Path to this page:
Subject: CVS commit: pkgsrc/security/polkit
From: Thomas Klausner
Date: 2018-08-16 14:30:43
Message id: 20180816123043.86B34FBEC@cvs.NetBSD.org
Log Message:
polkit: update to 0.115.
This is polkit 0.115.
Highlights:
Fixes CVE-2018-1116, a local information disclosure and denial of service
caused by trusting client-submitted UIDs when referencing processes.
Thanks to Matthias Gerstner of the SUSE security team for reporting
this issue.
Changes since polkit 0.114:
Miloslav Trmač (1):
Fix CVE-2018-1116: Trusting client-supplied UID
Ray Strode (3):
Post-release version bump to 0.115
jsauthority: pass "%s" format string to remaining report function
NEWS: fix date from 2017 to 2018 for 0.114 entry
Files: