Package name
polkit
Date
2011-05-16
Advisory ID
MDVSA-2011:086
Affected versions
2010.1 i586 , 2010.1 x86_64

Problem description

A vulnerability has been found and corrected in polkit:

A race condition flaw was found in the PolicyKit pkexec utility
and polkitd daemon. A local user could use this flaw to appear as a
privileged user to pkexec, allowing them to execute arbitrary commands
as root by running those commands with pkexec (CVE-2011-1485).

The updated packages have been patched to correct this issue.

Updated packages

2010.1 i586

 6052bdd9c2612edbe64a16ba5e5099cb  2010.1/i586/libpolkit1_0-0.96-2.1mdv2010.2.i586.rpm
 7a034bdcf757bc1e5883d798a4f28d1c  2010.1/i586/libpolkit1-devel-0.96-2.1mdv2010.2.i586.rpm
 6fb9bd449e65d293bc69c03740db8d5f  2010.1/i586/polkit-0.96-2.1mdv2010.2.i586.rpm 
 be925eb746fce0c406c623e345929d29  2010.1/SRPMS/polkit-0.96-2.1mdv2010.2.src.rpm

2010.1 x86_64

 3ba97482125ab02a75eb6fc860f9f224  2010.1/x86_64/lib64polkit1_0-0.96-2.1mdv2010.2.x86_64.rpm
 ceb8d48886baf234922d00a024db96ce  2010.1/x86_64/lib64polkit1-devel-0.96-2.1mdv2010.2.x86_64.rpm
 9b0c45b8933dd25379f784876ffbb1d5  2010.1/x86_64/polkit-0.96-2.1mdv2010.2.x86_64.rpm 
 be925eb746fce0c406c623e345929d29  2010.1/SRPMS/polkit-0.96-2.1mdv2010.2.src.rpm

References