Opened 6 years ago
Closed 6 years ago
#11438 closed enhancement (fixed)
polkit-0.115
Reported by: | DJ Lucas | Owned by: | DJ Lucas |
---|---|---|---|
Priority: | high | Milestone: | 8.4 |
Component: | BOOK | Version: | SVN |
Severity: | normal | Keywords: | |
Cc: |
Description
Version bump and security patch... Fixes CVE-2018-1116, a local information disclosure and denial of service caused by trusting client-submitted UIDs when referencing processes. Thanks to Matthias Gerstner of the SUSE security team for reporting this issue.
Change History (3)
comment:1 by , 6 years ago
Owner: | changed from | to
---|---|
Status: | new → assigned |
comment:2 by , 6 years ago
Note:
See TracTickets
for help on using tickets.
https://access.redhat.com/security/cve/cve-2018-19788
I've genned a patch to fix this problem.