From adb7ba49b7f9222d2e84be63a54adf1cced87901 Mon Sep 17 00:00:00 2001
From: Than Ngo <than@redhat.com>
Date: Tue, 23 Sep 2014 11:26:02 +0200
Subject: [PATCH] security fix CVE-2014-5033

---
 kdelibs-4.11.5-CVE-2014-5033.patch | 36 ++++++++++++++++++++++++++++++
 kdelibs.spec                       |  7 +++++-
 2 files changed, 42 insertions(+), 1 deletion(-)
 create mode 100644 kdelibs-4.11.5-CVE-2014-5033.patch

diff --git a/kdelibs-4.11.5-CVE-2014-5033.patch b/kdelibs-4.11.5-CVE-2014-5033.patch
new file mode 100644
index 0000000..5774098
--- /dev/null
+++ b/kdelibs-4.11.5-CVE-2014-5033.patch
@@ -0,0 +1,36 @@
+diff -up kdelibs-4.11.5/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp.than kdelibs-4.11.5/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+--- kdelibs-4.11.5/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp.than	2014-09-23 11:19:47.000000000 +0200
++++ kdelibs-4.11.5/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp	2014-09-23 11:22:50.000000000 +0200
+@@ -144,7 +144,7 @@ void Polkit1Backend::setupAction(const Q
+ 
+ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+ {
+-    PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
++    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
+     PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
+                                                                                               PolkitQt1::Authority::None);
+     switch (r) {
+@@ -160,21 +160,12 @@ Action::AuthStatus Polkit1Backend::actio
+ 
+ QByteArray Polkit1Backend::callerID() const
+ {
+-    QByteArray a;
+-    QDataStream s(&a, QIODevice::WriteOnly);
+-    s << QCoreApplication::applicationPid();
+-
+-    return a;
++    return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+ 
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+-    QDataStream s(&callerID, QIODevice::ReadOnly);
+-    qint64 pid;
+-
+-    s >> pid;
+-
+-    PolkitQt1::UnixProcessSubject subject(pid);
++    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+     PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
+ 
+     PolkitResultEventLoop e;
diff --git a/kdelibs.spec b/kdelibs.spec
index 875e0d8..887c0be 100644
--- a/kdelibs.spec
+++ b/kdelibs.spec
@@ -39,7 +39,7 @@
 
 Summary: KDE Libraries
 Version: 4.11.5
-Release: 4%{?dist}
+Release: 5%{?dist}
 
 Name: kdelibs
 Epoch: 6
@@ -171,6 +171,7 @@ Patch093: turn-the-packagekit-support-feature-off-by-default.patch
 
 ## security fix
 Patch158: 0008-Don-t-require-a-job-to-handle-messageboxes.patch
+Patch159: kdelibs-4.11.5-CVE-2014-5033.patch
 
 # rhel patches
 
@@ -374,6 +375,7 @@ sed -i -e "s|@@VERSION_RELEASE@@|%{version}-%{release}|" kio/kio/kprotocolmanage
 
 # security fixes
 %patch158 -p1 -b .0008
+%patch159 -p1 -b .CVE-2014-5033
 
 # rhel patches
 %if ! 0%{?webkit}
@@ -630,6 +632,9 @@ gtk-update-icon-cache %{_kde4_iconsdir}/hicolor &> /dev/null || :
 
 
 %changelog
+* Tue Sep 23 2014 Than Ngo <than@redhat.com> - 6:4.11.5-5
+- security fix CVE-2014-5033
+
 * Thu Jun 19 2014 Rex Dieter <rdieter@fedoraproject.org> - 6:4.11.5-4
 - Provides: kdelibs4-webkit ...