Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

polkit: Fix CVE-2021-4034 #526

Conversation

SyedAmerGilani
Copy link

This fixes CVE-2021-4034 in the dunfell branch. See https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt for details about the CVE which enables Privilege Escalation.

@akuster
Copy link
Contributor

akuster commented Jan 29, 2022

Thanks for the patch. I received a patch for this CVE earlier in the week and is in may test branch.
https://git.openembedded.org/meta-openembedded-contrib/commit/?h=stable/dunfell-nut&id=46a2333262de51a5921e71e6772dec5cf9a1826f

@akuster akuster closed this Jan 29, 2022
kraj pushed a commit to YoeDistro/meta-openembedded that referenced this pull request May 25, 2023
Changelog:
==========
general: add hid_get_report_descriptor API function (openembedded#451)
macOS: fix retrieving USB Interface number on macOS 13.3 (openembedded#534)
macOS: Properly handle the close of run loop on macOS (openembedded#522)
libusb: fix crash in hid_enumerate() caused by a stale device handle (openembedded#526)
windows: alternative way to get USB Serial Number if not provided by HidD_GetSerialNumberString (openembedded#464)
windows: don't mark with dllexport in static build (openembedded#507/openembedded#515)
windows: Get Bluetooth device Model Number String instead of Device Name into product string (openembedded#500)
general: fixes (mostly error handling) of issues found by Coverity Scan (openembedded#552/openembedded#554/openembedded#555/openembedded#559/openembedded#560/openembedded#561)
general: variouse fixes and improvements

Signed-off-by: Wang Mingyu <[email protected]>
Signed-off-by: Khem Raj <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants