polkit-0.112-22.el7
エラータID: AXSA:2019-4123:04
Release date:
Tuesday, August 20, 2019 - 02:58
Subject:
polkit-0.112-22.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.
Security Fix(es):
* polkit: Improper handling of user with uid > INT_MAX leading to authentication bypass (CVE-2018-19788)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2018-19788
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
Solution:
Update packages.
CVEs:
CVE-2018-19788
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
Additional Info:
N/A
Download:
SRPMS
- polkit-0.112-22.el7.src.rpm
MD5: bcc3e1f47b0cc6406f705b2581e05b2c
SHA-256: dd1407629a4f8908f37983f9593bf0e034c2fe5c7bb70e56129d9957b6de2cdf
Size: 1.40 MB
Asianux Server 7 for x86_64
- polkit-0.112-22.el7.x86_64.rpm
MD5: e8acb3858bd139a56ad7c594541408aa
SHA-256: 23bc82c8ddecbea41eb5b5e1ac13241de82de98bf1bd3709da29b07466edb2ea
Size: 168.54 kB - polkit-devel-0.112-22.el7.x86_64.rpm
MD5: c66def9c51bcc6ff7fc084c26dcf4105
SHA-256: 3504cad9f90765e23d079ea03279d39e8484a8d186359506d04a05a40ec42bba
Size: 41.90 kB - polkit-docs-0.112-22.el7.noarch.rpm
MD5: b7cf2bcc010f1fbdead421b20cf50749
SHA-256: 4352c14e5abb58aef4e18ca3dc1fa90ebc2848e12f9d88fd024323b9edde7ae3
Size: 250.12 kB - polkit-0.112-22.el7.i686.rpm
MD5: dbe6f7929561a7119c8c712a22fb0602
SHA-256: 9349680f124c724952493b661f9e06cb1d99a7f64c9d7bb2eae4a26fba085c24
Size: 167.50 kB - polkit-devel-0.112-22.el7.i686.rpm
MD5: a1663dfff12e6e34583af26de5eb0d77
SHA-256: 5dac7e6eabf4bc0a57a3bfe4a062eee23a60709a109dd682a911ecf863563a79
Size: 41.93 kB