UbuntuUpdates.org

Package "policykit-1"

Name: policykit-1

Description:

framework for managing administrative policies and privileges

Latest version: 0.105-31ubuntu0.2
Release: impish (21.10)
Level: updates
Repository: main
Homepage: https://www.freedesktop.org/wiki/Software/polkit/

Links


Download "policykit-1"


Other versions of "policykit-1" in Impish

Repository Area Version
base main 0.105-31
security main 0.105-31ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.105-31ubuntu0.2 2022-02-28 14:07:18 UTC

  policykit-1 (0.105-31ubuntu0.2) impish-security; urgency=medium

  * SECURITY UPDATE: DoS via file descriptor leak
    - debian/patches/CVE-2021-4115.patch: wait for both calls in
      src/polkit/polkitsystembusname.c.
    - CVE-2021-4115
  * debian/patches/CVE-2021-4034.patch: replaced with final upstream
    version.

 -- Marc Deslauriers <email address hidden> Mon, 21 Feb 2022 07:58:33 -0500

Source diff to previous version
CVE-2021-4115 There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threa
CVE-2021-4034 A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileg

Version: 0.105-31ubuntu0.1 2022-01-25 21:06:35 UTC

  policykit-1 (0.105-31ubuntu0.1) impish-security; urgency=medium

  * SECURITY UPDATE: Local Privilege Escalation in pkexec
    - debian/patches/CVE-2021-4034.patch: properly handle command-line
      arguments in src/programs/pkcheck.c, src/programs/pkexec.c.
    - CVE-2021-4034

 -- Marc Deslauriers <email address hidden> Wed, 12 Jan 2022 07:30:52 -0500




About   -   Send Feedback to @ubuntu_updates