[Pkg-utopia-maintainers] policykit-1 CVE-2018-19788 in jessie

Santiago Ruano Rincón santiagorr at riseup.net
Wed Dec 19 19:30:52 GMT 2018


Dear Maintainers,

(It seems my first attempt to send this mail failed. Sorry if you
received it twice)

As opposed to stretch, I have been unable to reproduce CVE-2018-19788 in
jessie. i.e. systemctl correctly doesn't allow me to stop services, and
pkexec blocks me from executing applications that need privileges. 

Do you think is it safe to consider jessie as not-affected? Or is it
still worth to apply the patch?

Cheers,

S
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20181219/76b46853/attachment.sig>


More information about the Pkg-utopia-maintainers mailing list