pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2018Q2]: pkgsrc/security/polkit Pullup ticket #5814 - requeste...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/3d42367a767f
branches:  pkgsrc-2018Q2
changeset: 408432:3d42367a767f
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Fri Aug 24 19:18:27 2018 +0000

description:
Pullup ticket #5814 - requested by wiz
security/polkit: security fix

Revisions pulled up:
- security/polkit/Makefile                                      1.12
- security/polkit/distinfo                                      1.8
- security/polkit/patches/patch-src_polkit_polkitunixprocess.c  1.6

---
   Module Name: pkgsrc
   Committed By:        wiz
   Date:                Thu Aug 16 12:30:43 UTC 2018

   Modified Files:
        pkgsrc/security/polkit: Makefile distinfo
        pkgsrc/security/polkit/patches: patch-src_polkit_polkitunixprocess.c

   Log Message:
   polkit: update to 0.115.

   This is polkit 0.115.

   Highlights:
    Fixes CVE-2018-1116, a local information disclosure and denial of service
    caused by trusting client-submitted UIDs when referencing processes.
    Thanks to Matthias Gerstner of the SUSE security team for reporting
    this issue.

   Changes since polkit 0.114:

   Miloslav Trma? (1):
         Fix CVE-2018-1116: Trusting client-supplied UID

   Ray Strode (3):
         Post-release version bump to 0.115
         jsauthority: pass "%s" format string to remaining report function
         NEWS: fix date from 2017 to 2018 for 0.114 entry

diffstat:

 security/polkit/Makefile                                     |   5 ++---
 security/polkit/distinfo                                     |  12 ++++++------
 security/polkit/patches/patch-src_polkit_polkitunixprocess.c |   8 ++++----
 3 files changed, 12 insertions(+), 13 deletions(-)

diffs (63 lines):

diff -r 3aa9eee13fe9 -r 3d42367a767f security/polkit/Makefile
--- a/security/polkit/Makefile  Fri Aug 24 11:32:02 2018 +0000
+++ b/security/polkit/Makefile  Fri Aug 24 19:18:27 2018 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.11 2018/06/04 01:23:41 youri Exp $
+# $NetBSD: Makefile,v 1.11.2.1 2018/08/24 19:18:27 bsiegert Exp $
 
-DISTNAME=      polkit-0.114
-PKGREVISION=   1
+DISTNAME=      polkit-0.115
 CATEGORIES=    security
 MASTER_SITES=  http://www.freedesktop.org/software/polkit/releases/
 
diff -r 3aa9eee13fe9 -r 3d42367a767f security/polkit/distinfo
--- a/security/polkit/distinfo  Fri Aug 24 11:32:02 2018 +0000
+++ b/security/polkit/distinfo  Fri Aug 24 19:18:27 2018 +0000
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.7 2018/05/15 09:09:21 jperkin Exp $
+$NetBSD: distinfo,v 1.7.2.1 2018/08/24 19:18:27 bsiegert Exp $
 
-SHA1 (polkit-0.114.tar.gz) = f29deef0076e76588f209a028a3e33ef70c2d9cd
-RMD160 (polkit-0.114.tar.gz) = 000749a5f902b9be347f462d486bed20f8bbe8d5
-SHA512 (polkit-0.114.tar.gz) = 49cdf9dd3663714b1c6569ad8740cb413d9c5bd5c11e4bdbba3ce82b744f36638b652547edff9203caab9287834bc68a1d6a4895ec7a188fa1524dc1e9c9b4ea
-Size (polkit-0.114.tar.gz) = 1557340 bytes
-SHA1 (patch-src_polkit_polkitunixprocess.c) = eae7cbfe3c9b179e29375f690283f2b80adce306
+SHA1 (polkit-0.115.tar.gz) = 208b7e44fcf0f515d067d37307af9ea1419eb305
+RMD160 (polkit-0.115.tar.gz) = fd98c3a4faf76c6adc021dff63f9a6cfd1804959
+SHA512 (polkit-0.115.tar.gz) = 1153011fa93145b2c184e6b3446d3ca21b38918641aeccd8fac3985ac3e30ec6bc75be6973985fde90f2a24236592f1595be259155061c2d33358dd17c4ee4fc
+Size (polkit-0.115.tar.gz) = 1550932 bytes
+SHA1 (patch-src_polkit_polkitunixprocess.c) = 88818b7b64502f64eade34ad379c07f2b0fd1aea
 SHA1 (patch-src_polkitbackend_polkitbackendinteractiveauthority.c) = dd91b4e74e6c39f24e0f5a9b3150fdac12899cb5
 SHA1 (patch-src_polkitbackend_polkitbackendjsauthority.cpp) = 43e8ec118601e978435d66ba805c35bc3db24b17
 SHA1 (patch-src_polkitbackend_polkitd.c) = b8e11b40e2b171d4f030eb4c4cbc6fdc7a96b2c2
diff -r 3aa9eee13fe9 -r 3d42367a767f security/polkit/patches/patch-src_polkit_polkitunixprocess.c
--- a/security/polkit/patches/patch-src_polkit_polkitunixprocess.c      Fri Aug 24 11:32:02 2018 +0000
+++ b/security/polkit/patches/patch-src_polkit_polkitunixprocess.c      Fri Aug 24 19:18:27 2018 +0000
@@ -1,9 +1,9 @@
-$NetBSD: patch-src_polkit_polkitunixprocess.c,v 1.5 2018/05/15 09:09:22 jperkin Exp $
+$NetBSD: patch-src_polkit_polkitunixprocess.c,v 1.5.2.1 2018/08/24 19:18:27 bsiegert Exp $
 
 Fix SunOS includes.
 Fix pid_t type.
 
---- src/polkit/polkitunixprocess.c.orig        2018-03-23 15:09:30.000000000 +0000
+--- src/polkit/polkitunixprocess.c.orig        2018-06-25 13:55:45.000000000 +0000
 +++ src/polkit/polkitunixprocess.c
 @@ -24,6 +24,11 @@
  #endif
@@ -17,7 +17,7 @@
  #ifdef HAVE_FREEBSD
  #include <sys/param.h>
  #include <sys/sysctl.h>
-@@ -87,7 +92,7 @@ enum
+@@ -95,7 +100,7 @@ enum
  
  static void subject_iface_init (PolkitSubjectIface *subject_iface);
  
@@ -25,4 +25,4 @@
 +static guint64 get_start_time_for_pid (pid_t pid,
                                         GError **error);
  
- static gint _polkit_unix_process_get_owner (PolkitUnixProcess  *process,
+ #if defined(HAVE_FREEBSD) || defined(HAVE_NETBSD) || defined(HAVE_OPENBSD)



Home | Main Index | Thread Index | Old Index