policykit-1 0.105-14.1ubuntu0.4 source package in Ubuntu
Changelog
policykit-1 (0.105-14.1ubuntu0.4) xenial-security; urgency=medium
* SECURITY UPDATE: authorization bypass with large uid
- debian/patches/CVE-2018-19788-1.patch: allow negative uids/gids in
PolkitUnixUser and Group objects in src/polkit/polkitunixgroup.c,
src/polkit/polkitunixprocess.c, src/polkit/polkitunixuser.c.
- debian/patches/CVE-2018-19788-2.patch: add tests to
test/data/etc/group, test/data/etc/passwd,
test/data/etc/polkit-1/localauthority/10-test/com.example.pkla,
test/polkitbackend/polkitbackendlocalauthoritytest.c.
- debian/patches/CVE-2018-19788-3.patch: allow uid of -1 for a
PolkitUnixProcess in src/polkit/polkitunixprocess.c.
- CVE-2018-19788
-- Marc Deslauriers <email address hidden> Tue, 15 Jan 2019 08:19:19 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| policykit-1_0.105.orig.tar.gz | 1.4 MiB | 8fdc7cc8ba4750fcce1a4db9daa759c12afebc7901237e1c993c38f08985e1df |
| policykit-1_0.105-14.1ubuntu0.4.debian.tar.xz | 47.1 KiB | f189c83d030611c9c275c0042a2a75e59cb45b4ad21d012b3f24ed21862ae60e |
| policykit-1_0.105-14.1ubuntu0.4.dsc | 3.0 KiB | 3e2cc9cd34c45e997dedfaad1f8239fbc9969d196a433dc0340dbf220f1246bf |
Available diffs
Binary packages built by this source
- gir1.2-polkit-1.0: GObject introspection data for PolicyKit
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains introspection data for PolicyKit.
.
It can be used by packages using the GIRepository format to generate
dynamic bindings.
- libpolkit-agent-1-0: PolicyKit Authentication Agent API
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains a library for accessing the authentication agent.
- libpolkit-agent-1-0-dbgsym: debug symbols for package libpolkit-agent-1-0
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains a library for accessing the authentication agent.
- libpolkit-agent-1-dev: PolicyKit Authentication Agent API - development files
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains the development files for the library found in
libpolkit-agent-1- 0.
- libpolkit-backend-1-0: PolicyKit backend API
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains a library for implementing authentication backends.
- libpolkit-backend-1-0-dbgsym: debug symbols for package libpolkit-backend-1-0
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains a library for implementing authentication backends.
- libpolkit-backend-1-dev: PolicyKit backend API - development files
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains the development files for the library found in
libpolkit-backend- 1-0.
- libpolkit-gobject-1-0: PolicyKit Authorization API
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains a library for accessing PolicyKit.
- libpolkit-gobject-1-0-dbgsym: debug symbols for package libpolkit-gobject-1-0
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains a library for accessing PolicyKit.
- libpolkit-gobject-1-dev: PolicyKit Authorization API - development files
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains the development files for the library found in
libpolkit-gobject- 1-0.
- policykit-1: framework for managing administrative policies and privileges
PolicyKit is an application-level toolkit for defining and handling the policy
that allows unprivileged processes to speak to privileged processes.
.
It is a framework for centralizing the decision making process with respect to
granting access to privileged operations for unprivileged (desktop)
applications.
- policykit-1-dbgsym: debug symbols for package policykit-1
PolicyKit is an application-level toolkit for defining and handling the policy
that allows unprivileged processes to speak to privileged processes.
.
It is a framework for centralizing the decision making process with respect to
granting access to privileged operations for unprivileged (desktop)
applications.
- policykit-1-doc: documentation for PolicyKit-1
PolicyKit is a toolkit for defining and handling the policy that
allows unprivileged processes to speak to privileged processes.
.
This package contains the API documentation of PolicyKit.
