FS#61751 : [polkit] - Need fix for CVE-2019-6133

FS#61751 - [polkit] - Need fix for CVE-2019-6133

Attached to Project: Arch Linux
Opened by Eduard Toloza (edu4rdshl) - Wednesday, 13 February 2019, 19:53 GMT
Last edited by Antonio Rojas (arojas) - Tuesday, 04 June 2019, 20:26 GMT

Task Type	Bug Report
Category	Packages: Extra
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:

According to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6133 and the commit history for https://gitlab.freedesktop.org/polkit/polkit, we're still vulnerable to that CVE since that the commit in https://git.archlinux.org/svntogit/packages.git/tree/trunk/PKGBUILD?h=packages/polkit#n12 is older than https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81#0cf68d1183ea5299db7cd71b8377fa3d29e1a63e that's what fixed the mentioned CVE.

Additional info:
* 0.115+24+g5230646

This task depends upon

Closed by Antonio Rojas (arojas)
Tuesday, 04 June 2019, 20:26 GMT
Reason for closing: Fixed

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#61751 - [polkit] - Need fix for CVE-2019-6133

Details

Loading...