import polkit-0.115-15.el8

This commit is contained in:
CentOS Sources 2023-05-16 06:17:51 +00:00 committed by root
parent ec44a253c3
commit 617c950a8c
2 changed files with 84 additions and 6 deletions

View File

@ -0,0 +1,77 @@
diff -up ./src/polkitagent/polkitagenttextlistener.c.ori ./src/polkitagent/polkitagenttextlistener.c
--- ./src/polkitagent/polkitagenttextlistener.c.ori 2018-05-31 13:52:23.000000000 +0200
+++ ./src/polkitagent/polkitagenttextlistener.c 2022-10-21 17:21:11.227665209 +0200
@@ -121,6 +121,12 @@ polkit_agent_text_listener_class_init (P
listener_class = POLKIT_AGENT_LISTENER_CLASS (klass);
listener_class->initiate_authentication = polkit_agent_text_listener_initiate_authentication;
listener_class->initiate_authentication_finish = polkit_agent_text_listener_initiate_authentication_finish;
+
+ g_signal_new("tty_attrs_changed",
+ G_TYPE_FROM_CLASS(gobject_class),
+ G_SIGNAL_RUN_LAST | G_SIGNAL_NO_RECURSE | G_SIGNAL_NO_HOOKS,
+ 0, NULL, NULL, NULL,
+ G_TYPE_NONE, 1, G_TYPE_BOOLEAN);
}
/**
@@ -268,6 +274,7 @@ on_request (PolkitAgentSession *session,
* the problem.
*/
+ g_signal_emit_by_name(listener, "tty_attrs_changed", TRUE);
tcgetattr (fileno (listener->tty), &ts);
ots = ts;
ts.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
@@ -296,6 +303,7 @@ on_request (PolkitAgentSession *session,
}
}
tcsetattr (fileno (listener->tty), TCSAFLUSH, &ots);
+ g_signal_emit_by_name(listener, "tty_attrs_changed", FALSE);
putc ('\n', listener->tty);
polkit_agent_session_response (session, str->str);
diff -up ./src/programs/pkttyagent.c.ori ./src/programs/pkttyagent.c
--- ./src/programs/pkttyagent.c.ori 2020-01-28 14:16:32.000000000 +0100
+++ ./src/programs/pkttyagent.c 2022-10-21 16:56:12.449760361 +0200
@@ -34,6 +34,7 @@
static volatile sig_atomic_t tty_flags_saved;
+static volatile sig_atomic_t tty_flags_changed;
struct termios ts;
FILE *tty = NULL;
struct sigaction savesigterm, savesigint, savesigtstp;
@@ -54,7 +55,7 @@ static void tty_handler(int signal)
break;
}
- if (tty_flags_saved)
+ if (tty_flags_saved && tty_flags_changed)
{
tcsetattr (fileno (tty), TCSADRAIN, &ts);
}
@@ -63,6 +64,14 @@ static void tty_handler(int signal)
}
+static void tty_attrs_changed(PolkitAgentListener *listener G_GNUC_UNUSED,
+ gboolean changed,
+ gpointer user_data G_GNUC_UNUSED)
+{
+ tty_flags_changed = changed;
+}
+
+
int
main (int argc, char *argv[])
{
@@ -221,6 +230,9 @@ main (int argc, char *argv[])
ret = 127;
goto out;
}
+ g_signal_connect(G_OBJECT(listener), "tty_attrs_changed",
+ G_CALLBACK(tty_attrs_changed), NULL);
+
local_agent_handle = polkit_agent_listener_register_with_options (listener,
POLKIT_AGENT_REGISTER_FLAGS_RUN_IN_THREAD,
subject,

View File

@ -6,7 +6,7 @@
Summary: An authorization framework Summary: An authorization framework
Name: polkit Name: polkit
Version: 0.115 Version: 0.115
Release: 13%{?dist}.2 Release: 15%{?dist}
License: LGPLv2+ License: LGPLv2+
URL: http://www.freedesktop.org/wiki/Software/polkit URL: http://www.freedesktop.org/wiki/Software/polkit
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
@ -28,6 +28,7 @@ Patch11: polkit-0.115-pkttyagent-tcsaflush-batch-erase.patch
Patch12: polkit-0.115-CVE-2021-3560.patch Patch12: polkit-0.115-CVE-2021-3560.patch
Patch13: polkit-0.115-CVE-2021-4034.patch Patch13: polkit-0.115-CVE-2021-4034.patch
Patch14: polkit-0.115-CVE-2021-4115.patch Patch14: polkit-0.115-CVE-2021-4115.patch
Patch15: polkit-0.115-tty-flags-restore-if-changed.patch
BuildRequires: gcc-c++ BuildRequires: gcc-c++
@ -193,15 +194,15 @@ exit 0
%{_libdir}/girepository-1.0/*.typelib %{_libdir}/girepository-1.0/*.typelib
%changelog %changelog
* Tue Feb 16 2022 Jan Rybar <jrybar@redhat.com> - 0.115-13.el8_5.2 * Tue Nov 08 2022 Jan Rybar <jrybar@redhat.com> - 0.115-15
- necessary version bump due to build versioning - pkttyagent gets stopped if killed in the background
- Resolves: CVE-2021-4115 - Resolves: rhbz#2128989
* Tue Feb 15 2022 Jan Rybar <jrybar@redhat.com> - 0.115-12.el8_5.2 * Tue Feb 15 2022 Jan Rybar <jrybar@redhat.com> - 0.115-14
- file descriptor exhaustion (GHSL-2021-077) - file descriptor exhaustion (GHSL-2021-077)
- Resolves: CVE-2021-4115 - Resolves: CVE-2021-4115
* Fri Dec 03 2021 Jan Rybar <jrybar@redhat.com> - 0.115-12.el8_5.1 * Fri Dec 03 2021 Jan Rybar <jrybar@redhat.com> - 0.115-13
- pkexec: argv overflow results in local privilege esc. - pkexec: argv overflow results in local privilege esc.
- Resolves: CVE-2021-4034 - Resolves: CVE-2021-4034