Opened 3 years ago
Closed 3 years ago
#16151 closed enhancement (fixed)
add polkit security patch for CVE-2021-4115
| Reported by: | Xi Ruoyao | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | elevated | Milestone: | 11.2 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description ¶
There is a local DoS vulnerability in polkit. Patch:
Change History (5)
comment:1 by , 3 years ago
comment:2 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 3 years ago
The existing security patch has been rediffed and will be named 'polkit-0.120-security_fixes-1.patch' since it has multiple fixes in it now instead of just one fix.
comment:5 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
I'd mark this a
lowseverity vulnerability. The worst thing can be caused is a crash ofpolkitd. And when it's needed next time it will be activated by d-bus anyway (at least on systemd revision).