delta/polkit.git - gitlab.freedesktop.org: polkit/polkit.git

diff options

author	Colin Walters <walters@redhat.com>	2015-05-30 09:06:23 -0400
committer	Colin Walters <walters@verbum.org>	2015-06-03 15:56:59 -0400
commit	48e646918efb2bf0b3b505747655726d7869f31c (patch)
tree	6f46f419487da39bcf5407ffd96e8d4d34608e45 /.gitignore
parent	87b2290c03f28841594451c7276e0ca44970c1fe (diff)
download	polkit-48e646918efb2bf0b3b505747655726d7869f31c.tar.gz

CVE-2015-3218: backend: Handle invalid object paths in RegisterAuthenticationAgent

Properly propagate the error, otherwise we dereference a `NULL` pointer. This is a local, authenticated DoS. `RegisterAuthenticationAgentWithOptions` and `UnregisterAuthentication` have been validated to not need changes for this. http://lists.freedesktop.org/archives/polkit-devel/2015-May/000420.html https://bugs.freedesktop.org/show_bug.cgi?id=90829 Reported-by: Tavis Ormandy <taviso@google.com> Reviewed-by: Philip Withnall <philip@tecnocode.co.uk> Reviewed-by: Miloslav Trmač <mitr@redhat.com> Signed-off-by: Colin Walters <walters@redhat.com>

Diffstat (limited to '.gitignore')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: