stable

polkit-0.113-1.fc22

FEDORA-2015-11058 created by mitr 10 years ago for Fedora 22

Security fix for CVE-2015-3218, CVE-2015-3255, CVE-2015-3256, CVE-2015-4625

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2015-11058

This update has been submitted for testing by mitr.

10 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/103071/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/103071/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 testing updates repository.

10 years ago

This update has been pushed to testing

10 years ago
User Icon evillagr commented & provided feedback 10 years ago
karma

work fine on casual use

User Icon besser82 commented & provided feedback 10 years ago
karma

LGTM =)

Critical path update approved

10 years ago

Fails within KDE (root-pw never accepted). Back to 112-9 works perfect.

karma: -1

User Icon fcon commented & provided feedback 10 years ago
karma

looks good

This update has reached the stable karma threshold and will be pushed to the stable updates repository

10 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/104757/steps/runtask/logs/stdio (results are informative only)

User Icon rathann commented & provided feedback 10 years ago
karma

Looks like nobody noticed the ABI break in polkit-libs and there's no strict dependency between polkit and polkit-libs, so if you upgraded just polkit (and not polkit-libs), polkitd won't start.

KDE anyone? Seems severely broken by a regression 0.112-9 => 0.113-1.

karma: -1

User Icon oxo commented & provided feedback 10 years ago
karma

Seems to work fine (in conjunction with KDE)

samoht0-sapo@yahoo.com, it works fine for me on a fresh F22 KDE live install as well. Please file a bug with detailed version information and precise steps to reproduce.

@oxo+mitr: Thanks for testing KDE. I'll investigate this in more detail. If the issue is reproducible, i'll file a bug.

This update is currently being pushed to the Fedora 22 stable updates repository.

10 years ago

This update has been pushed to stable

10 years ago
User Icon fredyn commented & provided feedback 10 years ago
karma

Indeed, this update breaks established authentication rules for PackageKit and Suspend from KMenu. Downgrading polkit to 0.112-9.fc22.x86_64 fixes the authentication regression. The polkit changes in 0.113 likely require changes in other components, see # rpm -qa | grep polkit polkit-libs-0.113-1.fc22.x86_64 polkit-pkla-compat-0.1-5.fc22.x86_64 polkit-0.112-9.fc22.x86_64 polkit-qt5-1-0.112.0-3.fc22.x86_64 polkit-kde-5.3.2-1.fc22.x86_64 polkit-libs-0.113-1.fc22.i686 polkit-qt-0.112.0-3.fc22.x86_64

User Icon fredyn commented & provided feedback 10 years ago
karma
User Icon fredyn commented & provided feedback 10 years ago
karma

Please log in to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
10 years ago
in testing
10 years ago
in stable
10 years ago
BZ#910262 [abrt] polkit-0.107-4.fc18: js::PropertyTable::search: Process /usr/lib/polkit-1/polkitd was killed by signal 11 (SIGSEGV)
0
0
BZ#1175061 [abrt] polkit: js::ShapeTable::search(): polkitd killed by SIGSEGV
0
0
BZ#1177930 [abrt] polkit: LookupPropertyWithFlagsInline(): polkitd killed by SIGSEGV
0
0
BZ#1194391 [abrt] polkit: getObjectClass(): polkitd killed by SIGSEGV
0
0
BZ#1228738 CVE-2015-3218 polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent
0
0
BZ#1228739 CVE-2015-3218 polkit: crash authentication_agent_new with invalid object path in RegisterAuthenticationAgent [fedora-all]
0
0
BZ#1233808 CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping
0
0
BZ#1233810 CVE-2015-4625 polkit: potential information disclosure vulnerability due to cookie counter wrapping [fedora-all]
0
0

Automated Test Results