./security/polkit, Authorization Manager

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q2, Version: 0.115, Package name: polkit-0.115, Maintainer: pkgsrc-users

PolicyKit is a toolkit for defining and handling authorizations. It
is used for allowing unprivileged processes to speak to privileged
processes.


Required to run:
[devel/glib2] [lang/spidermonkey52]

Required to build:
[pkgtools/cwrappers] [textproc/docbook-xsl] [textproc/libxslt]

Package options: pam

Master sites:

SHA1: 208b7e44fcf0f515d067d37307af9ea1419eb305
RMD160: fd98c3a4faf76c6adc021dff63f9a6cfd1804959
Filesize: 1514.582 KB

Version history: (Expand)

CVS history: (Expand)


   2018-08-24 21:18:27 by Benny Siegert | Files touched by this commit (3) | Package updated
Log message:
Pullup ticket #5814 - requested by wiz
security/polkit: security fix

Revisions pulled up:
- security/polkit/Makefile                                      1.12
- security/polkit/distinfo                                      1.8
- security/polkit/patches/patch-src_polkit_polkitunixprocess.c  1.6

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Thu Aug 16 12:30:43 UTC 2018

   Modified Files:
   	pkgsrc/security/polkit: Makefile distinfo
   	pkgsrc/security/polkit/patches: patch-src_polkit_polkitunixprocess.c

   Log message:
   polkit: update to 0.115.

   This is polkit 0.115.

   Highlights:
    Fixes CVE-2018-1116, a local information disclosure and denial of service
    caused by trusting client-submitted UIDs when referencing processes.
    Thanks to Matthias Gerstner of the SUSE security team for reporting
    this issue.

   Changes since polkit 0.114:

   Miloslav Trmač (1):
         Fix CVE-2018-1116: Trusting client-supplied UID

   Ray Strode (3):
         Post-release version bump to 0.115
         jsauthority: pass "%s" format string to remaining report function
         NEWS: fix date from 2017 to 2018 for 0.114 entry