Описание
Security update for polkit
This update for polkit fixes the following issues:
Security issue fixed:
- CVE-2018-19788: Fixed handling of UIDs over MAX_UINT (bsc#1118277)
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
libpolkit0-0.114-lp150.2.6.1
libpolkit0-32bit-0.114-lp150.2.6.1
polkit-0.114-lp150.2.6.1
polkit-devel-0.114-lp150.2.6.1
polkit-doc-0.114-lp150.2.6.1
typelib-1_0-Polkit-1_0-0.114-lp150.2.6.1
Ссылки
- E-Mail link for openSUSE-SU-2019:0010-1
- SUSE Security Ratings
- SUSE Bug 1118277
- SUSE CVE CVE-2018-19788 page
Описание
A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.
Затронутые продукты
openSUSE Leap 15.0:libpolkit0-0.114-lp150.2.6.1
openSUSE Leap 15.0:libpolkit0-32bit-0.114-lp150.2.6.1
openSUSE Leap 15.0:polkit-0.114-lp150.2.6.1
openSUSE Leap 15.0:polkit-devel-0.114-lp150.2.6.1
Ссылки
- CVE-2018-19788
- SUSE Bug 1118274
- SUSE Bug 1118277
- SUSE Bug 1119056
- SUSE Bug 1126909