Bug#723717: marked as done (policykit-1: CVE-2013-4288)

[Debian Bug Tracking System]

Your message dated Thu, 19 Sep 2013 16:03:54 +0000
with message-id <e1vmghu-0000r5...@franck.debian.org>
and subject line Bug#723717: fixed in policykit-1 0.112-1
has caused the Debian Bug report #723717,
regarding policykit-1: CVE-2013-4288
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
723717: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723717
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: policykit-1
Severity: grave
Tags: security
Justification: user security hole

Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4288 for details
and patches.

Cheers,
        Moritz

--- End Message ---

--- Begin Message ---

Source: policykit-1
Source-Version: 0.112-1

We believe that the bug you reported is fixed in the latest version of
policykit-1, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 723...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Michael Biebl <bi...@debian.org> (supplier of updated policykit-1 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 19 Sep 2013 17:39:54 +0200
Source: policykit-1
Binary: policykit-1 policykit-1-doc libpolkit-gobject-1-0 
libpolkit-gobject-1-dev libpolkit-agent-1-0 libpolkit-agent-1-dev 
gir1.2-polkit-1.0
Architecture: source amd64 all
Version: 0.112-1
Distribution: experimental
Urgency: low
Maintainer: Utopia Maintenance Team 
<pkg-utopia-maintain...@lists.alioth.debian.org>
Changed-By: Michael Biebl <bi...@debian.org>
Description: 
 gir1.2-polkit-1.0 - GObject introspection data for PolicyKit
 libpolkit-agent-1-0 - PolicyKit Authentication Agent API
 libpolkit-agent-1-dev - PolicyKit Authentication Agent API - development files
 libpolkit-gobject-1-0 - PolicyKit Authorization API
 libpolkit-gobject-1-dev - PolicyKit Authorization API - development files
 policykit-1 - framework for managing administrative policies and privileges
 policykit-1-doc - documentation for PolicyKit-1
Closes: 723717
Changes: 
 policykit-1 (0.112-1) experimental; urgency=low
 .
   * New upstream release.
     - Fixes CVE-2013-4288, unix-process subject for authorization is racy.
       (Closes: #723717)
   * Remove 00git_pkexec_pam_env.patch and 09_link_libmozjs.patch, both merged
     upstream.
   * Drop explicit Build-Depends on gir1.2-glib-2.0.
   * Bump Standards-Version to 3.9.4. No further changes.
Checksums-Sha1: 
 4af18b75e9a3ac56145edb9d2593ac2d1b3f109d 2641 policykit-1_0.112-1.dsc
 374397f1c32fa1290be0fce378fe9bab541ee4bf 1429240 policykit-1_0.112.orig.tar.gz
 49a70babc717dfcfb9fd24edc3e898beacad91df 16388 
policykit-1_0.112-1.debian.tar.gz
 be3955c8a12bf939d5894e9f076f45e5446ddb9f 92808 policykit-1_0.112-1_amd64.deb
 9a21adfe310968829191dc0d64ec80e78c1d6e64 242522 policykit-1-doc_0.112-1_all.deb
 068fc2ea641287c18b656231d0ba85c977ced430 40410 
libpolkit-gobject-1-0_0.112-1_amd64.deb
 18ee6a8536a550c9e9fed32b23c9f897f58908df 58930 
libpolkit-gobject-1-dev_0.112-1_amd64.deb
 9e2467de28c35e67852fcb8a3df7828395cc7cc1 22094 
