summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbsiegert <bsiegert@pkgsrc.org>2018-08-24 19:18:27 +0000
committerbsiegert <bsiegert@pkgsrc.org>2018-08-24 19:18:27 +0000
commit441a6f1d891d6dd121161abcc6ff0a18e7af9305 (patch)
treedfcd42c888a89cb50c235acee313d23a01ccfc05
parentd1a99dd6039c04d08a038839a1829901ef4aa910 (diff)
downloadpkgsrc-441a6f1d891d6dd121161abcc6ff0a18e7af9305.tar.gz
Pullup ticket #5814 - requested by wiz
security/polkit: security fix Revisions pulled up: - security/polkit/Makefile 1.12 - security/polkit/distinfo 1.8 - security/polkit/patches/patch-src_polkit_polkitunixprocess.c 1.6 --- Module Name: pkgsrc Committed By: wiz Date: Thu Aug 16 12:30:43 UTC 2018 Modified Files: pkgsrc/security/polkit: Makefile distinfo pkgsrc/security/polkit/patches: patch-src_polkit_polkitunixprocess.c Log Message: polkit: update to 0.115. This is polkit 0.115. Highlights: Fixes CVE-2018-1116, a local information disclosure and denial of service caused by trusting client-submitted UIDs when referencing processes. Thanks to Matthias Gerstner of the SUSE security team for reporting this issue. Changes since polkit 0.114: Miloslav Trmač (1): Fix CVE-2018-1116: Trusting client-supplied UID Ray Strode (3): Post-release version bump to 0.115 jsauthority: pass "%s" format string to remaining report function NEWS: fix date from 2017 to 2018 for 0.114 entry
-rw-r--r--security/polkit/Makefile5
-rw-r--r--security/polkit/distinfo12
-rw-r--r--security/polkit/patches/patch-src_polkit_polkitunixprocess.c8
3 files changed, 12 insertions, 13 deletions
diff --git a/security/polkit/Makefile b/security/polkit/Makefile
index ad66807a71f..e1301071f3a 100644
--- a/security/polkit/Makefile
+++ b/security/polkit/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.11 2018/06/04 01:23:41 youri Exp $
+# $NetBSD: Makefile,v 1.11.2.1 2018/08/24 19:18:27 bsiegert Exp $
-DISTNAME= polkit-0.114
-PKGREVISION= 1
+DISTNAME= polkit-0.115
CATEGORIES= security
MASTER_SITES= http://www.freedesktop.org/software/polkit/releases/
diff --git a/security/polkit/distinfo b/security/polkit/distinfo
index e9575912622..f6a7589161a 100644
--- a/security/polkit/distinfo
+++ b/security/polkit/distinfo
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.7 2018/05/15 09:09:21 jperkin Exp $
+$NetBSD: distinfo,v 1.7.2.1 2018/08/24 19:18:27 bsiegert Exp $
-SHA1 (polkit-0.114.tar.gz) = f29deef0076e76588f209a028a3e33ef70c2d9cd
-RMD160 (polkit-0.114.tar.gz) = 000749a5f902b9be347f462d486bed20f8bbe8d5
-SHA512 (polkit-0.114.tar.gz) = 49cdf9dd3663714b1c6569ad8740cb413d9c5bd5c11e4bdbba3ce82b744f36638b652547edff9203caab9287834bc68a1d6a4895ec7a188fa1524dc1e9c9b4ea
-Size (polkit-0.114.tar.gz) = 1557340 bytes
-SHA1 (patch-src_polkit_polkitunixprocess.c) = eae7cbfe3c9b179e29375f690283f2b80adce306
+SHA1 (polkit-0.115.tar.gz) = 208b7e44fcf0f515d067d37307af9ea1419eb305
+RMD160 (polkit-0.115.tar.gz) = fd98c3a4faf76c6adc021dff63f9a6cfd1804959
+SHA512 (polkit-0.115.tar.gz) = 1153011fa93145b2c184e6b3446d3ca21b38918641aeccd8fac3985ac3e30ec6bc75be6973985fde90f2a24236592f1595be259155061c2d33358dd17c4ee4fc
+Size (polkit-0.115.tar.gz) = 1550932 bytes
+SHA1 (patch-src_polkit_polkitunixprocess.c) = 88818b7b64502f64eade34ad379c07f2b0fd1aea
SHA1 (patch-src_polkitbackend_polkitbackendinteractiveauthority.c) = dd91b4e74e6c39f24e0f5a9b3150fdac12899cb5
SHA1 (patch-src_polkitbackend_polkitbackendjsauthority.cpp) = 43e8ec118601e978435d66ba805c35bc3db24b17
SHA1 (patch-src_polkitbackend_polkitd.c) = b8e11b40e2b171d4f030eb4c4cbc6fdc7a96b2c2
diff --git a/security/polkit/patches/patch-src_polkit_polkitunixprocess.c b/security/polkit/patches/patch-src_polkit_polkitunixprocess.c
index 495cd8d7b4b..cf000b1c355 100644
--- a/security/polkit/patches/patch-src_polkit_polkitunixprocess.c
+++ b/security/polkit/patches/patch-src_polkit_polkitunixprocess.c
@@ -1,9 +1,9 @@
-$NetBSD: patch-src_polkit_polkitunixprocess.c,v 1.5 2018/05/15 09:09:22 jperkin Exp $
+$NetBSD: patch-src_polkit_polkitunixprocess.c,v 1.5.2.1 2018/08/24 19:18:27 bsiegert Exp $
Fix SunOS includes.
Fix pid_t type.
---- src/polkit/polkitunixprocess.c.orig 2018-03-23 15:09:30.000000000 +0000
+--- src/polkit/polkitunixprocess.c.orig 2018-06-25 13:55:45.000000000 +0000
+++ src/polkit/polkitunixprocess.c
@@ -24,6 +24,11 @@
#endif
@@ -17,7 +17,7 @@ Fix pid_t type.
#ifdef HAVE_FREEBSD
#include <sys/param.h>
#include <sys/sysctl.h>
-@@ -87,7 +92,7 @@ enum
+@@ -95,7 +100,7 @@ enum
static void subject_iface_init (PolkitSubjectIface *subject_iface);
@@ -25,4 +25,4 @@ Fix pid_t type.
+static guint64 get_start_time_for_pid (pid_t pid,
GError **error);
- static gint _polkit_unix_process_get_owner (PolkitUnixProcess *process,
+ #if defined(HAVE_FREEBSD) || defined(HAVE_NETBSD) || defined(HAVE_OPENBSD)