diff options
author | Jan Rybar <jrybar@redhat.com> | 2019-04-26 08:40:13 +0000 |
---|---|---|
committer | Jan Rybar <jrybar@redhat.com> | 2019-04-26 08:40:13 +0000 |
commit | 941e9329f8d3d43ace8335d206365b212824e686 (patch) | |
tree | 2e79ca6c05641d4d5aea77c9a1af5e1d735cd87f | |
parent | f5e25ddfd2fa06033433ffb7e034e1e574cb7c28 (diff) | |
parent | cd7a41d1a331ce38eedfb4ed3196d7b0a8987263 (diff) | |
download | polkit-941e9329f8d3d43ace8335d206365b212824e686.tar.gz |
Merge branch 'release_0.116' into 'master'0.116
Release 0.116 release notes
See merge request polkit/polkit!32
-rw-r--r-- | NEWS | 44 |
1 files changed, 37 insertions, 7 deletions
@@ -9,24 +9,54 @@ some security review. Use at your own risk. This is polkit 0.116. Highlights: - TODO + Fix of CVE-2018-19788, high UIDs caused overflow in polkit; + Fix of CVE-2019-6133, kernel vulnerability (Slowfork) allowed local privilege escalation. Build requirements glib, gobject, gio >= 2.32 - mozjs-52 + mozjs-60 gobject-introspection >= 0.6.2 (optional) pam (optional) ConsoleKit OR systemd -Changes since polkit 0.114: +Changes since polkit 0.115: - TODO + Kyle Walker: + Leaking zombie child processes -Thanks to our contributors. + Jan Rybar: + Possible resource leak found by static analyzer + Output messages tuneup + Sanity fixes + pkttyagent tty echo disabled on SIGINT -Colin Walters and Miloslav Trmač, -$DATE + Ray Strode: + HACKING: add link to Code of Conduct + + Philip Withnall: + polkitbackend: comment typos fix + + Zbigniew Jędrzejewski-Szmek: + configure.ac: fix detection of systemd with cgroups v2 + CVE-2018-19788 High UIDs overflow fix + + Colin Walters: + CVE-2019-6133 Slowfork vulnerability fix + + Matthew Leeds: + Allow unset process-uid + + Emmanuele Bassi + Port the JS authority to mozjs-60 + + Göran Uddeborg: + Use JS_EncodeStringToUTF8 + +Many thanks to all contributors! + +Jan Rybar et al., +April 25, 2019 --------------- polkit 0.115 |