Hello, polkit-0.113 is now available at http://www.freedesktop.org/software/polkit/releases/polkit-0.113.tar.gz http://www.freedesktop.org/software/polkit/releases/polkit-0.113.tar.gz.sign
-------------- polkit 0.113 -------------- NOTE: This release is an important security update, see below. WARNING WARNING WARNING: This is a prerelease on the road to polkit 1.0. Public API might change and certain parts of the code still needs some security review. Use at your own risk. This is polkit 0.113. Highlights: Fixes CVE-2015-4625, a local privilege escalation due to predictable authentication session cookie values. Thanks to Tavis Ormandy, Google Project Zero for reporting this issue. For the future, authentication agents are encouraged to use PolkitAgentSession instead of using the D-Bus agent response API directly. Fixes CVE-2015-3256, various memory corruption vulnerabilities in use of the JavaScript interpreter, possibly leading to local privilege escalation. Fixes CVE-2015-3255, a memory corruption vulnerability in handling duplicate action IDs, possibly leading to local privilege escalation. Thanks to Laurent Bigonville for reporting this issue. Fixes CVE-2015-3218, which allowed any local user to crash polkitd. Thanks to Tavis Ormandy, Google Project Zero, for reporting this issue. On systemd-213 and later, the “active” state is shared across all sessions of an user, instead of being tracked separately. (pkexec), when not given a program to execute, runs the users’ shell by default. Build requirements glib, gobject, gio >= 2.30 mozjs185 or mozjs-17.0 gobject-introspection >= 0.6.2 (optional) pam (optional) ConsoleKit OR systemd Changes since polkit 0.112: Colin Walters (17): PolkitSystemBusName: Add public API to retrieve Unix user examples/cancel: Fix to securely lookup subject sessionmonitor-systemd: Deduplicate code paths PolkitSystemBusName: Retrieve both pid and uid Port internals non-deprecated PolkitProcess API where possible Use G_GNUC_BEGIN_IGNORE_DEPRECATIONS to avoid warning spam pkexec: Work around systemd injecting broken XDG_RUNTIME_DIR pkexec: Support just plain "pkexec" to run shell .dir-locals: Style for Emacs - we don't use tabs authority: Avoid cookie wrapping by using u64 counter CVE-2015-3218: backend: Handle invalid object paths in RegisterAuthenticationAgent build: Start using git.mk Revert "authority: Avoid cookie wrapping by using u64 counter" authority: Add a helper method for checking whether an identity is root CVE-2015-4625: Use unpredictable cookie values, keep them secret CVE-2015-4625: Bind use of cookies to specific uids README: Note to send security reports via DBus's mechanism Kay Sievers (1): sessionmonitor-systemd: prepare for D-Bus "user bus" model Lukasz Skalski (1): polkitd: Fix problem with removing non-existent source Max A. Dednev (1): authority: Fix memory leak in EnumerateActions call results handler Miloslav Trmač (24): Post-release version bump to 0.113 Don't discard error data returned by polkit_system_bus_name_get_user_sync Fix a memory leak Refuse duplicate --user arguments to pkexec Fix a possible NULL dereference. Remove a redundant assignment. Simplify forced error domain registration Fix a typo, s/Evaluting/Evaluating/g s/INCLUDES/AM_CPPFLAGS/g Fix duplicate GError use when "uid" is missing Fix a crash when two authentication requests are in flight. docs: Update for changes to uid binding/AuthenticationAgentResponse2 Don't pass an uninitialized JS parameter Don't add extra NULL group to subject.groups Don't store unrooted jsvals on heap Fix a per-authorization memory leak Fix a memory leak when registering an authentication agent Wrap all JS usage within “requests” Register heap-based JSObject pointers to GC Prevent builds against SpiderMonkey with exact stack rooting Clear the JS operation callback before invoking JS in the callback Fix spurious timeout exceptions on GC Fix GHashTable usage. Fix use-after-free in polkitagentsession.c Philip Withnall (1): sessionmonitor-systemd: Use sd_uid_get_state() to check session activity Rui Matos (1): PolkitAgentSession: fix race between child and io watches Simon McVittie (1): Use libsystemd instead of older libsystemd-login if possible Ting-Wei Lan (1): build: Fix several issues on FreeBSD Xabier Rodriguez Calvar (1): Fixed compilation problem in the backend Thanks to our contributors. Colin Walters and Miloslav Trmač, July 2, 2015
_______________________________________________ polkit-devel mailing list polkit-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/polkit-devel
