Package: policykit Version: 0.9-1 Severity: serious Justification: blocker for #503532 (CVE-2008-4311) Tags: patch User: pkg-utopia-maintain...@lists.alioth.debian.org Usertags: CVE-2008-4311
PolicyKit installs a D-Bus system policy file which doesn't allow any methods to be called. Method calls used to be allowed by a dbus-daemon bug, but with the dbus-daemon changes targeted for lenny, they will be denied. http://bugs.freedesktop.org/show_bug.cgi?id=18948 is the upstream bug and https://bugs.freedesktop.org/attachment.cgi?id=20901 is a patch from Tomas Hoger, reviewed and applied by David Zeuthen. Regards from the Cambridge BSP, Simon
signature.asc
Description: Digital signature
