CVE-2021-3560 mitigation
Resolves: CVE-2021-3560
This commit is contained in:
parent
6467a76032
commit
60e5c5e4c3
13
CVE-2021-3560.patch
Normal file
13
CVE-2021-3560.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
--- a/src/polkit/polkitsystembusname.c
|
||||||
|
+++ b/src/polkit/polkitsystembusname.c
|
||||||
|
@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus
|
||||||
|
while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
|
||||||
|
g_main_context_iteration (tmp_context, TRUE);
|
||||||
|
|
||||||
|
+ if (data.caught_error)
|
||||||
|
+ goto out;
|
||||||
|
+
|
||||||
|
if (out_uid)
|
||||||
|
*out_uid = data.uid;
|
||||||
|
if (out_pid)
|
||||||
|
|
@ -6,13 +6,16 @@
|
|||||||
Summary: An authorization framework
|
Summary: An authorization framework
|
||||||
Name: polkit
|
Name: polkit
|
||||||
Version: 0.118
|
Version: 0.118
|
||||||
Release: 1%{?dist}
|
Release: 2%{?dist}
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
URL: http://www.freedesktop.org/wiki/Software/polkit
|
URL: http://www.freedesktop.org/wiki/Software/polkit
|
||||||
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
||||||
Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign
|
Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign
|
||||||
|
|
||||||
|
|
||||||
|
Patch1: CVE-2021-3560.patch
|
||||||
|
|
||||||
|
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
BuildRequires: glib2-devel >= 2.30.0
|
BuildRequires: glib2-devel >= 2.30.0
|
||||||
BuildRequires: expat-devel
|
BuildRequires: expat-devel
|
||||||
@ -175,6 +178,10 @@ exit 0
|
|||||||
%{_libdir}/girepository-1.0/*.typelib
|
%{_libdir}/girepository-1.0/*.typelib
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu May 20 2021 Jan Rybar <jrybar@redhat.com> - 0.118-2
|
||||||
|
- CVE-2021-3560 mitigation
|
||||||
|
- Resolves: CVE-2021-3560
|
||||||
|
|
||||||
* Mon Apr 26 2021 Jan Rybar <jrybar@redhat.com> - 0.118-1
|
* Mon Apr 26 2021 Jan Rybar <jrybar@redhat.com> - 0.118-1
|
||||||
- rebase to 0.118
|
- rebase to 0.118
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user