diff options
| author | Ludovic Courtès <ludo@gnu.org> | 2021-06-08 10:43:10 +0200 |
|---|---|---|
| committer | Ludovic Courtès <ludo@gnu.org> | 2021-06-08 23:28:04 +0200 |
| commit | 9178566954cc7f34d2d991d31df4565adad93508 (patch) | |
| tree | a800e51bb930502ac39437ae795882cfcae3e98b /gnu/packages | |
| parent | 7ccf416dd00b9842d7f9801ae8d2438e92a4cdfe (diff) | |
| download | guix-patches-9178566954cc7f34d2d991d31df4565adad93508.tar guix-patches-9178566954cc7f34d2d991d31df4565adad93508.tar.gz | |
gnu: polkit: Add replacement for CVE-2021-3560.
* gnu/packages/patches/polkit-CVE-2021-3560.patch: New file.
* gnu/local.mk (dist_patch_DATA): Add it.
* gnu/packages/polkit.scm (polkit/fixed): New variable.
(polkit)[replacement]: New field.
Diffstat (limited to 'gnu/packages')
| -rw-r--r-- | gnu/packages/patches/polkit-CVE-2021-3560.patch | 21 | ||||
| -rw-r--r-- | gnu/packages/polkit.scm | 8 |
2 files changed, 29 insertions, 0 deletions
diff --git a/gnu/packages/patches/polkit-CVE-2021-3560.patch b/gnu/packages/patches/polkit-CVE-2021-3560.patch new file mode 100644 index 0000000000..9aa0373fda --- /dev/null +++ b/gnu/packages/patches/polkit-CVE-2021-3560.patch @@ -0,0 +1,21 @@ +This patch fixes CVE-2021-3560, "local privilege escalation using +polkit_system_bus_name_get_creds_sync()": + + https://www.openwall.com/lists/oss-security/2021/06/03/1 + +Patch from <https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13a>. + +diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c +index 8daa12cb9093c1d765c7b83654a2b8d0d382378e..8ed13631508dd96624898df90ee2ece4dcf3e1e5 100644 +--- a/src/polkit/polkitsystembusname.c ++++ b/src/polkit/polkitsystembusname.c +@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus + while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error)) + g_main_context_iteration (tmp_context, TRUE); + ++ if (data.caught_error) ++ goto out; ++ + if (out_uid) + *out_uid = data.uid; + if (out_pid) diff --git a/gnu/packages/polkit.scm b/gnu/packages/polkit.scm index d868aceec2..40aa523b23 100644 --- a/gnu/packages/polkit.scm +++ b/gnu/packages/polkit.scm @@ -44,6 +44,7 @@ (package (name "polkit") (version "0.116") + (replacement polkit/fixed) (source (origin (method url-fetch) (uri (string-append @@ -135,6 +136,13 @@ making process with respect to granting access to privileged operations for unprivileged applications.") (license lgpl2.0+))) +(define polkit/fixed + (package + (inherit polkit) + (source (origin + (inherit (package-source polkit)) + (patches (search-patches "polkit-CVE-2021-3560.patch")))))) + (define-public polkit-qt (package (name "polkit-qt") |