diff options
Diffstat (limited to 'sys-auth/polkit/files')
4 files changed, 0 insertions, 207 deletions
diff --git a/sys-auth/polkit/files/polkit-0.115-elogind.patch b/sys-auth/polkit/files/polkit-0.115-elogind.patch deleted file mode 100644 index 93d672015db4..000000000000 --- a/sys-auth/polkit/files/polkit-0.115-elogind.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 08bb656496cd3d6213bbe9473f63f2d4a110da6e Mon Sep 17 00:00:00 2001 -From: Rasmus Thomsen <cogitri@exherbo.org> -Date: Wed, 11 Apr 2018 13:14:14 +0200 -Subject: [PATCH] configure: fix elogind support - -HAVE_LIBSYSTEMD is used to determine which source files to use. -We have to check if either have_libsystemd or have_libelogind is -true, as both of these need the source files which are used when -HAVE_LIBSYSTEMD is true. ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 36df239..da47ecb 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -221,7 +221,7 @@ AS_IF([test "x$cross_compiling" != "xyes" ], [ - - AC_SUBST(LIBSYSTEMD_CFLAGS) - AC_SUBST(LIBSYSTEMD_LIBS) --AM_CONDITIONAL(HAVE_LIBSYSTEMD, [test "$have_libsystemd" = "yes"], [Using libsystemd]) -+AM_CONDITIONAL(HAVE_LIBSYSTEMD, [test "$have_libsystemd" = "yes" || test "$have_libelogind" = "yes" ], [Using libsystemd]) - - dnl --------------------------------------------------------------------------- - dnl - systemd unit / service files --- -2.17.0 diff --git a/sys-auth/polkit/files/polkit-0.117-CVE-2021-3560.patch b/sys-auth/polkit/files/polkit-0.117-CVE-2021-3560.patch deleted file mode 100644 index 9c3ce20cf574..000000000000 --- a/sys-auth/polkit/files/polkit-0.117-CVE-2021-3560.patch +++ /dev/null @@ -1,29 +0,0 @@ -https://bugs.gentoo.org/794052 - -From a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 Mon Sep 17 00:00:00 2001 -From: Jan Rybar <jrybar@redhat.com> -Date: Wed, 2 Jun 2021 15:43:38 +0200 -Subject: [PATCH] GHSL-2021-074: authentication bypass vulnerability in polkit - -initial values returned if error caught ---- - src/polkit/polkitsystembusname.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c -index 8daa12c..8ed1363 100644 ---- a/src/polkit/polkitsystembusname.c -+++ b/src/polkit/polkitsystembusname.c -@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus - while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error)) - g_main_context_iteration (tmp_context, TRUE); - -+ if (data.caught_error) -+ goto out; -+ - if (out_uid) - *out_uid = data.uid; - if (out_pid) --- -GitLab - diff --git a/sys-auth/polkit/files/polkit-0.120-CVE-2021-4034.patch b/sys-auth/polkit/files/polkit-0.120-CVE-2021-4034.patch deleted file mode 100644 index 22bb71d14204..000000000000 --- a/sys-auth/polkit/files/polkit-0.120-CVE-2021-4034.patch +++ /dev/null @@ -1,72 +0,0 @@ -https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt -https://bugs.gentoo.org/832057 -https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch - -From a2bf5c9c83b6ae46cbd5c779d3055bff81ded683 Mon Sep 17 00:00:00 2001 -From: Jan Rybar <jrybar@redhat.com> -Date: Tue, 25 Jan 2022 17:21:46 +0000 -Subject: [PATCH] pkexec: local privilege escalation (CVE-2021-4034) - ---- a/src/programs/pkcheck.c -+++ b/src/programs/pkcheck.c -@@ -363,6 +363,11 @@ main (int argc, char *argv[]) - local_agent_handle = NULL; - ret = 126; - -+ if (argc < 1) -+ { -+ exit(126); -+ } -+ - /* Disable remote file access from GIO. */ - setenv ("GIO_USE_VFS", "local", 1); - ---- a/src/programs/pkexec.c -+++ b/src/programs/pkexec.c -@@ -488,6 +488,15 @@ main (int argc, char *argv[]) - pid_t pid_of_caller; - gpointer local_agent_handle; - -+ -+ /* -+ * If 'pkexec' is called THIS wrong, someone's probably evil-doing. Don't be nice, just bail out. -+ */ -+ if (argc<1) -+ { -+ exit(127); -+ } -+ - ret = 127; - authority = NULL; - subject = NULL; -@@ -614,10 +623,10 @@ main (int argc, char *argv[]) - - path = g_strdup (pwstruct.pw_shell); - if (!path) -- { -+ { - g_printerr ("No shell configured or error retrieving pw_shell\n"); - goto out; -- } -+ } - /* If you change this, be sure to change the if (!command_line) - case below too */ - command_line = g_strdup (path); -@@ -636,7 +645,15 @@ main (int argc, char *argv[]) - goto out; - } - g_free (path); -- argv[n] = path = s; -+ path = s; -+ -+ /* argc<2 and pkexec runs just shell, argv is guaranteed to be null-terminated. -+ * /-less shell shouldn't happen, but let's be defensive and don't write to null-termination -+ */ -+ if (argv[n] != NULL) -+ { -+ argv[n] = path; -+ } - } - if (access (path, F_OK) != 0) - { -GitLab diff --git a/sys-auth/polkit/files/polkit-0.120-CVE-2021-4115.patch b/sys-auth/polkit/files/polkit-0.120-CVE-2021-4115.patch deleted file mode 100644 index a82ce25cae03..000000000000 --- a/sys-auth/polkit/files/polkit-0.120-CVE-2021-4115.patch +++ /dev/null @@ -1,78 +0,0 @@ -https://gitlab.freedesktop.org/polkit/polkit/-/commit/41cb093f554da8772362654a128a84dd8a5542a7 -https://gitlab.freedesktop.org/polkit/polkit/-/issues/141 -https://bugs.gentoo.org/833574 - -From: Jan Rybar <jrybar@redhat.com> -Date: Mon, 21 Feb 2022 08:29:05 +0000 -Subject: [PATCH] CVE-2021-4115 (GHSL-2021-077) fix - ---- a/src/polkit/polkitsystembusname.c -+++ b/src/polkit/polkitsystembusname.c -@@ -62,6 +62,10 @@ enum - PROP_NAME, - }; - -+ -+guint8 dbus_call_respond_fails; // has to be global because of callback -+ -+ - static void subject_iface_init (PolkitSubjectIface *subject_iface); - - G_DEFINE_TYPE_WITH_CODE (PolkitSystemBusName, polkit_system_bus_name, G_TYPE_OBJECT, -@@ -364,6 +368,7 @@ on_retrieved_unix_uid_pid (GObject *src, - if (!v) - { - data->caught_error = TRUE; -+ dbus_call_respond_fails += 1; - } - else - { -@@ -405,6 +410,8 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus - tmp_context = g_main_context_new (); - g_main_context_push_thread_default (tmp_context); - -+ dbus_call_respond_fails = 0; -+ - /* Do two async calls as it's basically as fast as one sync call. - */ - g_dbus_connection_call (connection, -@@ -432,11 +439,34 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus - on_retrieved_unix_uid_pid, - &data); - -- while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error)) -- g_main_context_iteration (tmp_context, TRUE); -+ while (TRUE) -+ { -+ /* If one dbus call returns error, we must wait until the other call -+ * calls _call_finish(), otherwise fd leak is possible. -+ * Resolves: GHSL-2021-077 -+ */ - -- if (data.caught_error) -- goto out; -+ if ( (dbus_call_respond_fails > 1) ) -+ { -+ // we got two faults, we can leave -+ goto out; -+ } -+ -+ if ((data.caught_error && (data.retrieved_pid || data.retrieved_uid))) -+ { -+ // we got one fault and the other call finally finished, we can leave -+ goto out; -+ } -+ -+ if ( !(data.retrieved_uid && data.retrieved_pid) ) -+ { -+ g_main_context_iteration (tmp_context, TRUE); -+ } -+ else -+ { -+ break; -+ } -+ } - - if (out_uid) - *out_uid = data.uid; -GitLab |