[SCM] KDE Development Platform Libraries module packaging branch, master, updated. debian/4.13.3-1-12-g49ab15a
Maximiliano Curia
maxy at moszumanska.debian.org
Wed Aug 20 12:40:22 UTC 2014
Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-sc/kde4libs.git;a=commitdiff;h=fb95bcc
The following commit has been merged in the master branch:
commit fb95bcc68d4e3d00a69409ce3ac564e2f0b8e597
Author: Maximiliano Curia <maxy at debian.org>
Date: Fri Jul 25 10:25:23 2014 +0200
New upstream patch: upstream_use-dbus-system-bus-name-instead-of-pid.patch (Closes: #755814) Fixes: CVE-2014-5033
---
debian/changelog | 2 +
debian/patches/series | 1 +
...m_use-dbus-system-bus-name-instead-of-pid.patch | 48 ++++++++++++++++++++++
3 files changed, 51 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 3d1638f..2837b1d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
kde4libs (4:4.13.3-2) UNRELEASED; urgency=medium
* Update symbols with the buildds logs.
+ * New upstream patch: upstream_use-dbus-system-bus-name-instead-of-
+ pid.patch (Closes: #755814) Fixes: CVE-2014-5033
-- Maximiliano Curia <maxy at debian.org> Thu, 24 Jul 2014 11:24:34 +0200
diff --git a/debian/patches/series b/debian/patches/series
index a02f337..194dae9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -29,3 +29,4 @@ disable_bogus_test.diff
disable_bogus_tests
upstream-make_include_style_be_the_same_for_QtCore.patch
fix_solidlex_destroy_signature.patch
+upstream_use-dbus-system-bus-name-instead-of-pid.patch
diff --git a/debian/patches/upstream_use-dbus-system-bus-name-instead-of-pid.patch b/debian/patches/upstream_use-dbus-system-bus-name-instead-of-pid.patch
new file mode 100644
index 0000000..b75033d
--- /dev/null
+++ b/debian/patches/upstream_use-dbus-system-bus-name-instead-of-pid.patch
@@ -0,0 +1,48 @@
+commit c36bf4f314e6ee1203898697abe294ed0c8dcb32
+Author: Martin T. H. Sandsmark <martin.sandsmark at kde.org>
+Date: Mon Jul 21 22:52:40 2014 +0200
+
+ Use dbus system bus name instead of PID for authentication.
+
+ Using the PID for authentication is prone to a PID reuse
+ race condition, and a security issue.
+
+ REVIEW: 119323
+
+diff --git a/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp b/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+index cd7f6f3..732d2cb 100644
+--- a/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
++++ b/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+@@ -144,7 +144,7 @@ void Polkit1Backend::setupAction(const QString &action)
+
+ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+ {
+- PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
+ PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
+ PolkitQt1::Authority::None);
+ switch (r) {
+@@ -160,21 +160,12 @@ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+
+ QByteArray Polkit1Backend::callerID() const
+ {
+- QByteArray a;
+- QDataStream s(&a, QIODevice::WriteOnly);
+- s << QCoreApplication::applicationPid();
+-
+- return a;
++ return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+- QDataStream s(&callerID, QIODevice::ReadOnly);
+- qint64 pid;
+-
+- s >> pid;
+-
+- PolkitQt1::UnixProcessSubject subject(pid);
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+ PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
+
+ PolkitResultEventLoop e;
--
KDE Development Platform Libraries module packaging
More information about the pkg-kde-commits
mailing list