Univention Bugzilla – Bug 48307
policykit-1: Multiple issues (4.3)
Last modified: 2018-12-12 13:45:43 CET
New Debian policykit-1 0.105-18+deb9u1 fixes: This update addresses the following issue: * Improper handling of user with uid > INT_MAX leading to authentication bypass (CVE-2018-19788)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/policykit-1_0.105-18.dsc +++ apt/ucs_4.3-0-errata4.3-3/source/policykit-1_0.105-18+deb9u1.dsc @@ -1,3 +1,7 @@ +0.105-18+deb9u1 [Thu, 06 Dec 2018 18:38:04 +0100] Moritz Mühlenhoff <jmm@debian.org>: + + * CVE-2018-19788 (Closes: #915332) + 0.105-18 [Wed, 24 May 2017 11:21:35 +0100] Iain Lane <laney@debian.org>: * Team upload. <http://10.200.17.11/4.3-3/#8735776779968716068>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-3] 77a08fc395 Bug #48307: policykit-1 0.105-18+deb9u1 doc/errata/staging/policykit-1.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<http://errata.software-univention.de/ucs/4.3/381.html>