Download
| Alert*
oval:org.secpod.oval:def:503596
The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: * polkit: Improper authorization in polkit_backend_interactive_authority_check_authoriza ... oval:org.secpod.oval:def:704161 policykit-1: framework for managing administrative policies and privileges Several security issues were fixed in PolicyKit. oval:org.secpod.oval:def:52935 policykit-1: framework for managing administrative policies and privileges Several security issues were fixed in PolicyKit. oval:org.secpod.oval:def:89002539 This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-1116: Fix uid comparison lacking in polkit_backend_interactive_authority_check_authorization . oval:org.secpod.oval:def:1802004 A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informa ... oval:org.secpod.oval:def:2104543 Race condition in PolicyKit (aka polkit) allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to (1) the polkit_unix_process_new API function, (2) the dbus API, or (3) the --proces ... oval:org.secpod.oval:def:51015 policykit-1: framework for managing administrative policies and privileges Several security issues were fixed in PolicyKit. oval:org.secpod.oval:def:1504364 [0.112-26.0.1] - Increase timeout to avoid defunct processes [Orabug: 26930744] [0.112-26] - Refined upstream fix of CVE-2018-1116 to avoid ABI changes - Related: rhbz#1601411 [0.112-25] - fix of CVE-2018-1116 - Resolves: rhbz#1601411 [0.112-24] - pkttyagent: resetting terminal erases rest of input ... oval:org.secpod.oval:def:205491 The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones. Security Fix: * polkit: Improper authorization in polkit_backend_interactive_authority_check_authoriza ... oval:org.secpod.oval:def:114864 polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. oval:org.secpod.oval:def:114787 polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. oval:org.secpod.oval:def:46457 policykit-1: framework for managing administrative policies and privileges Several security issues were fixed in PolicyKit. oval:org.secpod.oval:def:2001571 A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informa ... oval:org.secpod.oval:def:89049592 This update for polkit fixes the following issues: Security issue fixed: - CVE-2018-1116: Fix uid comparison lacking in polkit_backend_interactive_authority_check_authorization . oval:org.secpod.oval:def:1700344 A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informa ... |