Displaying 20 results from an estimated 300 matches similar to: "CEBA-2017:0392 CentOS 7 polkit BugFix Update"
2017 Mar 18
0
[CentOS-announce] CEBA-2017:0392 CentOS 7 polkit BugFix Update
On Fri, 2017-03-03 at 13:26 +0000, Johnny Hughes wrote:
> CentOS Errata and Bugfix Advisory 2017:0392
>
> Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-0392.html
> 33395736c057583471a3e8d3554adb014d0d4cd167aa03bad5099c02faad1d38 polkit-0.112-11.el7_3.src.rpm
Note that this update fixes neither the memory leak in the options
parsing of the setuid binary pkexec, nor
2017 Feb 02
2
Serious attack vector on pkcheck ignored by Red Hat
Based on an article that was mentioned on this list
https://googleprojectzero.blogspot.nl/2014/08/the-poisoned-nul-byte-2014-edition.html
I found two attacker controlled memory leaks in the option parsing of
pkcheck.c. These memory leaks allow a local attacker the ability to
"spray the heap", i.e. initialize large parts of the heap before
launching his attack.
The original attack
2019 Mar 22
0
polkit package issue?
I'm seeing the following on trying a yum update on Centos 7:
polkit-0.112-18.el7_6.1.x86_64 FAILED
http://mirror.mhd.uk.as44574.net/mirror.centos.org/7.6.1810/updates/x86_64/Packages/polkit-0.112-18.el7_6.1.x86_64.rpm:
[Errno 14] HTTP Error 416 - Requested Range Not Satisfiable
Trying other mirror.
polkit-0.112-18.el7_6.1.x86_64 FAILED
2019 Apr 17
1
CESA-2019:0230 Important CentOS 7 polkit Security Update
CentOS Errata and Security Advisory 2019:0230 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2019:0230
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
491b63a51365bb112538c3cc527cc9a0f9cbb8599989268b2367a88b6923e39d polkit-0.112-18.el7_6.1.i686.rpm
2016 Feb 17
0
CESA-2016:0189 Moderate CentOS 7 polkit Security Update
CentOS Errata and Security Advisory 2016:0189 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0189.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
f613efc80ab4af3b2f94e5aea7581f93d923037533b7a943773aaa8072e54d34 polkit-0.112-6.el7_2.i686.rpm
2016 Jun 23
0
CEBA-2016:1259 CentOS 7 polkit BugFix Update
CentOS Errata and Bugfix Advisory 2016:1259
Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1259.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
bebc06035ecb04881226212e8e6c8092c8882379ccc12df49380099a08227abf polkit-0.112-7.el7_2.i686.rpm
2017 May 26
0
CEBA-2017:1306 CentOS 7 polkit BugFix Update
CentOS Errata and Bugfix Advisory 2017:1306
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1306.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
97689edf8e30934cb544325a400cc8a93cdbf92b7ef80d0d98d33c95d3c15390 polkit-0.112-12.el7_3.i686.rpm
2019 Mar 08
0
CESA-2019:0230 Important CentOS 7 polkit Security Update
CentOS Errata and Security Advisory 2019:0230 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2019:0230
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
0df2b8477aa99ea7221643459c947b956f387dc010c63b3f1c92ab01c01cab6a polkit-0.112-18.el7_6.1.i686.rpm
2019 Sep 18
0
CEBA-2019:2359 CentOS 7 polkit BugFix Update
CentOS Errata and Bugfix Advisory 2019:2359
Upstream details at : https://access.redhat.com/errata/RHBA-2019:2359
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
9290347fa63617fdb4a086a8386f4d8b3f8c2132b3a19023b2cd86c767d5b225 polkit-0.112-22.el7_7.1.i686.rpm
2017 Feb 02
3
Serious attack vector on pkcheck ignored by Red Hat
On Thu, 2017-02-02 at 07:16 -0800, Gordon Messmer wrote:
> On 02/02/2017 06:51 AM, Leonard den Ottolander wrote:
> > pkcheck might not be directly vulnerable. However, pkexec is.
>
>
> If that's so, why are you supplying patches to pkcheck rather than
> fixing pkexec?
