Your message dated Fri, 11 Sep 2015 15:30:19 +0000
with message-id <[email protected]>
and subject line Bug#766860: fixed in policykit-1 0.105-12
has caused the Debian Bug report #766860,
regarding polkit-1: Read after free when duplicate rules exist
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
766860: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=766860
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: policykit-1
Version: 0.105-3
Severity: important
Forwarded: https://bugs.freedesktop.org/show_bug.cgi?id=83590
Hello,
When starting the daemon, I get the following message:
** (polkitd:21926): WARNING **: Unknown action_id '<random string>'
This is due to a read after free condition when a rule is being present
twice.
The solution seems quite trivial:
- g_hash_table_insert (priv->parsed_actions, action->action_id,
action);
+ g_hash_table_replace (priv->parsed_actions, action->action_id,
action);
We maybe want to fix this before the jessie release
Cheers,
Laurent Bigonville
--- End Message ---
--- Begin Message ---
Source: policykit-1
Source-Version: 0.105-12
We believe that the bug you reported is fixed in the latest version of
policykit-1, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Simon McVittie <[email protected]> (supplier of updated policykit-1 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 11 Sep 2015 09:48:00 +0100
Source: policykit-1
Binary: policykit-1 policykit-1-doc libpolkit-gobject-1-0
libpolkit-gobject-1-dev libpolkit-agent-1-0 libpolkit-agent-1-dev
libpolkit-backend-1-0 libpolkit-backend-1-dev gir1.2-polkit-1.0
Architecture: source
Version: 0.105-12
Distribution: unstable
Urgency: medium
Maintainer: Utopia Maintenance Team
<[email protected]>
Changed-By: Simon McVittie <[email protected]>
Description:
gir1.2-polkit-1.0 - GObject introspection data for PolicyKit
libpolkit-agent-1-0 - PolicyKit Authentication Agent API
libpolkit-agent-1-dev - PolicyKit Authentication Agent API - development files
libpolkit-backend-1-0 - PolicyKit backend API
libpolkit-backend-1-dev - PolicyKit backend API - development files
libpolkit-gobject-1-0 - PolicyKit Authorization API
libpolkit-gobject-1-dev - PolicyKit Authorization API - development files
policykit-1 - framework for managing administrative policies and privileges
policykit-1-doc - documentation for PolicyKit-1
Closes: 766860 772125 775158 779988 796134
Changes:
policykit-1 (0.105-12) unstable; urgency=medium
.
* Team upload
* Replace 03_complete_session.patch with a change from upstream
which seems like a more correct solution for LP#445303, LP#649939
* 05_revert-admin-identities-unix-group-wheel.patch: remove confusing
staff -> desktop_admin_r change in a man page (desktop_admin_r looks
vaguely like a SELinux role but is actually being used as a group);
keep only the actual functional change. This matches the syntactically
different but functionally similar change in experimental.
* 09_pam_environment.patch: replace with the version that went upstream.
* Annotate remaining patches with a bit more information.
They are:
- 00git_fix_memleak.patch, 00git_invalid_object_paths.patch,
00git_type_registration.patch, 04_get_cwd.patch,
07_set-XAUTHORITY-environment-variable-if-unset.patch,
08_deprecate_racy_APIs.patch, 09_pam_environment.patch,
cve-2013-4288.patch: either backports from upstream, or already
applied upstream, and not discussed further here.
- 01_pam_polkit.patch: use Debian's common-* infrastructure,
plus pam_env to get the global environment and locale.
Debian-specific.
- 02_gettext.patch: Use gettext to translate .policy files at
runtime, allowing for Ubuntu-style language packs.
Debian-specific (mainly for Ubuntu's benefit, really).
- 05_revert-admin-identities-unix-group-wheel.patch: Debian does
not use the "wheel" group like Red Hat derivatives do;
treat uid 0 as the administrative identity instead.
Debian-specific.
- 06_systemd-service.patch: hook up the systemd service in
debian/polkitd.service.
Not forwarded: obsoleted by an upstream change in 0.106,
commit 2995085.
* Re-order patch series to put upstream changes first, sorted by version
in which they went upstream, and put them in subdirectories by version
* Add patches from 0.113 to fix heap corruption CVE-2015-3255
(Closes: #766860) and local authenticated denial of service
CVE-2015-4625 (Closes: #796134)
* Add numerous other bug-fix patches from 0.113
- work around bugs in older versions of libpam-systemd when using
su or similar (Closes: #772125)
- treat background processes as part of the same uid's active GUI
session if they have one (Closes: #779988)
- fix some memory leaks (Closes: #775158, LP: #1417637)
* Add backported public API polkit_system_bus_name_get_user_sync() to
symbols file
* Fix FTBFS with dpkg-buildpackage -A by only installing files into
policykit-1 in per-arch builds
* Run tests with a session bus pretending to be the system bus,
so they can pass in a buildd environment
Checksums-Sha1:
1457e5022722b7eba404f48f80ebd056f8204df2 2869 policykit-1_0.105-12.dsc
ad74acdadc5d516a1495475cb9d1f3358cfc2aeb 39720
policykit-1_0.105-12.debian.tar.xz
Checksums-Sha256:
8e32ec79b3bd5047242701e0efeb09977fe31314dfad73e0e3a6f134e692968d 2869
policykit-1_0.105-12.dsc
b53a880866446c834fedbc3bceb175e94588a5e0a4e194f90f322c9a29bd0aea 39720
policykit-1_0.105-12.debian.tar.xz
Files:
09b4c3a1447f0290959d8d9acdcca8b8 2869 admin optional policykit-1_0.105-12.dsc
89013b11e9cf0d87c82c60707b1a5d44 39720 admin optional
policykit-1_0.105-12.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJV8u61AAoJEE3o/ypjx8yQxEAP/Ag1Bj76cHQnX8zTdwYUwYH0
Ihqu91bPPIazRtMnnjBfNrATkAGGGhHGZ5JTLNFQBo8LNid36+MLetZwSMo9Ep55
TFFFfBFBU2Zkri6A2E9YvfT97NLmMqfvCZR+4q5yOWhcpKte6YJa39mQ9dh9BKUs
BDbaUgmdzTHjC8ai3xmrr2+NTKf917DKWIOjzda77RjJp//JOWSTxLxyXjXyfBMe
xdTivI0Q6enKKxCeNQDCeRrHVpQAchCHJP1M3c14xZeMxWcz/cQ40MANZM88PkkJ
WecuGkdBoLB80vQVNCYcuBrxK7Ekw7bWhvY69EGAyoH7M7eq1VcCgTh/vzP4pV0O
gJfqEBqIRmfmjNSrc9pwQC3/fEEsCx3/Hz7Bl/Oq+fDgJ776oYyfQUhYq/uqohsG
GAU3nX4+YpZjpu3krQWG1xNcjGIdFY5H9oz3U8M8OM/XvUl+arf3EDqu0PM0ZYts
ILl85zKQDRkhxRkxc75jig1pq4ag3ahKaIOVC8revOTl6JdTGzRs5XFftiMP3LxN
fRjB2tQrRndK/JEoMHq6DWsHQw6ODMpAOuaFiPblQYQKossixUMcfmnNrTtZGsoD
hLBW0eKM2OzrDMv59OLUvSy+NpA4PdKH2qN/AM7hR1V9nxIL7SWOFjYFnjc+rkq2
yPxJTow4VZ9j/LRV9OL0
=NwJP
-----END PGP SIGNATURE-----
--- End Message ---
