Avoid unix-process authorization subject when using polkit (bug #1009541, CVE-2013-4325).

Resolves: rhbz#1009541
This commit is contained in:
Tim Waugh 2013-09-18 17:43:05 +01:00
parent b5dbf8cf03
commit c06157892d
2 changed files with 31 additions and 1 deletions

21
hplip-CVE-2013-4325.patch Normal file
View File

@ -0,0 +1,21 @@
diff -up hplip-3.13.7/base/pkit.py.CVE-2013-4325 hplip-3.13.7/base/pkit.py
--- hplip-3.13.7/base/pkit.py.CVE-2013-4325 2013-07-23 06:18:29.000000000 +0100
+++ hplip-3.13.7/base/pkit.py 2013-09-11 10:54:13.252419283 +0100
@@ -176,15 +176,10 @@ class PolicyKitService(dbus.service.Obje
"/org/freedesktop/PolicyKit1/Authority",
"org.freedesktop.PolicyKit1.Authority")
policy_kit = dbus.Interface(obj, "org.freedesktop.PolicyKit1.Authority")
- info = dbus.Interface(connection.get_object("org.freedesktop.DBus",
- "/org/freedesktop/DBus/Bus",
- False),
- "org.freedesktop.DBus")
- pid = info.GetConnectionUnixProcessID(sender)
subject = (
- 'unix-process',
- { 'pid' : dbus.UInt32(pid, variant_level = 1) }
+ 'system-bus-name',
+ { 'name' : dbus.String(sender, variant_level = 1) }
)
details = { '' : '' }
flags = dbus.UInt32(1) # AllowUserInteraction = 0x00000001

View File

@ -7,7 +7,7 @@
Summary: HP Linux Imaging and Printing Project
Name: hplip
Version: 3.13.9
Release: 1%{?dist}
Release: 2%{?dist}
License: GPLv2+ and MIT
Group: System Environment/Daemons
@ -37,6 +37,7 @@ Patch19: hplip-makefile-chgrp.patch
Patch20: hplip-hpaio-localonly.patch
Patch21: hplip-check.patch
Patch22: hplip-mkstemp.patch
Patch23: hplip-CVE-2013-4325.patch
%global hpijs_epoch 1
Requires: hpijs%{?_isa} = %{hpijs_epoch}:%{version}-%{release}
@ -258,6 +259,10 @@ done
# Avoid several bugs in createTempFile (bug #925032).
%patch22 -p1 -b .mkstemp
# Applied patch to avoid unix-process authorization subject when using
# polkit as it is racy (CVE-2013-4325).
%patch23 -p1 -b .CVE-2013-4325
sed -i.duplex-constraints \
-e 's,\(UIConstraints.* \*Duplex\),//\1,' \
prnt/drv/hpcups.drv.in
@ -487,6 +492,10 @@ rm -f %{buildroot}%{_sysconfdir}/xdg/autostart/hplip-systray.desktop
%postun libs -p /sbin/ldconfig
%changelog
* Wed Sep 18 2013 Tim Waugh <twaugh@redhat.com> - 3.13.9-2
- Applied patch to avoid unix-process authorization subject when using
polkit as it is racy (bug #1009541, CVE-2013-4325).
* Tue Sep 10 2013 Jiri Popelka <jpopelka@redhat.com> - 3.13.9-1
- 3.13.9: hplipjs filter removed, several patches applied upstream