- Feb 18, 2022
-
-
Simon McVittie authored
-
Simon McVittie authored
This executable has moved several times, and its path gets compiled into the libpolkit-agent-1-0 shared library. Making the executable available in all the locations it has previously had is helpful when swapping between versions during testing.
-
Simon McVittie authored
This avoids Debian derivatives getting an unexpected change in behaviour when they switch from inheriting Debian's policykit-1 package to building their own policykit-1 package, perhaps as a result of wanting to apply an unrelated patch. The sudo group is defined to be root-equivalent in base-passwd, so this should be equally true for all Debian derivatives. Thanks: Arnaud Rebillout Closes: !3
-
Simon McVittie authored
This aligns the packaging a bit more closely with experimental.
-
Simon McVittie authored
(cherry picked from commit 396437dd)
-
Simon McVittie authored
We only need dbus-run-session at build time; we don't need a fully-working system bus. (cherry picked from commit 3c84dca6)
-
Simon McVittie authored
(cherry picked from commit e5b4b3c9)
-
Simon McVittie authored
CVE-2021-4115 Closes: #1005784
-
Simon McVittie authored
pkexec is a setuid program, which makes it a higher security risk than the more typical IPC-based uses of polkit. If we separate out pkexec into its own package, then only packages that rely on being able to run pkexec will have to depend on it, reducing attack surface for users who are able to remove the pkexec package.
-
- Feb 09, 2022
-
-
Simon McVittie authored
This will give us a migration path to the separated packages currently available in experimental.
-
Simon McVittie authored
This makes it more obvious that they are not intended to go upstream.
-
Simon McVittie authored
The patch that was provided to distributors under embargo was not the final version: it used a different exit status, and made an attempt to show help. The version that was actually committed after the embargo period ended interprets argc == 0 as an attack rather than a mistake, and does not attempt to show the help message.
-
Simon McVittie authored
This patch was included in 0.119, so move it into the 0.119/ directory in the patch series.
-
- Feb 01, 2022
-
-
policykit-1 (0.105-31.1) unstable; urgency=high . * Non-maintainer upload. * Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
-
- Jun 03, 2021
-
-
Simon McVittie authored
-
Salvatore Bonaccorso authored
Closes: #989429
-
- Feb 04, 2021
-
-
Simon McVittie authored
-
- Jan 26, 2021
-
-
Closes: #980998
-
- Aug 03, 2020
-
-
Michael Biebl authored
-
Michael Biebl authored
If a process still has an old copy of libpolkit-agent-1.so.0 loaded, it will fail to find the binary at the new location. So create a symlink to prevent authentication failures on upgrades. Closes: #965210
-
- Jul 17, 2020
-
-
Michael Biebl authored
-
Michael Biebl authored
-
Michael Biebl authored
With debhelper 13.1, --no-start will disable --restart-after-upgrade. Since we want the service to be restarted on upgrades, request that explicitly. See #959678
-
Michael Biebl authored
Closes: #965164
-
-
- Jul 16, 2020
-
-
Michael Biebl authored
-
Michael Biebl authored
Fixes out-of-bounds read in _localize. Closes: #956223
-
Michael Biebl authored
-
Michael Biebl authored
-
Michael Biebl authored
-
- Aug 11, 2019
-
-
Simon McVittie authored
-
Simon McVittie authored
-
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
reportbug doesn't currently seem to interpret "Depends: default-logind | logind" as implying that it should include the version number of the package that Provides logind in bug reports. Workaround for #934472.
-