aboutsummaryrefslogtreecommitdiffstats
path: root/meta-multimedia/README
diff options
context:
space:
mode:
authorOvidiu Panait <ovidiu.panait@windriver.com>2019-01-23 11:29:51 +0200
committerArmin Kuster <akuster808@gmail.com>2019-01-23 08:17:23 -0800
commitcca27b5ea7569d2730ee5da7ee7f47b39d775d89 (patch)
tree4ab1d4bd85018da959f3b88c43c41c4b567a4a12 /meta-multimedia/README
parent867d208afef97e38f614c8b4a69f882d55f8e208 (diff)
downloadmeta-openembedded-cca27b5ea7569d2730ee5da7ee7f47b39d775d89.tar.gz
meta-openembedded-cca27b5ea7569d2730ee5da7ee7f47b39d775d89.tar.bz2
meta-openembedded-cca27b5ea7569d2730ee5da7ee7f47b39d775d89.zip
polkit: Fix CVE-2019-6133
In PolicyKit (aka polkit) 0.115, the start time protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-6133 Upstream patch: https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81 Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-multimedia/README')
0 files changed, 0 insertions, 0 deletions