Описание
ELSA-2014-1359: polkit-qt security update (IMPORTANT)
[0.103.0-10]
- Resolves: #1147368 (CVE-2014-5033)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
polkit-qt
0.103.0-10.el7_0
polkit-qt-devel
0.103.0-10.el7_0
polkit-qt-doc
0.103.0-10.el7_0
Oracle Linux x86_64
polkit-qt
0.103.0-10.el7_0
polkit-qt-devel
0.103.0-10.el7_0
polkit-qt-doc
0.103.0-10.el7_0
Связанные CVE
Связанные уязвимости
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-B ...
KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions."