https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256405
Bob Frazier <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #4 from Bob Frazier <[email protected]> --- A new vulnerability in polkit has been discovered on Linux https://access.redhat.com/security/cve/CVE-2021-3560 This discusses the details of it and steps to repro: https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/ I have not tried to repro this with older versions of polkit yet (I have 0.114_2 installed on this system, for example) but it is probably worth investigating before releasing an update of the port. CVE-2021-3560 was apparently recently discovered and reported yesterday -- You are receiving this mail because: You are the assignee for the bug.
