Update to 0.115 (CVE-2018-1116)
This commit is contained in:
Miloslav Trmač
parent
2464bcc6b9
commit
d63936ccb6
|
|
@ -26,3 +26,5 @@ polkit-0.98.tar.gz
|
|||
/polkit-0.113.tar.gz.sign
|
||||
/polkit-0.114.tar.gz
|
||||
/polkit-0.114.tar.gz.sign
|
||||
/polkit-0.115.tar.gz
|
||||
/polkit-0.115.tar.gz.sign
|
||||
|
|
|
|||
|
|
@ -1,87 +0,0 @@
|
|||
From 373705b35e7f6c7dc83de5e0a3ce11ecd15d0409 Mon Sep 17 00:00:00 2001
|
||||
From: Ray Strode <rstrode@redhat.com>
|
||||
Date: Tue, 3 Apr 2018 15:26:37 -0400
|
||||
Subject: [PATCH] jsauthority: pass "%s" format string to remaining report
|
||||
function
|
||||
|
||||
commit 00adeee1b62 attempted to add a "%s" format string to the
|
||||
two JS_Report invocations that needed it, but somehow only got
|
||||
one them.
|
||||
|
||||
This commit gets the other one.
|
||||
|
||||
https://bugzilla.gnome.org/show_bug.cgi?id=105865
|
||||
---
|
||||
src/polkitbackend/polkitbackendjsauthority.cpp | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
|
||||
index 9746c47..517f3c6 100644
|
||||
--- a/src/polkitbackend/polkitbackendjsauthority.cpp
|
||||
+++ b/src/polkitbackend/polkitbackendjsauthority.cpp
|
||||
@@ -1265,61 +1265,61 @@ polkit_backend_js_authority_check_authorization_sync (PolkitBackendInteractiveAu
|
||||
}
|
||||
|
||||
good = TRUE;
|
||||
|
||||
out:
|
||||
if (!good)
|
||||
ret = POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED;
|
||||
g_free (ret_str);
|
||||
|
||||
JS_MaybeGC (authority->priv->cx);
|
||||
|
||||
JS_EndRequest (authority->priv->cx);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* ---------------------------------------------------------------------------------------------------- */
|
||||
|
||||
static bool
|
||||
js_polkit_log (JSContext *cx,
|
||||
unsigned argc,
|
||||
JS::Value *vp)
|
||||
{
|
||||
/* PolkitBackendJsAuthority *authority = POLKIT_BACKEND_JS_AUTHORITY (JS_GetContextPrivate (cx)); */
|
||||
bool ret = false;
|
||||
char *s;
|
||||
|
||||
JS::CallArgs args = JS::CallArgsFromVp (argc, vp);
|
||||
|
||||
s = JS_EncodeString (cx, args[0].toString ());
|
||||
- JS_ReportWarningUTF8 (cx, s);
|
||||
+ JS_ReportWarningUTF8 (cx, "%s", s);
|
||||
JS_free (cx, s);
|
||||
|
||||
ret = true;
|
||||
|
||||
args.rval ().setUndefined (); /* return undefined */
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
/* ---------------------------------------------------------------------------------------------------- */
|
||||
|
||||
static const gchar *
|
||||
get_signal_name (gint signal_number)
|
||||
{
|
||||
switch (signal_number)
|
||||
{
|
||||
#define _HANDLE_SIG(sig) case sig: return #sig;
|
||||
_HANDLE_SIG (SIGHUP);
|
||||
_HANDLE_SIG (SIGINT);
|
||||
_HANDLE_SIG (SIGQUIT);
|
||||
_HANDLE_SIG (SIGILL);
|
||||
_HANDLE_SIG (SIGABRT);
|
||||
_HANDLE_SIG (SIGFPE);
|
||||
_HANDLE_SIG (SIGKILL);
|
||||
_HANDLE_SIG (SIGSEGV);
|
||||
_HANDLE_SIG (SIGPIPE);
|
||||
_HANDLE_SIG (SIGALRM);
|
||||
_HANDLE_SIG (SIGTERM);
|
||||
_HANDLE_SIG (SIGUSR1);
|
||||
_HANDLE_SIG (SIGUSR2);
|
||||
--
|
||||
2.16.2
|
||||
|
||||
|
|
@ -1,18 +1,18 @@
|
|||
# Only enable if using patches that touches configure.ac,
|
||||
# Makefile.am or other build system related files
|
||||
#
|
||||
%define enable_autoreconf 1
|
||||
#define enable_autoreconf 1
|
||||
|
||||
Summary: An authorization framework
|
||||
Name: polkit
|
||||
Version: 0.114
|
||||
Version: 0.115
|
||||
Release: 1%{?dist}
|
||||
License: LGPLv2+
|
||||
URL: http://www.freedesktop.org/wiki/Software/polkit
|
||||
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
||||
Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign
|
||||
Patch0: 0001-jsauthority-pass-s-format-string-to-remaining-report.patch
|
||||
Group: System Environment/Libraries
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: glib2-devel >= 2.30.0
|
||||
BuildRequires: expat-devel
|
||||
BuildRequires: pam-devel
|
||||
|
|
@ -175,6 +175,9 @@ exit 0
|
|||
%{_libdir}/girepository-1.0/*.typelib
|
||||
|
||||
%changelog
|
||||
* Tue Jul 10 2018 Miloslav Trmač <mitr@redhat.com> - 0.115-1
|
||||
- Update to 0.115 (CVE-2018-1116)
|
||||
|
||||
* Tue Apr 03 2018 Ray Strode <rstrode@redhat.com> - 0.114-1
|
||||
- Update to 0.114
|
||||
|
||||
|
|
|
|||
4
sources
4
sources
|
|
@ -1,2 +1,2 @@
|
|||
SHA512 (polkit-0.114.tar.gz) = 49cdf9dd3663714b1c6569ad8740cb413d9c5bd5c11e4bdbba3ce82b744f36638b652547edff9203caab9287834bc68a1d6a4895ec7a188fa1524dc1e9c9b4ea
|
||||
SHA512 (polkit-0.114.tar.gz.sign) = 4ffe0dbe7971f61e949df77dd23d71ab83bf916c39e3ce79dd0fe5e50c59442e79286c7467cbf4f6955ecf9ee5d9734326799c91725a502ab8ce8bbc07fa472e
|
||||
SHA512 (polkit-0.115.tar.gz) = 1153011fa93145b2c184e6b3446d3ca21b38918641aeccd8fac3985ac3e30ec6bc75be6973985fde90f2a24236592f1595be259155061c2d33358dd17c4ee4fc
|
||||
SHA512 (polkit-0.115.tar.gz.sign) = 4bca532119c7da3939dd63f031e2059c14392bd142b4de3733f76d7589a917471735e8ac157946a7f2f051c6748e70291f8484f9aa481b7feb326d3484d715cd
|
||||
|
|
|
|||
Loading…
Reference in New Issue