Overview

File _patchinfo of Package patchinfo.1337

<patchinfo incident="1337">
  <issue id="933922" tracker="bnc">VUL-1: CVE-2015-3218: polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent</issue>
  <issue id="939246" tracker="bnc">VUL-0: CVE-2015-3255: polkit: Heap-corruption on duplicate ids</issue>
  <issue id="935119" tracker="bnc">VUL-1: CVE-2015-4625: polkit: cookie generation wrapping with 32bit counter</issue>
  <issue id="950114" tracker="bnc">Unable  to authenticate reboot with root password</issue>
  <issue id="912889" tracker="bnc">polkit has a memory leak</issue>
  <issue id="943816" tracker="bnc">VUL-0: CVE-2015-3256: polkit: Memory corruption via javascript rule evaluation</issue>
  <issue id="CVE-2015-3256" tracker="cve" />
  <issue id="CVE-2015-4625" tracker="cve" />
  <issue id="CVE-2015-3218" tracker="cve" />
  <issue id="CVE-2015-3255" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>msmeissn</packager>
  <description>
polkit was updated to the 0.113 release, fixing security issues and bugs.

Security issues fixed:
* Fixes CVE-2015-4625, a local privilege escalation due to predictable
  authentication session cookie values. Thanks to Tavis Ormandy, Google Project
  Zero for reporting this issue. For the future, authentication agents are
  encouraged to use PolkitAgentSession instead of using the D-Bus agent response
  API directly. (bsc#935119)
* Fixes CVE-2015-3256, various memory corruption vulnerabilities in use of the
  JavaScript interpreter, possibly leading to local privilege escalation.
  (bsc#943816)
* Fixes CVE-2015-3255, a memory corruption vulnerability in handling duplicate
  action IDs, possibly leading to local privilege escalation. Thanks to
  Laurent Bigonville for reporting this issue. (bsc#939246)
* Fixes CVE-2015-3218, which allowed any local user to crash polkitd. Thanks to
  Tavis Ormandy, Google Project Zero, for reporting this issue. (bsc#933922)

Other issues fixed:
* On systemd-213 and later, the "active" state is shared across all sessions of
  an user, instead of being tracked separately.
* pkexec, when not given a program to execute, runs the users shell by
  default.
* Fixed shutdown problems on powerpc64le (bsc#950114)
* polkit had a memory leak (bsc#912889)
</description>
  <summary>Security update for polkit</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places