CVE-2021-3560 mitigation
Resolves: CVE-2021-3560
This commit is contained in:
parent
1d2c5e2242
commit
c23564feee
13
CVE-2021-3560.patch
Normal file
13
CVE-2021-3560.patch
Normal file
@ -0,0 +1,13 @@
|
||||
--- a/src/polkit/polkitsystembusname.c
|
||||
+++ b/src/polkit/polkitsystembusname.c
|
||||
@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus
|
||||
while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
|
||||
g_main_context_iteration (tmp_context, TRUE);
|
||||
|
||||
+ if (data.caught_error)
|
||||
+ goto out;
|
||||
+
|
||||
if (out_uid)
|
||||
*out_uid = data.uid;
|
||||
if (out_pid)
|
||||
|
@ -6,13 +6,14 @@
|
||||
Summary: An authorization framework
|
||||
Name: polkit
|
||||
Version: 0.117
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
License: LGPLv2+
|
||||
URL: http://www.freedesktop.org/wiki/Software/polkit
|
||||
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
||||
Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign
|
||||
|
||||
Patch1: mozjs78.patch
|
||||
Patch2: CVE-2021-3560.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: gcc-c++
|
||||
@ -177,6 +178,10 @@ exit 0
|
||||
%{_libdir}/girepository-1.0/*.typelib
|
||||
|
||||
%changelog
|
||||
* Mon Jun 28 2021 Jan Rybar <jrybar@redhat.com> - 0.117-5
|
||||
- CVE-2021-3560 mitigation
|
||||
- Resolves: CVE-2021-3560
|
||||
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.117-4
|
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user