[arch-commits] Commit in kauth/trunk (PKGBUILD kauth-cve-2014-5033.patch)
Sven-Hendrik Haase
svenstaro at archlinux.org
Wed Jul 30 20:15:36 UTC 2014
Date: Wednesday, July 30, 2014 @ 22:15:36
Author: svenstaro
Revision: 218411
upgpkg: kauth 5.0.0-2
Fix CVE-2014-5033
Added:
kauth/trunk/kauth-cve-2014-5033.patch
Modified:
kauth/trunk/PKGBUILD
---------------------------+
PKGBUILD | 12 +++++++++---
kauth-cve-2014-5033.patch | 36 ++++++++++++++++++++++++++++++++++++
2 files changed, 45 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2014-07-30 20:11:12 UTC (rev 218410)
+++ PKGBUILD 2014-07-30 20:15:36 UTC (rev 218411)
@@ -3,7 +3,7 @@
pkgname=kauth
pkgver=5.0.0
-pkgrel=1
+pkgrel=2
pkgdesc='KAuth'
arch=('i686' 'x86_64')
url='https://projects.kde.org/projects/frameworks/kauth'
@@ -11,11 +11,17 @@
depends=('kcoreaddons' 'polkit-qt5')
makedepends=('extra-cmake-modules' 'qt5-tools')
groups=('kf5')
-source=("http://download.kde.org/stable/frameworks/${pkgver}/${pkgname}-${pkgver}.tar.xz")
-md5sums=('eeb5e576c9d0d098cfb9def812f04089')
+source=("http://download.kde.org/stable/frameworks/${pkgver}/${pkgname}-${pkgver}.tar.xz"
+ "${pkgname}-cve-2014-5033.patch")
+md5sums=('eeb5e576c9d0d098cfb9def812f04089'
+ 'c24d35b0e96f98f1cfaff8e69e5fe8f6')
prepare() {
mkdir -p build
+
+ cd ${pkgname}-${pkgver}
+
+ patch -p1 -i "${srcdir}/kauth-cve-2014-5033.patch"
}
build() {
Added: kauth-cve-2014-5033.patch
===================================================================
--- kauth-cve-2014-5033.patch (rev 0)
+++ kauth-cve-2014-5033.patch 2014-07-30 20:15:36 UTC (rev 218411)
@@ -0,0 +1,36 @@
+--- a/src/backends/polkit-1/Polkit1Backend.cpp
++++ b/src/backends/polkit-1/Polkit1Backend.cpp
+@@ -142,7 +142,7 @@
+
+ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+ {
+- PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
+ PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
+ PolkitQt1::Authority::None);
+ switch (r) {
+@@ -158,21 +158,12 @@
+
+ QByteArray Polkit1Backend::callerID() const
+ {
+- QByteArray a;
+- QDataStream s(&a, QIODevice::WriteOnly);
+- s << QCoreApplication::applicationPid();
+-
+- return a;
++ return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+- QDataStream s(&callerID, QIODevice::ReadOnly);
+- qint64 pid;
+-
+- s >> pid;
+-
+- PolkitQt1::UnixProcessSubject subject(pid);
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+ PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
+
+ PolkitResultEventLoop e;
+
More information about the arch-commits
mailing list