Paketname
policykit
Datum
2008-04-16
Advisory ID
MDVSA-2008:087
Betroffene Versionen
2008.1 x86_64 , 2008.1 i586

Problembeschreibung

A format string vulnerability in the grant helper, in PolicyKit 0.7
and earlier, allows attackers to cause a denial of service (crash)
and possibly execute arbitrary code via format strings in a password.

The updated package has been patched to correct this issue.

Aktualisierte Pakete

2008.1 x86_64

 79e9c91841bf90f09fd7184050164bfe  2008.1/x86_64/lib64polkit2-0.7-5.1mdv2008.1.x86_64.rpm
 3bb998cc6595c0f70c47cb22f411962b  2008.1/x86_64/lib64polkit-devel-0.7-5.1mdv2008.1.x86_64.rpm
 16ede4d785e987f5e65361570d80bcdc  2008.1/x86_64/policykit-0.7-5.1mdv2008.1.x86_64.rpm
 c114e50ab7f564a281ddd1096dbde53c  2008.1/x86_64/policykit-docs-0.7-5.1mdv2008.1.x86_64.rpm 
 e19c68b55d06d4ad8a00a9c82e38e3fa  2008.1/SRPMS/policykit-0.7-5.1mdv2008.1.src.rpm

2008.1 i586

 aa8e182bb5e5d8fe952cfab4c62bf055  2008.1/i586/libpolkit2-0.7-5.1mdv2008.1.i586.rpm
 2c2de3341fd2e7b0181215c49b373953  2008.1/i586/libpolkit-devel-0.7-5.1mdv2008.1.i586.rpm
 54bc0d67f70ada707da9ac5d35ac6f8a  2008.1/i586/policykit-0.7-5.1mdv2008.1.i586.rpm
 864e3c1f5c99ad74a284fe3f35964515  2008.1/i586/policykit-docs-0.7-5.1mdv2008.1.i586.rpm 
 e19c68b55d06d4ad8a00a9c82e38e3fa  2008.1/SRPMS/policykit-0.7-5.1mdv2008.1.src.rpm

Referenzen