diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2018-08-24 19:18:27 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2018-08-24 19:18:27 +0000 |
| commit | 441a6f1d891d6dd121161abcc6ff0a18e7af9305 (patch) | |
| tree | dfcd42c888a89cb50c235acee313d23a01ccfc05 | |
| parent | d1a99dd6039c04d08a038839a1829901ef4aa910 (diff) | |
| download | pkgsrc-441a6f1d891d6dd121161abcc6ff0a18e7af9305.tar.gz | |
Pullup ticket #5814 - requested by wiz
security/polkit: security fix
Revisions pulled up:
- security/polkit/Makefile 1.12
- security/polkit/distinfo 1.8
- security/polkit/patches/patch-src_polkit_polkitunixprocess.c 1.6
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Aug 16 12:30:43 UTC 2018
Modified Files:
pkgsrc/security/polkit: Makefile distinfo
pkgsrc/security/polkit/patches: patch-src_polkit_polkitunixprocess.c
Log Message:
polkit: update to 0.115.
This is polkit 0.115.
Highlights:
Fixes CVE-2018-1116, a local information disclosure and denial of service
caused by trusting client-submitted UIDs when referencing processes.
Thanks to Matthias Gerstner of the SUSE security team for reporting
this issue.
Changes since polkit 0.114:
Miloslav Trmač (1):
Fix CVE-2018-1116: Trusting client-supplied UID
Ray Strode (3):
Post-release version bump to 0.115
jsauthority: pass "%s" format string to remaining report function
NEWS: fix date from 2017 to 2018 for 0.114 entry
| -rw-r--r-- | security/polkit/Makefile | 5 | ||||
| -rw-r--r-- | security/polkit/distinfo | 12 | ||||
| -rw-r--r-- | security/polkit/patches/patch-src_polkit_polkitunixprocess.c | 8 |
3 files changed, 12 insertions, 13 deletions
diff --git a/security/polkit/Makefile b/security/polkit/Makefile index ad66807a71f..e1301071f3a 100644 --- a/security/polkit/Makefile +++ b/security/polkit/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.11 2018/06/04 01:23:41 youri Exp $ +# $NetBSD: Makefile,v 1.11.2.1 2018/08/24 19:18:27 bsiegert Exp $ -DISTNAME= polkit-0.114 -PKGREVISION= 1 +DISTNAME= polkit-0.115 CATEGORIES= security MASTER_SITES= http://www.freedesktop.org/software/polkit/releases/ diff --git a/security/polkit/distinfo b/security/polkit/distinfo index e9575912622..f6a7589161a 100644 --- a/security/polkit/distinfo +++ b/security/polkit/distinfo @@ -1,10 +1,10 @@ -$NetBSD: distinfo,v 1.7 2018/05/15 09:09:21 jperkin Exp $ +$NetBSD: distinfo,v 1.7.2.1 2018/08/24 19:18:27 bsiegert Exp $ -SHA1 (polkit-0.114.tar.gz) = f29deef0076e76588f209a028a3e33ef70c2d9cd -RMD160 (polkit-0.114.tar.gz) = 000749a5f902b9be347f462d486bed20f8bbe8d5 -SHA512 (polkit-0.114.tar.gz) = 49cdf9dd3663714b1c6569ad8740cb413d9c5bd5c11e4bdbba3ce82b744f36638b652547edff9203caab9287834bc68a1d6a4895ec7a188fa1524dc1e9c9b4ea -Size (polkit-0.114.tar.gz) = 1557340 bytes -SHA1 (patch-src_polkit_polkitunixprocess.c) = eae7cbfe3c9b179e29375f690283f2b80adce306 +SHA1 (polkit-0.115.tar.gz) = 208b7e44fcf0f515d067d37307af9ea1419eb305 +RMD160 (polkit-0.115.tar.gz) = fd98c3a4faf76c6adc021dff63f9a6cfd1804959 +SHA512 (polkit-0.115.tar.gz) = 1153011fa93145b2c184e6b3446d3ca21b38918641aeccd8fac3985ac3e30ec6bc75be6973985fde90f2a24236592f1595be259155061c2d33358dd17c4ee4fc +Size (polkit-0.115.tar.gz) = 1550932 bytes +SHA1 (patch-src_polkit_polkitunixprocess.c) = 88818b7b64502f64eade34ad379c07f2b0fd1aea SHA1 (patch-src_polkitbackend_polkitbackendinteractiveauthority.c) = dd91b4e74e6c39f24e0f5a9b3150fdac12899cb5 SHA1 (patch-src_polkitbackend_polkitbackendjsauthority.cpp) = 43e8ec118601e978435d66ba805c35bc3db24b17 SHA1 (patch-src_polkitbackend_polkitd.c) = b8e11b40e2b171d4f030eb4c4cbc6fdc7a96b2c2 diff --git a/security/polkit/patches/patch-src_polkit_polkitunixprocess.c b/security/polkit/patches/patch-src_polkit_polkitunixprocess.c index 495cd8d7b4b..cf000b1c355 100644 --- a/security/polkit/patches/patch-src_polkit_polkitunixprocess.c +++ b/security/polkit/patches/patch-src_polkit_polkitunixprocess.c @@ -1,9 +1,9 @@ -$NetBSD: patch-src_polkit_polkitunixprocess.c,v 1.5 2018/05/15 09:09:22 jperkin Exp $ +$NetBSD: patch-src_polkit_polkitunixprocess.c,v 1.5.2.1 2018/08/24 19:18:27 bsiegert Exp $ Fix SunOS includes. Fix pid_t type. ---- src/polkit/polkitunixprocess.c.orig 2018-03-23 15:09:30.000000000 +0000 +--- src/polkit/polkitunixprocess.c.orig 2018-06-25 13:55:45.000000000 +0000 +++ src/polkit/polkitunixprocess.c @@ -24,6 +24,11 @@ #endif @@ -17,7 +17,7 @@ Fix pid_t type. #ifdef HAVE_FREEBSD #include <sys/param.h> #include <sys/sysctl.h> -@@ -87,7 +92,7 @@ enum +@@ -95,7 +100,7 @@ enum static void subject_iface_init (PolkitSubjectIface *subject_iface); @@ -25,4 +25,4 @@ Fix pid_t type. +static guint64 get_start_time_for_pid (pid_t pid, GError **error); - static gint _polkit_unix_process_get_owner (PolkitUnixProcess *process, + #if defined(HAVE_FREEBSD) || defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) |