polkit-0.96-11.AXS4.1
エラータID: AXSA:2019-3772:01
リリース日:
2019/04/03 Wednesday - 11:30
題名:
polkit-0.96-11.AXS4.1
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- PolicyKitには、fork関数がアトミックでないため、開始時の保護機構がバイパス
でき、認証判定が不適切にキャッシュされる脆弱性があります。(CVE-2019-6133)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-6133
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c.
追加情報:
N/A
ダウンロード:
SRPMS
- polkit-0.96-11.AXS4.1.src.rpm
MD5: d6d899f5f107a5a211fada74e765ab3b
SHA-256: 2146dca07371b33618762ef3ceabd09e18a587f310a06fa155dba3e23d9c4585
Size: 1.02 MB
Asianux Server 4 for x86
- polkit-0.96-11.AXS4.1.i686.rpm
MD5: a65b709a7d0ca416b956e3b006c8f8de
SHA-256: df6ad4b823c67634d71f955d7356a14c1843356fde4cd79eaa9dc1a1a08d9fe6
Size: 161.33 kB - polkit-desktop-policy-0.96-11.AXS4.1.noarch.rpm
MD5: f16b7c494ef8e882cb7a4cd89f24c469
SHA-256: 0890cbf1c7b25b258622011d8f6c7c0ec68f9b0471dbaf49f9e5c886615b4c58
Size: 7.58 kB - polkit-devel-0.96-11.AXS4.1.i686.rpm
MD5: 683fd8dae846b048b36ca43ec427e8f4
SHA-256: 528cd6a169cbd41d6af711881b3633d649adca39ab246f47b22f4778940e4870
Size: 28.34 kB - polkit-docs-0.96-11.AXS4.1.i686.rpm
MD5: 74910880c23bd35154d6bf29ddf6ab6f
SHA-256: a558e194d825b71fcd6a87a30bb2554bab5116688837559701c961b798d3969f
Size: 271.82 kB
Asianux Server 4 for x86_64
- polkit-0.96-11.AXS4.1.x86_64.rpm
MD5: cf02aa7b9f953dee22b75955ceef2862
SHA-256: c74e0e364135761190c41342dbf983c52ac0e08fa47a8ba0c8a240b40455fe2d
Size: 161.75 kB - polkit-desktop-policy-0.96-11.AXS4.1.noarch.rpm
MD5: 891969d2b1bb7e96984f14d21a9a6251
SHA-256: 69be6f042519cc5ea026eb149f7f93bbfa51298dafaa37268900363026366eda
Size: 7.13 kB - polkit-devel-0.96-11.AXS4.1.x86_64.rpm
MD5: 235744a24ddc6ffcec35344fa26e5dbc
SHA-256: 2d3a67c555ebd35a765c235947d296b4a754a7f9b3591fa3fb7254fe33365519
Size: 28.02 kB - polkit-docs-0.96-11.AXS4.1.x86_64.rpm
MD5: 9fac0fe1425370bae470e1c6e43c75f0
SHA-256: 3411c1e85f77827f825f4bb7e9249a94dd6ce296528d21240cb3f2e865c6e0f5
Size: 271.39 kB - polkit-0.96-11.AXS4.1.i686.rpm
MD5: a65b709a7d0ca416b956e3b006c8f8de
SHA-256: df6ad4b823c67634d71f955d7356a14c1843356fde4cd79eaa9dc1a1a08d9fe6
Size: 161.33 kB - polkit-devel-0.96-11.AXS4.1.i686.rpm
MD5: 683fd8dae846b048b36ca43ec427e8f4
SHA-256: 528cd6a169cbd41d6af711881b3633d649adca39ab246f47b22f4778940e4870
Size: 28.34 kB