The patch has a fix for three memory leaks. One memory leak that allows
heap spraying in pkexec.c that
2017 Feb 02
2
Serious attack vector on pkcheck ignored by Red Hat
On Thu, 2017-02-02 at 10:39 -0800, Gordon Messmer wrote:
> It took me a while to find the patch that you mentioned, which is
> probably why your bugs are being disregarded.
It is beyond my control where patches are listed in the Red Hat bugzilla
pages. I don't think the Red Hat employee involved should have a hard
time finding it in my report.
> Open a new bug report and focus on
2011 Mar 31
0
CESA-2011:0392 Important CentOS 4 i386 x86_64 libtiff - security update
CentOS Errata and Security Advisory CESA-2011:0392
libtiff security update for CentOS 4 i386 and x86_64:
https://rhn.redhat.com/errata/RHSA-2011-0392.html
The following updated files have been uploaded and are currently syncing
to the mirrors:
i386:
libtiff-3.6.1-18.el4.i386.rpm
libtiff-devel-3.6.1-18.el4.i386.rpm
x86_64:
libtiff-3.6.1-18.el4.i386.rpm
libtiff-3.6.1-18.el4.x86_64.rpm
2011 Apr 14
0
CESA-2011:0392 Important CentOS 5 i386 libtiff Update
CentOS Errata and Security Advisory 2011:0392 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-0392.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
i386:
5029c595c2c39123744006bdc54353c8 libtiff-3.8.2-7.el5_6.7.i386.rpm
0d9656f885f7af55bbc3ff007efbc31a libtiff-devel-3.8.2-7.el5_6.7.i386.rpm
Source:
2011 Apr 14
0
CESA-2011:0392 Important CentOS 5 x86_64 libtiff Update
CentOS Errata and Security Advisory 2011:0392 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-0392.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
x86_64:
9fa1647848307536012ecb13f062a8cf libtiff-3.8.2-7.el5_6.7.i386.rpm
36a6d1a88efa185caf2cba22135d3664 libtiff-3.8.2-7.el5_6.7.x86_64.rpm
2012 Mar 15
0
CEBA-2012:0392 CentOS 6 iok FASTTRACK Update
CentOS Errata and Bugfix Advisory 2012:0392
Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0392.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
f84d2ce2f11a78822368e7468d415ef872694d2f59786e1e093eb00691cc75c8 iok-1.3.13-2.el6.i686.rpm
x86_64:
2017 Mar 10
1
polkit helper timeout and defunct pkla-check-authorization processes on CentOS 7.3
Hi everyone,
We seem to be having issues on multiple CentOS 7.3 machines. The problem
seems to revolve around polkitd. At some random time, polkitd seems to stop
responding on my systems. Along with this, there might be hundreds of
defunct pkla-check-authorization processes. If I reboot, then things are
fine for a while.
I don't see any activity in the unabridged journal to suggest anything
2018 Jan 08
4
Response to Meltdown and Spectre
By now, we're sure most everyone have heard of the Meltdown and Spectre
attacks. If not, head over to https://meltdownattack.com/ and get an
overview. Additional technical details are available from Google
Project Zero.
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
The FreeBSD Security Team was notified of the issue in late December
and received a
2018 Jan 08
4
Response to Meltdown and Spectre
By now, we're sure most everyone have heard of the Meltdown and Spectre
attacks. If not, head over to https://meltdownattack.com/ and get an
overview. Additional technical details are available from Google
Project Zero.
https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
The FreeBSD Security Team was notified of the issue in late December
and received a
2020 Apr 08
0
PolKit rule and API matchaccess_drivers = [ "polkit" ]
Hi All,
I am trying to implement the following use case.
User sfrag is logged on the host via ssh.
Running 'virsh list --all' should trigger PolKit authentication and present ALL domains suffixed with -SF
I have used and adapted the example from: libvirt.org Git - libvirt.git/blob - examples/polkit/libvirt-acl.rules
|
|
|
| | |
|
|
|
| |
libvirt.org Git - libvirt.git/blob -
2011 Mar 31
0
CentOS-announce Digest, Vol 73, Issue 6
Send CentOS-announce mailing list submissions to
centos-announce at centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-request at centos.org
You can reach the person managing the list at
centos-announce-owner at centos.org
When