SECURITY update to polkit-0.119.

CVE-2021-3560: local privilege escalation using polkit_system_bus_name_get_creds_sync()
2021-06-04 07:46:37 +00:00 · 2021-06-04 07:46:37 +00:00 · 49af502028
commit 49af502028
parent 1682b233b4
3 changed files with 10 additions and 15 deletions
--- a/sysutils/polkit/Makefile
+++ b/sysutils/polkit/Makefile
@ -1,9 +1,8 @@
-# $OpenBSD: Makefile,v 1.85 2021/02/27 08:33:43 ajacoutot Exp $
+# $OpenBSD: Makefile,v 1.86 2021/06/04 07:46:37 ajacoutot Exp $

 COMMENT=		framework for granting privileged operations to users

-DISTNAME=		polkit-0.118
-REVISION=		0
+DISTNAME=		polkit-0.119

 SHARED_LIBS +=  polkit-gobject-1	2.0 # .0.0
 SHARED_LIBS +=  polkit-agent-1		2.0 # .0.0
@ -17,8 +16,8 @@ MAINTAINER=		Antoine Jacoutot <ajacoutot@openbsd.org>
 # GPLv2+
 PERMIT_PACKAGE=	Yes

-WANTLIB += ${COMPILER_LIBCXX} c expat gio-2.0 glib-2.0 gmodule-2.0
-WANTLIB += gobject-2.0 intl mozjs-78
+WANTLIB += ${COMPILER_LIBCXX} c expat gio-2.0 glib-2.0 gobject-2.0
+WANTLIB += intl mozjs-78

 MASTER_SITES=		https://www.freedesktop.org/software/polkit/releases/

@ -65,7 +64,7 @@ DEBUG_PACKAGES=		${BUILD_PACKAGES}
 FAKE_FLAGS=		sysconfdir=${PREFIX}/share/examples/polkit

 pre-configure:
-	perl -pi \
+	sed -i \
 		-e "s,/usr/bin/pkexec,${PREFIX}/bin/pkexec,g;" \
 		-e "s,/usr/bin/python,${MODPY_BIN},g;" \
 		-e "s,/usr/bin/my-pk-test,${PREFIX}/bin/my-pk-test,g;" \
@ -78,7 +77,7 @@ pre-configure:
 		-e "s,>/usr<,>${PREFIX}<,g" \
 		${WRKSRC}/docs/man/pkexec.xml \
 		${WRKSRC}/docs/man/polkit.xml \
-		${WRKSRC}/docs/extensiondir.xml \
+		${WRKSRC}/docs/extensiondir.xml.in \
 		${WRKSRC}/src/examples/org.freedesktop.policykit.examples.pkexec.policy.in

 .include <bsd.port.mk>
--- a/sysutils/polkit/distinfo
+++ b/sysutils/polkit/distinfo
@ -1,2 +1,2 @@
-SHA256 (polkit-0.118.tar.gz) = bVTphOcHIznw0xRxeeFuNOX+BwUVjyWadl13Lc94lWs=
-SIZE (polkit-0.118.tar.gz) = 1556765
+SHA256 (polkit-0.119.tar.gz) = yFef24bpQpVAQhEoX+4HIq0EiT8CE+VxvXXACXL9H1w=
+SIZE (polkit-0.119.tar.gz) = 1387409
--- a/sysutils/polkit/pkg/PLIST
+++ b/sysutils/polkit/pkg/PLIST
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.20 2020/07/30 07:50:42 ajacoutot Exp $
+@comment $OpenBSD: PLIST,v 1.21 2021/06/04 07:46:37 ajacoutot Exp $
@comment Error switching to user _polkitd: Error changing to home directory /nonexistent
@newgroup _polkitd:701
@newuser _polkitd:701:_polkitd:daemon:Polkit Daemon User:/var/empty:/sbin/nologin
@ -67,12 +67,8 @@ lib/polkit-1/
@man man/man8/polkit.8
@man man/man8/polkitd.8
 share/dbus-1/system-services/org.freedesktop.PolicyKit1.service
+share/dbus-1/system.d/org.freedesktop.PolicyKit1.conf
 share/examples/polkit/
-share/examples/polkit/dbus-1/
-share/examples/polkit/dbus-1/system.d/
-@sample ${SYSCONFDIR}/dbus-1/system.d/
-share/examples/polkit/dbus-1/system.d/org.freedesktop.PolicyKit1.conf
-@sample ${SYSCONFDIR}/dbus-1/system.d/org.freedesktop.PolicyKit1.conf
 share/examples/polkit/polkit-1/
@sample ${SYSCONFDIR}/polkit-1/
@mode 0700