Bug 29951

Summary: mageia8 is menaced by the vulnerability CVE-2021-4034 aka PwnKit
Product: Mageia Reporter: peter lawford <petlaw726>
Component: SecurityAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED DUPLICATE QA Contact: Sec team <security>
Severity: critical    
Priority: Normal    
Version: 8   
Target Milestone: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Source RPM: CVE:
Status comment:

Description peter lawford 2022-01-27 14:09:20 CET 
Description of problem:
I've read today on the french journal "Le Monde informatique" that all major linux distros (including mageia ?) were menaced by the vulnerability CVE-2021-4034 aka PwnKit, and they advised to run the command:
chmod 0755 /usr/bin/pkexec that I've immediately done:
before running this command:
[alain4@magaux ~]$ ls -l /usr/bin |grep pkexec
-rwxr-xr-x   1 root   root          281 sept. 19  2017 lightdm-gtk-greeter-settings-pkexec*
-rwsr-xr-x   1 root   root        28392 janv. 26 01:07 pkexec*

and after:
[alain4@magaux ~]$ ls -l /usr/bin |grep pkexec
-rwxr-xr-x   1 root   root          281 sept. 19  2017 lightdm-gtk-greeter-settings-pkexec*
-rwxr-xr-x   1 root   root        28392 janv. 26 01:07 pkexec*

was I right to do that?
thant you for considering this post which seems to me very important


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
Comment 1 sturmvogel 2022-01-27 14:23:35 CET 
This problem is fixed in polkit with bug 29944
Comment 2 peter lawford 2022-01-27 15:17:46 CET 
(In reply to sturmvogel from comment #1)
> This problem is fixed in polkit with bug 29944

OK, thank you!
Comment 3 David Walser 2022-01-27 16:15:32 CET 
Dup

*** This bug has been marked as a duplicate of bug 29944 ***

Status: NEW => RESOLVED
Resolution: (none) => DUPLICATE