-
policykit-1 (0.105-11ubuntu3) wily; urgency=medium
* Fix handling of multi-line helper output. (LP: #1510824)
-- Dariusz Gadomski <email address hidden> Fri, 20 Nov 2015 15:24:53 +0100
-
policykit-1 (0.105-11ubuntu2) wily; urgency=medium
* debian/policykit-1.{pre,pos}inst: Temporarily mask polkitd.service while
policykit-1 is unpackaged but not yet configured. During that time we
don't yet have our D-Bus policy in /etc so that polkitd cannot work yet.
This can be dropped once the D-Bus policy moves to /usr.
(Closes: #794723, LP: #1447654)
-- Martin Pitt <email address hidden> Tue, 20 Oct 2015 05:37:43 +0200
-
policykit-1 (0.105-11ubuntu1) wily; urgency=medium
* SECURITY UPDATE: heap corruption via duplicate ids
- debian/patches/CVE-2015-3255.patch: fix GHashTable usage in
src/polkitbackend/polkitbackendactionpool.c.
- CVE-2015-3255
* SECURITY UPDATE: denial of service via identical cookies
- debian/patches/CVE-2015-4625.patch: use unpredictable cookie values,
keep them secret, and bind them to specific uids in configure.ac,
data/org.freedesktop.PolicyKit1.AuthenticationAgent.xml,
data/org.freedesktop.PolicyKit1.Authority.xml,
docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.AuthenticationAgent.xml,
docs/polkit/docbook-interface-org.freedesktop.PolicyKit1.Authority.xml,
docs/polkit/overview.xml,
src/polkit/polkitauthority.c,
src/polkitagent/polkitagenthelper-pam.c,
src/polkitagent/polkitagenthelper-shadow.c,
src/polkitagent/polkitagenthelperprivate.c,
src/polkitagent/polkitagenthelperprivate.h,
src/polkitagent/polkitagentlistener.c,
src/polkitagent/polkitagentsession.c,
src/polkitbackend/polkitbackendauthority.c,
src/polkitbackend/polkitbackendauthority.h,
src/polkitbackend/polkitbackendinteractiveauthority.c.
- CVE-2015-4625
-- Marc Deslauriers <email address hidden> Tue, 08 Sep 2015 13:03:49 -0400
-
policykit-1 (0.105-11) unstable; urgency=medium
* Add 00git_invalid_object_paths.patch: backend: Handle invalid object paths
in RegisterAuthenticationAgent (CVE-2015-3218, Closes: #787932)
* policykit-1.postinst: Reload systemd before restarting polkitd.service, to
avoid "Warning: polkitd.service changed on disk". (Closes: #791397)
-- Martin Pitt <email address hidden> Fri, 10 Jul 2015 13:03:33 +0200
-
policykit-1 (0.105-10) unstable; urgency=medium
* Add 00git_type_registration.patch: Use GOnce for interface type
registration. Fixes frequent udisks segfault (LP: #1236510).
* Add 00git_fix_memleak.patch: Fix memory leak in EnumerateActions call
results handler. (LP: #1417637)
-- Martin Pitt <email address hidden> Wed, 08 Jul 2015 12:15:41 +0200
-
policykit-1 (0.105-8ubuntu3) vivid-proposed; urgency=medium
* policykit-1.postinst: Don't kill polkitd under systemd, but properly
restart it. This avoids killing it shortly after systemd tries to
bus-activate it on installation. (LP: #1447654)
-- Martin Pitt <email address hidden> Fri, 24 Apr 2015 16:56:30 +0100
-
policykit-1 (0.105-8ubuntu2) vivid; urgency=medium
* debian/patches/fix_memleak.patch:
authority: Fix memory leak in EnumerateActions call results handler
(lp: #1417637)
-- Luis Lucas <email address hidden> Tue, 03 Feb 2015 17:15:02 +0000
