policykit-1 0.105-20ubuntu0.18.04.4 source package in Ubuntu

Changelog

policykit-1 (0.105-20ubuntu0.18.04.4) bionic-security; urgency=medium

  * SECURITY UPDATE: authorization bypass with large uid
    - debian/patches/CVE-2018-19788-1.patch: allow negative uids/gids in
      PolkitUnixUser and Group objects in src/polkit/polkitunixgroup.c,
      src/polkit/polkitunixprocess.c, src/polkit/polkitunixuser.c.
    - debian/patches/CVE-2018-19788-2.patch: add tests to
      test/data/etc/group, test/data/etc/passwd,
      test/data/etc/polkit-1/localauthority/10-test/com.example.pkla,
      test/polkitbackend/polkitbackendlocalauthoritytest.c.
    - debian/patches/CVE-2018-19788-3.patch: allow uid of -1 for a
      PolkitUnixProcess in src/polkit/polkitunixprocess.c.
    - CVE-2018-19788

 -- Marc Deslauriers <email address hidden>  Tue, 15 Jan 2019 08:18:22 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2019-01-15
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
policykit-1_0.105.orig.tar.gz 1.4 MiB 8fdc7cc8ba4750fcce1a4db9daa759c12afebc7901237e1c993c38f08985e1df
policykit-1_0.105-20ubuntu0.18.04.4.debian.tar.xz 49.6 KiB 83e27ac097bd77888fc0390d5527b36d0e4fe1b5626412f5777cc819e233608b
policykit-1_0.105-20ubuntu0.18.04.4.dsc 3.0 KiB ee574688c9ac78553e32492f01a2f8ea8b97693803ae6b8b2120fc53a67f4da7

View changes file

Binary packages built by this source

gir1.2-polkit-1.0: GObject introspection data for PolicyKit

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains introspection data for PolicyKit.
 .
 It can be used by packages using the GIRepository format to generate
 dynamic bindings.

libpolkit-agent-1-0: PolicyKit Authentication Agent API

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains a library for accessing the authentication agent.

libpolkit-agent-1-0-dbgsym: debug symbols for libpolkit-agent-1-0
libpolkit-agent-1-dev: PolicyKit Authentication Agent API - development files

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains the development files for the library found in
 libpolkit-agent-1-0.

libpolkit-backend-1-0: PolicyKit backend API

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains a library for implementing authentication backends.

libpolkit-backend-1-0-dbgsym: debug symbols for libpolkit-backend-1-0
libpolkit-backend-1-dev: PolicyKit backend API - development files

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains the development files for the library found in
 libpolkit-backend-1-0.

libpolkit-gobject-1-0: PolicyKit Authorization API

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains a library for accessing PolicyKit.

libpolkit-gobject-1-0-dbgsym: debug symbols for libpolkit-gobject-1-0
libpolkit-gobject-1-dev: PolicyKit Authorization API - development files

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains the development files for the library found in
 libpolkit-gobject-1-0.

policykit-1: framework for managing administrative policies and privileges

 PolicyKit is an application-level toolkit for defining and handling the policy
 that allows unprivileged processes to speak to privileged processes.
 .
 It is a framework for centralizing the decision making process with respect to
 granting access to privileged operations for unprivileged (desktop)
 applications.

policykit-1-dbgsym: debug symbols for policykit-1
policykit-1-doc: documentation for PolicyKit-1

 PolicyKit is a toolkit for defining and handling the policy that
 allows unprivileged processes to speak to privileged processes.
 .
 This package contains the API documentation of PolicyKit.