Hey, A while ago, I was privately contacted about a vulnerability in PolicyKit. For more details see,
https://bugzilla.redhat.com/show_bug.cgi?id=692922 Now that the embargo for this issue has been lifted (my contact from Red Hat's security response team has been in contact with other vendors for a coordinated release), I have pushed the fixes, see http://cgit.freedesktop.org/PolicyKit/commit/?id=dd848a42a64a3b22a0cc60f6657b56ce9b6010ae http://cgit.freedesktop.org/PolicyKit/commit/?id=129b6223a19e7fb2753f8cad7957ac5402394076 http://cgit.freedesktop.org/PolicyKit/commit/?id=c23d74447c7615dc74dae259f0fc3688ec988867 http://cgit.freedesktop.org/PolicyKit/commit/?id=3b12cfac29dddd27f1f166a7574d8374cc1dccf2 to the master branch. I have also created a polkit-0-96 branch with the fixes backported to version 0.96, see http://cgit.freedesktop.org/PolicyKit/log/?h=polkit-0-96 since this is the version that my employer ships in a supported product. I will probably release 0.102 soon - until then vendors are advised to include these patches ASAP. Thanks, David _______________________________________________ polkit-devel mailing list polkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/polkit-devel