summaryrefslogtreecommitdiff
path: root/gnu/packages/patches
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r--gnu/packages/patches/polkit-CVE-2021-3560.patch21
1 files changed, 0 insertions, 21 deletions
diff --git a/gnu/packages/patches/polkit-CVE-2021-3560.patch b/gnu/packages/patches/polkit-CVE-2021-3560.patch
deleted file mode 100644
index 9aa0373fda..0000000000
--- a/gnu/packages/patches/polkit-CVE-2021-3560.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-This patch fixes CVE-2021-3560, "local privilege escalation using
-polkit_system_bus_name_get_creds_sync()":
-
- https://www.openwall.com/lists/oss-security/2021/06/03/1
-
-Patch from <https://gitlab.freedesktop.org/polkit/polkit/-/commit/a04d13a>.
-
-diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
-index 8daa12cb9093c1d765c7b83654a2b8d0d382378e..8ed13631508dd96624898df90ee2ece4dcf3e1e5 100644
---- a/src/polkit/polkitsystembusname.c
-+++ b/src/polkit/polkitsystembusname.c
-@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus
- while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
- g_main_context_iteration (tmp_context, TRUE);
-
-+ if (data.caught_error)
-+ goto out;
-+
- if (out_uid)
- *out_uid = data.uid;
- if (out_pid)
generated by cgit v1.2.3 (git 2.46.2) at 2024-11-01 00:45:14 +0000