Date: Fri, 11 Jun 2021 20:05:48 +0000 From: bugzilla-noreply@freebsd.org To: desktop@FreeBSD.org Subject: [Bug 256405] sysutils/polkit: Update to 0.119 Message-ID: <bug-256405-39348-jGBZ6KpU86@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-256405-39348@https.bugs.freebsd.org/bugzilla/> References: <bug-256405-39348@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D256405 Bob Frazier <bobf@mrp3.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bobf@mrp3.com --- Comment #4 from Bob Frazier <bobf@mrp3.com> --- A new vulnerability in polkit has been discovered on Linux https://access.redhat.com/security/cve/CVE-2021-3560 This discusses the details of it and steps to repro: https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-wi= th-bug/ I have not tried to repro this with older versions of polkit yet (I have 0.114_2 installed on this system, for example) but it is probably worth investigating before releasing an update of the port. CVE-2021-3560 was apparently recently discovered and reported yesterday --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-256405-39348-jGBZ6KpU86>