Fix CVE-2021-3560

2021-06-15 11:32:08 +08:00 · 2021-06-15 11:32:08 +08:00 · dd8da81274
commit dd8da81274
parent 6006e064f0
2 changed files with 33 additions and 2 deletions
--- a/backport-CVE-2021-3560.patch
+++ b/backport-CVE-2021-3560.patch
@ -0,0 +1,27 @@
+From a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 Mon Sep 17 00:00:00 2001
+From: Jan Rybar <jrybar@redhat.com>
+Date: Wed, 2 Jun 2021 15:43:38 +0200
+Subject: [PATCH] GHSL-2021-074: authentication bypass vulnerability in polkit
+
+initial values returned if error caught
+---
+ src/polkit/polkitsystembusname.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
+index 8daa12c..8ed1363 100644
+--- a/src/polkit/polkitsystembusname.c
+++ b/src/polkit/polkitsystembusname.c
+@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName           *system_bus
+   while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
+     g_main_context_iteration (tmp_context, TRUE);
+ 
+  if (data.caught_error)
+    goto out;
+
+   if (out_uid)
+     *out_uid = data.uid;
+   if (out_pid)
+-- 
+GitLab
+
--- a/polkit.spec
+++ b/polkit.spec
@ -1,13 +1,14 @@
 Name:             polkit
 Version:          0.118
-Release:          1
+Release:          2
 Summary:          Define and Handle authorizations tool
 License:          LGPLv2+
 URL:              http://www.freedesktop.org/wiki/Software/polkit
 Source0:          http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
 Source1:          http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz.sign

-Patch1:           modify-admin-authorization-from-wheel-group-to-root.patch
+Patch0:           modify-admin-authorization-from-wheel-group-to-root.patch
+Patch1:           backport-CVE-2021-3560.patch

 BuildRequires:    gcc-c++ glib2-devel >= 2.30.0 expat-devel pam-devel gtk-doc intltool
 BuildRequires:    gobject-introspection-devel systemd systemd-devel pkgconfig(mozjs-78)
@ -124,6 +125,9 @@ exit 0
 %{_datadir}/man/man8/*

 %changelog
+* Tue Jun 15 2021 panxiaohe <panxiaohe@huawei.com> - 0.118-2
+- Fix CVE-2021-3560
+
 * Thu Jan 21 2021 yixiangzhike <zhangxingliang3@huawei.com> - 0.118-1
 - update to 0.118