Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 215701 (CVE-2008-1658) - sys-auth/policykit <0.8 Format String Vulnerability (CVE-2008-1658)
Summary: sys-auth/policykit <0.8 Format String Vulnerability (CVE-2008-1658)
Status: RESOLVED FIXED
Alias: CVE-2008-1658
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
URL: https://bugs.freedesktop.org/show_bug...
Whiteboard: ~2 [noglsa]
Keywords:
Depends on: 214801
Blocks:
  Show dependency tree
 
Reported: 2008-04-01 13:43 UTC by Robert Buchholz (RETIRED)
Modified: 2008-12-01 23:21 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-04-01 13:43:37 UTC
Kees Cook writes:
If a user types a carefully crafted series of format strings, they can trick 
polkit-grant-helper into thinking the password was successful.

https://launchpad.net/bugs/205037

Patch:
https://bugs.freedesktop.org/attachment.cgi?id=15591
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2008-04-01 13:44:55 UTC
# Saleem Abdulrasool <compnerd@gentoo.org> (23 Nov 2007)
# These might break automounting, so keep them masked for now.
>=sys-auth/policykit-0.6
>=gnome-base/gnome-mount-0.7
>=gnome-extra/policykit-gnome-0.6

Rating ~2 because this is masked.
Comment 2 Doug Goldstein (RETIRED) gentoo-dev 2008-04-03 14:21:31 UTC
I had to giggle at this one. So much for David Z claiming that Red Hat internally ran PolicyKit through 2 in house security audits and it was perfectly clean...
Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-05-06 14:15:43 UTC
Any news here? could we just apply the patch and be done with this bug?
Comment 4 Steev Klimaszewski (RETIRED) gentoo-dev 2008-05-06 20:03:00 UTC
I've always let security run things when it comes to security patches.  I don't typically touch policykit, at least, as much as I can avoid touching it.  Okay by me if you do, compnerd has final say afaik.
Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2008-05-12 19:44:12 UTC
PolicyKit 0.8 has been released and it fixes this bug.

If anyone could bump it to resolve this issue, that'd be great. No further requirements from security, the patch is ok.
Comment 6 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-09-19 21:37:01 UTC
could someone please bump so we're done with it? Thanks.
Comment 7 Robert Buchholz (RETIRED) gentoo-dev 2008-12-01 23:21:33 UTC
bumped, noglsa. thanks.