[Pkg-utopia-maintainers] Bug#510646: system.d/...PolicyKit.conf needs alterations for new D-Bus
Simon McVittie
smcv at debian.org
Sun Jan 4 01:43:03 UTC 2009
Package: policykit
Version: 0.9-1
Severity: serious
Justification: blocker for #503532 (CVE-2008-4311)
Tags: patch
User: pkg-utopia-maintainers at lists.alioth.debian.org
Usertags: CVE-2008-4311
PolicyKit installs a D-Bus system policy file which doesn't allow
any methods to be called. Method calls used to be allowed by
a dbus-daemon bug, but with the dbus-daemon changes targeted for lenny,
they will be denied.
http://bugs.freedesktop.org/show_bug.cgi?id=18948 is the upstream bug
and https://bugs.freedesktop.org/attachment.cgi?id=20901 is a patch from
Tomas Hoger, reviewed and applied by David Zeuthen.
Regards from the Cambridge BSP,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20090104/ec2f074c/attachment.pgp
More information about the Pkg-utopia-maintainers
mailing list