[arch-commits] Commit in kauth/trunk (PKGBUILD kauth-cve-2014-5033.patch)

Wed Jul 30 20:15:36 UTC 2014

Date: Wednesday, July 30, 2014 @ 22:15:36
  Author: svenstaro
Revision: 218411

upgpkg: kauth 5.0.0-2

Fix CVE-2014-5033

Added:
  kauth/trunk/kauth-cve-2014-5033.patch
Modified:
  kauth/trunk/PKGBUILD

---------------------------+
 PKGBUILD                  |   12 +++++++++---
 kauth-cve-2014-5033.patch |   36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 45 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================

--- PKGBUILD	2014-07-30 20:11:12 UTC (rev 218410)
+++ PKGBUILD	2014-07-30 20:15:36 UTC (rev 218411)
@@ -3,7 +3,7 @@
 
 pkgname=kauth
 pkgver=5.0.0
-pkgrel=1
+pkgrel=2
 pkgdesc='KAuth'
 arch=('i686' 'x86_64')
 url='https://projects.kde.org/projects/frameworks/kauth'
@@ -11,11 +11,17 @@
 depends=('kcoreaddons' 'polkit-qt5')
 makedepends=('extra-cmake-modules' 'qt5-tools')
 groups=('kf5')
-source=("http://download.kde.org/stable/frameworks/${pkgver}/${pkgname}-${pkgver}.tar.xz")
-md5sums=('eeb5e576c9d0d098cfb9def812f04089')
+source=("http://download.kde.org/stable/frameworks/${pkgver}/${pkgname}-${pkgver}.tar.xz"
+        "${pkgname}-cve-2014-5033.patch")
+md5sums=('eeb5e576c9d0d098cfb9def812f04089'
+         'c24d35b0e96f98f1cfaff8e69e5fe8f6')
 
 prepare() {
   mkdir -p build
+
+  cd ${pkgname}-${pkgver}
+
+  patch -p1 -i "${srcdir}/kauth-cve-2014-5033.patch"
 }
 
 build() {

Added: kauth-cve-2014-5033.patch
===================================================================
--- kauth-cve-2014-5033.patch	                        (rev 0)
+++ kauth-cve-2014-5033.patch	2014-07-30 20:15:36 UTC (rev 218411)
@@ -0,0 +1,36 @@
+--- a/src/backends/polkit-1/Polkit1Backend.cpp
++++ b/src/backends/polkit-1/Polkit1Backend.cpp
+@@ -142,7 +142,7 @@
+ 
+ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+ {
+-    PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
++    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
+     PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
+                                      PolkitQt1::Authority::None);
+     switch (r) {
+@@ -158,21 +158,12 @@
+ 
+ QByteArray Polkit1Backend::callerID() const
+ {
+-    QByteArray a;
+-    QDataStream s(&a, QIODevice::WriteOnly);
+-    s << QCoreApplication::applicationPid();
+-
+-    return a;
++        return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+ 
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+-    QDataStream s(&callerID, QIODevice::ReadOnly);
+-    qint64 pid;
+-
+-    s >> pid;
+-
+-    PolkitQt1::UnixProcessSubject subject(pid);
++    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+     PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
+ 
+     PolkitResultEventLoop e;
+


