A CVE has been assigned for a security issue in polkit: http://openwall.com/lists/oss-security/2015/06/16/21 It looks like patches are pending upstream. A new version might be released once everything's committed. Reproducible: Steps to Reproduce:
CC: (none) => mageiaWhiteboard: (none) => MGA5TOO, MGA4TOO
These commits have been made upstream to fix this issue: http://cgit.freedesktop.org/polkit/commit/?id=ea544ffc18405237ccd95d28d7f45afef49aca17 http://cgit.freedesktop.org/polkit/commit/?id=493aa5dc1d278ab9097110c1262f5229bbaf1766 http://cgit.freedesktop.org/polkit/commit/?id=fb5076b7c05d01a532d593a4079a29cf2d63a228
polkit 0.113 has been released today (July 2), fixing this issue and others: http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html Updated packages uploaded for Mageia 4, Mageia 5, and Cauldron. Advisory: ======================== Updated polkit packages fix security vulnerabilities: Local privilege escalation in polkit before 0.113 due to predictable authentication session cookie values (CVE-2015-4625). Various memory corruption vulnerabilities in polkit before 0.113 in the use of the JavaScript interpreter, possibly leading to local privilege escalation (CVE-2015-3256). Memory corruption vulnerability in polkit before 0.113 in handling duplicate action IDs, possibly leading to local privilege escalation (CVE-2015-3255). Denial of service issue in polkit before 0.113 which allowed any local user to crash polkitd (CVE-2015-3218). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3218 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3255 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3256 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4625 http://lists.freedesktop.org/archives/polkit-devel/2015-July/000432.html ======================== Updated packages in core/updates_testing: ======================== polkit-0.113-1.mga4 polkit-desktop-policy-0.113-1.mga4 libpolkit1_0-0.113-1.mga4 libpolkit-gir1.0-0.113-1.mga4 libpolkit1-devel-0.113-1.mga4 polkit-0.113-1.mga5 libpolkit1_0-0.113-1.mga5 libpolkit-gir1.0-0.113-1.mga5 libpolkit1-devel-0.113-1.mga5 from SRPMS: polkit-0.113-1.mga4.src.rpm polkit-0.113-1.mga5.src.rpm
CC: (none) => mageiaVersion: Cauldron => 5Assignee: mageia => qa-bugsSummary: polkit new security issue CVE-2015-4625 => polkit new security issues CVE-2015-3218, CVE-2015-325[56], and CVE-2015-4625Whiteboard: MGA5TOO, MGA4TOO => MGA4TOO
Testing complete on Mageia 4. Just testing that I can start mcc as a regular user, and that it starts after entering the password.
CC: (none) => davidwhodginsWhiteboard: MGA4TOO => MGA4TOO MGA4-64-OK MGA4-32-OK
Advisory committed to svn. I'll test Mageia 5 shortly.
Whiteboard: MGA4TOO MGA4-64-OK MGA4-32-OK => MGA4TOO MGA4-64-OK MGA4-32-OK advisory
Testing complete. Someone from the sysadmin team please push 16135.adv to updates for Mageia 4 and 5.
Keywords: (none) => validated_updateWhiteboard: MGA4TOO MGA4-64-OK MGA4-32-OK advisory => MGA4TOO MGA4-64-OK MGA4-32-OK advisory MGA5-64-OK MGA5-32-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0262.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/650307/