mirror of
git://git.openembedded.org/meta-openembedded
synced 2026-01-04 16:10:10 +00:00
cca27b5ea7
In PolicyKit (aka polkit) 0.115, the start time protection mechanism can
be bypassed because fork() is not atomic, and therefore authorization
decisions are improperly cached. This is related to lack of uid checking
in polkitbackend/polkitbackendinteractiveauthority.c.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-6133
Upstream patch:
|
||
|---|---|---|
| .. | ||
| classes | ||
| conf | ||
| lib/oeqa/selftest/cases | ||
| licenses | ||
| recipes-benchmark | ||
| recipes-bsp | ||
| recipes-connectivity | ||
| recipes-core | ||
| recipes-crypto | ||
| recipes-dbs | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-gnome | ||
| recipes-graphics | ||
| recipes-kernel | ||
| recipes-multimedia | ||
| recipes-navigation | ||
| recipes-security | ||
| recipes-shells | ||
| recipes-support | ||
| recipes-test | ||
| COPYING.MIT | ||
| README | ||
meta-oe ======= This layer depends on: URI: git://github.com/openembedded/openembedded-core.git branch: thud revision: HEAD Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][thud]' in the subject' When sending single patches, please use something like: 'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix=meta-oe[thud][PATCH' You are encouraged to fork the mirror on GitHub https://github.com/openembedded/openembedded-core to share your patches, this is preferred for patch sets consisting of more than one patch. Other services like gitorious, repo.or.cz or self-hosted setups are of course accepted as well, 'git fetch <remote>' works the same on all of them. We recommend GitHub because it is free, easy to use, has been proven to be reliable and has a really good web GUI. Thud maintainer: Armin Kuster <akuster808@gmail.com>