[Bug 261482] sysutils/polkit: add upstream patch for CVE-2021-4034 "pwnkit" vulnerability

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 25 Jan 2022 23:26:49 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261482

            Bug ID: 261482
           Summary: sysutils/polkit: add upstream patch for CVE-2021-4034
                    "pwnkit" vulnerability
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Keywords: patch, security
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: desktop@FreeBSD.org
          Reporter: greg@unrelenting.technology
             Flags: maintainer-feedback?(desktop@FreeBSD.org)
          Assignee: desktop@FreeBSD.org
 Attachment #231339 maintainer-approval?
             Flags:

Created attachment 231339
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=231339&action=edit
0001-sysutils-polkit-add-upstream-patch-for-CVE-2021-4034.patch

A vulnerability was just published along with the patch:
https://seclists.org/oss-sec/2022/q1/80
https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/104

Let's apply the patch ASAP.

-- 
You are receiving this mail because:
You are the assignee for the bug.