import polkit-0.115-15.el8
This commit is contained in:
parent
ec44a253c3
commit
617c950a8c
77
SOURCES/polkit-0.115-tty-flags-restore-if-changed.patch
Normal file
77
SOURCES/polkit-0.115-tty-flags-restore-if-changed.patch
Normal file
@ -0,0 +1,77 @@
|
|||||||
|
diff -up ./src/polkitagent/polkitagenttextlistener.c.ori ./src/polkitagent/polkitagenttextlistener.c
|
||||||
|
--- ./src/polkitagent/polkitagenttextlistener.c.ori 2018-05-31 13:52:23.000000000 +0200
|
||||||
|
+++ ./src/polkitagent/polkitagenttextlistener.c 2022-10-21 17:21:11.227665209 +0200
|
||||||
|
@@ -121,6 +121,12 @@ polkit_agent_text_listener_class_init (P
|
||||||
|
listener_class = POLKIT_AGENT_LISTENER_CLASS (klass);
|
||||||
|
listener_class->initiate_authentication = polkit_agent_text_listener_initiate_authentication;
|
||||||
|
listener_class->initiate_authentication_finish = polkit_agent_text_listener_initiate_authentication_finish;
|
||||||
|
+
|
||||||
|
+ g_signal_new("tty_attrs_changed",
|
||||||
|
+ G_TYPE_FROM_CLASS(gobject_class),
|
||||||
|
+ G_SIGNAL_RUN_LAST | G_SIGNAL_NO_RECURSE | G_SIGNAL_NO_HOOKS,
|
||||||
|
+ 0, NULL, NULL, NULL,
|
||||||
|
+ G_TYPE_NONE, 1, G_TYPE_BOOLEAN);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
@@ -268,6 +274,7 @@ on_request (PolkitAgentSession *session,
|
||||||
|
* the problem.
|
||||||
|
*/
|
||||||
|
|
||||||
|
+ g_signal_emit_by_name(listener, "tty_attrs_changed", TRUE);
|
||||||
|
tcgetattr (fileno (listener->tty), &ts);
|
||||||
|
ots = ts;
|
||||||
|
ts.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
|
||||||
|
@@ -296,6 +303,7 @@ on_request (PolkitAgentSession *session,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
tcsetattr (fileno (listener->tty), TCSAFLUSH, &ots);
|
||||||
|
+ g_signal_emit_by_name(listener, "tty_attrs_changed", FALSE);
|
||||||
|
putc ('\n', listener->tty);
|
||||||
|
|
||||||
|
polkit_agent_session_response (session, str->str);
|
||||||
|
diff -up ./src/programs/pkttyagent.c.ori ./src/programs/pkttyagent.c
|
||||||
|
--- ./src/programs/pkttyagent.c.ori 2020-01-28 14:16:32.000000000 +0100
|
||||||
|
+++ ./src/programs/pkttyagent.c 2022-10-21 16:56:12.449760361 +0200
|
||||||
|
@@ -34,6 +34,7 @@
|
||||||
|
|
||||||
|
|
||||||
|
static volatile sig_atomic_t tty_flags_saved;
|
||||||
|
+static volatile sig_atomic_t tty_flags_changed;
|
||||||
|
struct termios ts;
|
||||||
|
FILE *tty = NULL;
|
||||||
|
struct sigaction savesigterm, savesigint, savesigtstp;
|
||||||
|
@@ -54,7 +55,7 @@ static void tty_handler(int signal)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (tty_flags_saved)
|
||||||
|
+ if (tty_flags_saved && tty_flags_changed)
|
||||||
|
{
|
||||||
|
tcsetattr (fileno (tty), TCSADRAIN, &ts);
|
||||||
|
}
|
||||||
|
@@ -63,6 +64,14 @@ static void tty_handler(int signal)
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
+static void tty_attrs_changed(PolkitAgentListener *listener G_GNUC_UNUSED,
|
||||||
|
+ gboolean changed,
|
||||||
|
+ gpointer user_data G_GNUC_UNUSED)
|
||||||
|
+{
|
||||||
|
+ tty_flags_changed = changed;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+
|
||||||
|
int
|
||||||
|
main (int argc, char *argv[])
|
||||||
|
{
|
||||||
|
@@ -221,6 +230,9 @@ main (int argc, char *argv[])
|
||||||
|
ret = 127;
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
+ g_signal_connect(G_OBJECT(listener), "tty_attrs_changed",
|
||||||
|
+ G_CALLBACK(tty_attrs_changed), NULL);
|
||||||
|
+
|
||||||
|
local_agent_handle = polkit_agent_listener_register_with_options (listener,
|
||||||
|
POLKIT_AGENT_REGISTER_FLAGS_RUN_IN_THREAD,
|
||||||
|
subject,
|
@ -6,7 +6,7 @@
|
|||||||
Summary: An authorization framework
|
Summary: An authorization framework
|
||||||
Name: polkit
|
Name: polkit
|
||||||
Version: 0.115
|
Version: 0.115
|
||||||
Release: 13%{?dist}.2
|
Release: 15%{?dist}
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
URL: http://www.freedesktop.org/wiki/Software/polkit
|
URL: http://www.freedesktop.org/wiki/Software/polkit
|
||||||
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
||||||
@ -28,6 +28,7 @@ Patch11: polkit-0.115-pkttyagent-tcsaflush-batch-erase.patch
|
|||||||
Patch12: polkit-0.115-CVE-2021-3560.patch
|
Patch12: polkit-0.115-CVE-2021-3560.patch
|
||||||
Patch13: polkit-0.115-CVE-2021-4034.patch
|
Patch13: polkit-0.115-CVE-2021-4034.patch
|
||||||
Patch14: polkit-0.115-CVE-2021-4115.patch
|
Patch14: polkit-0.115-CVE-2021-4115.patch
|
||||||
|
Patch15: polkit-0.115-tty-flags-restore-if-changed.patch
|
||||||
|
|
||||||
|
|
||||||
BuildRequires: gcc-c++
|
BuildRequires: gcc-c++
|
||||||
@ -193,15 +194,15 @@ exit 0
|
|||||||
%{_libdir}/girepository-1.0/*.typelib
|
%{_libdir}/girepository-1.0/*.typelib
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
* Tue Feb 16 2022 Jan Rybar <jrybar@redhat.com> - 0.115-13.el8_5.2
|
* Tue Nov 08 2022 Jan Rybar <jrybar@redhat.com> - 0.115-15
|
||||||
- necessary version bump due to build versioning
|
- pkttyagent gets stopped if killed in the background
|
||||||
- Resolves: CVE-2021-4115
|
- Resolves: rhbz#2128989
|
||||||
|
|
||||||
* Tue Feb 15 2022 Jan Rybar <jrybar@redhat.com> - 0.115-12.el8_5.2
|
* Tue Feb 15 2022 Jan Rybar <jrybar@redhat.com> - 0.115-14
|
||||||
- file descriptor exhaustion (GHSL-2021-077)
|
- file descriptor exhaustion (GHSL-2021-077)
|
||||||
- Resolves: CVE-2021-4115
|
- Resolves: CVE-2021-4115
|
||||||
|
|
||||||
* Fri Dec 03 2021 Jan Rybar <jrybar@redhat.com> - 0.115-12.el8_5.1
|
* Fri Dec 03 2021 Jan Rybar <jrybar@redhat.com> - 0.115-13
|
||||||
- pkexec: argv overflow results in local privilege esc.
|
- pkexec: argv overflow results in local privilege esc.
|
||||||
- Resolves: CVE-2021-4034
|
- Resolves: CVE-2021-4034
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user