- Feb 18, 2022
-
-
policykit-1 (0.105-31+deb11u1) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Local Privilege Escalation in polkit's pkexec (CVE-2021-4034)
-
- Jun 03, 2021
-
-
Simon McVittie authored
-
Salvatore Bonaccorso authored
Closes: #989429
-
- Feb 04, 2021
-
-
Simon McVittie authored
-
- Jan 26, 2021
-
-
Closes: #980998
-
- Aug 03, 2020
-
-
Michael Biebl authored
-
Michael Biebl authored
If a process still has an old copy of libpolkit-agent-1.so.0 loaded, it will fail to find the binary at the new location. So create a symlink to prevent authentication failures on upgrades. Closes: #965210
-
- Jul 17, 2020
-
-
Michael Biebl authored
-
Michael Biebl authored
-
Michael Biebl authored
With debhelper 13.1, --no-start will disable --restart-after-upgrade. Since we want the service to be restarted on upgrades, request that explicitly. See #959678
-
Michael Biebl authored
Closes: #965164
-
-
- Jul 16, 2020
-
-
Michael Biebl authored
-
Michael Biebl authored
Fixes out-of-bounds read in _localize. Closes: #956223
-
Michael Biebl authored
-
Michael Biebl authored
-
Michael Biebl authored
-
- Aug 11, 2019
-
-
Simon McVittie authored
-
Simon McVittie authored
-
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
-
Simon McVittie authored
reportbug doesn't currently seem to interpret "Depends: default-logind | logind" as implying that it should include the version number of the package that Provides logind in bug reports. Workaround for #934472.
-
Simon McVittie authored
Its API was never declared stable before upstream removed it in 0.106. Nothing in Debian depended on it, except for polkitd itself, which now links the same code statically. This is a step towards being able to use the current upstream release of polkit and patch in the old localauthority backend as an alternative to the JavaScript backend, instead of using the old 0.105 codebase and patching in essentially every change except the JavaScript backend, which is becoming unmanageable. - Remove the example null backend, which is pointless now that we've removed the ability to extend polkit. - Remove obsolete conffile 50-nullbackend.conf on upgrade - Remove the directory that previously contained 50-nullbackend.conf after upgrading or removing policykit-1
-
Simon McVittie authored
The systemd unit is only for on-demand D-Bus activation, and is not intended to be started during boot, so an [Install] section and a parallel LSB init script are not necessary.
-
Simon McVittie authored
-
Closes: #923240
-
Simon McVittie authored
-
- Jul 01, 2019
-
-
Simon McVittie authored
Closes: #923046
-
- Apr 29, 2019
-
-
Simon McVittie authored
- d/p/0.116/Elaborate-message-printed-by-polkit-when-disconnecting-fr.patch, d/p/0.116/Error-message-raised-on-every-systemctl-start-in-emergenc.patch: Reduce messages to stderr from polkit agents, in particular when using "systemctl reboot" on a ssh connection or when using "systemctl start" in systemd emergency mode - d/p/0.116/Fix-a-critical-warning-on-calling-polkit_permission_new_s.patch: Fix critical warnings when calling polkit_permission_new_sync() with no D-Bus system bus - d/p/0.116/Possible-resource-leak-found-by-static-analyzer.patch: Fix a potential use-after-free in polkit agents - d/p/0.116/pkttyagent-PolkitAgentTextListener-leaves-echo-tty-disabl.patch: Re-enable echo if the tty agent is killed by SIGINT or SIGTERM or suspended with SIGTSTP
-
- Jan 15, 2019
-
-
Jeremy Bícha authored
-
Jeremy Bícha authored
Fix temporary auth hijacking via PID reuse and non-atomic fork CVE-2019-6133 Closes: #918985 Gbp-Dch: Full
-
Jeremy Bícha authored
- Patch from upstream modified by Ubuntu to test high UID fix Gbp-Dch: Full
-
Martin Pitt authored
-
Martin Pitt authored
Revert an overzealous change from the previous security fix that caused a critical to be logged when trying to set the uid property to -1 (the default value). Patch taken from https://gitlab.freedesktop.org/polkit/polkit/merge_requests/17
-
- Dec 07, 2018
-
-
Michael Biebl authored
urgency=high for the security fix
-