Path to this page:
Subject: CVS commit: pkgsrc/security/polkit
From: Thomas Klausner
Date: 2020-04-05 08:14:08
Message id: 20200405061408.3CF99FB27@cvs.NetBSD.org
Log Message:
polkit: update to 0.116.
This is polkit 0.116.
Highlights:
Fix of CVE-2018-19788, high UIDs caused overflow in polkit;
Fix of CVE-2019-6133, kernel vulnerability (Slowfork) allowed local privilege \
escalation.
Changes since polkit 0.115:
Kyle Walker:
Leaking zombie child processes
Jan Rybar:
Possible resource leak found by static analyzer
Output messages tuneup
Sanity fixes
pkttyagent tty echo disabled on SIGINT
Ray Strode:
HACKING: add link to Code of Conduct
Philip Withnall:
polkitbackend: comment typos fix
Zbigniew Jędrzejewski-Szmek:
configure.ac: fix detection of systemd with cgroups v2
CVE-2018-19788 High UIDs overflow fix
Colin Walters:
CVE-2019-6133 Slowfork vulnerability fix
Matthew Leeds:
Allow unset process-uid
Emmanuele Bassi
Port the JS authority to mozjs-60
Göran Uddeborg:
Use JS_EncodeStringToUTF8
Many thanks to all contributors!
Jan Rybar et al.,
April 25, 2019
Files: