hidden> Wed, 12 Jan 2022 07:30:52 -0500
-
policykit-1 (0.105-31) unstable; urgency=medium
[ Salvatore Bonaccorso ]
* d/p/CVE-2021-3560.patch:
Fix local privilege escalation involving
polkit_system_bus_name_get_creds_sync() (CVE-2021-3560)
(Closes: #989429)
-- Simon McVittie <email address hidden> Thu, 03 Jun 2021 17:06:34 +0100
-
policykit-1 (0.105-30) unstable; urgency=medium
[ Helmut Grohne ]
* Annotate Build-Depends: dbus <!nocheck> (Closes: #980998)
-- Simon McVittie <email address hidden> Thu, 04 Feb 2021 13:56:09 +0000