libpolkit-agent-1-0_0.112-1_amd64.deb
 88b86fe0c68c7ff62bd07d8bff4cc61238faab70 27942 
libpolkit-agent-1-dev_0.112-1_amd64.deb
 565bd25f43ee4fa148f60c24bcde5199fd00e03b 14514 
gir1.2-polkit-1.0_0.112-1_amd64.deb
Checksums-Sha256: 
 8c6fc2f603366e3e82d6fdb5213bef3523068666e3d9f39f066fdb5e8a3c2ccc 2641 
policykit-1_0.112-1.dsc
 d695f43cba4748a822fbe864dd32c4887c5da1c71694a47693ace5e88fcf6af6 1429240 
policykit-1_0.112.orig.tar.gz
 0dcb5b76534d5b34ec8ef38fba11f6e2192a6fc442d11c0b7423884369fd5a23 16388 
policykit-1_0.112-1.debian.tar.gz
 525340cc57c305b4230fedad041a56c8f10bfb0523149939a772e462431761dd 92808 
policykit-1_0.112-1_amd64.deb
 6296d0e092ad018b80d9c6c54033c518cae8864eb5b9852cc3cb4dbd50ee56ca 242522 
policykit-1-doc_0.112-1_all.deb
 ee4314f82d87b1bbc15d7a8659c3baeed9a5899227e8efd0156c598e46ae0b17 40410 
libpolkit-gobject-1-0_0.112-1_amd64.deb
 0c29ce8ebdb19abb27af8fef3864544ccad2b9b80195ccfc136608a705c9106d 58930 
libpolkit-gobject-1-dev_0.112-1_amd64.deb
 4c0c98c257627289d28fd750e4db60a02f9fc94bd60def63c720a293168a6054 22094 
libpolkit-agent-1-0_0.112-1_amd64.deb
 1516e502780c680d1861c61ce0c6ebf5177ad85339a68e4eaac9389b8520d2a4 27942 
libpolkit-agent-1-dev_0.112-1_amd64.deb
 03953e679b1960e887ed58e6da0e6c6df187b3861c54ad938ff5bb7f908bfedc 14514 
gir1.2-polkit-1.0_0.112-1_amd64.deb
Files: 
 e9d7a03c8d25741a263402c830a5560b 2641 admin optional policykit-1_0.112-1.dsc
 b0f2fa00a55f47c6a5d88e9b73f80127 1429240 admin optional 
policykit-1_0.112.orig.tar.gz
 330f63a4d5eb3bd736eda5c895a38888 16388 admin optional 
policykit-1_0.112-1.debian.tar.gz
 663805f996e15376f61fafceee19909d 92808 admin optional 
policykit-1_0.112-1_amd64.deb
 0202d1f477a6cde079b2c1f06515d0cd 242522 doc optional 
policykit-1-doc_0.112-1_all.deb
 9a24e2fb60294bf928cc81e10adf49df 40410 libs optional 
libpolkit-gobject-1-0_0.112-1_amd64.deb
 39a107302a588b13021b496f00696de3 58930 libdevel optional 
libpolkit-gobject-1-dev_0.112-1_amd64.deb
 93312c1055b4c0f2017eb042cca3ca51 22094 libs optional 
libpolkit-agent-1-0_0.112-1_amd64.deb
 0c4bd0f66f55359b028114579852b7af 27942 libdevel optional 
libpolkit-agent-1-dev_0.112-1_amd64.deb
 6f8fa585387c86d8e4b85b0689fa9ddd 14514 introspection optional 
gir1.2-polkit-1.0_0.112-1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBCAAGBQJSOxt0AAoJEGrh3w1gjyLcFVcP/3Qi7CePENClJWQxCG+vLmqt
G6EI/mfzi4OhPq7I2iI791ldwGnDJCJ7yTw4di8WGaKy5uB/3lthSrOUkCDxOXUF
k+TplSuYNn2H22LbMQoc/nJfDdaroKAHg1finTgaxOTxTagBCFwIu/xsTXh2uxE7
Hen5+6IQy+zJJb6Z58O/PGN6vabSVfxtpv0/HLvu6u17FkJpZdzKKAcwahDaQ8Sc
y3yi7FjiwO9g1M0CQsBpfijyeLrGQ4jTB59xNxCma8iCXirD1RypzxJDPGhnu6mu
mwESiAmjSo0zkhVD19mJsGdDrV/1/wrLdHislfNFLHSZxP12kb+8jLWpeW69IYXv
Feg/DwbEzV0i1X/Y/RF7y8xyugfIwCjkNMgQdJZM/qGsLET1I9PNYYu43EHmjIjT
qzwAUFMvC8LV/XNQTb+Lz1x8r4v8vVL3UsH1uydTcBItk3wMpJQTeNrD03rxMypY
BHAX0HtcS9gGLwAJQE/a2XCdflNpEwGICj7kqUYWRgcky4W91p71lUvGHuRiWWt6
yprkcnqAQEhB5fmyTOCnR0DW2TF66ktLHhG4vDlG9M4fNBRMMT4FMTsRNrub8OtN
7jU13vBOLS7mGXWp9XBY6TLRpMq3UleiSAAg2FOUYUmFEM3Yqycv4i72Ce4XqpY4
ZpcbuLw3zuI2Ojf9zKyd
=rukR
-----END PGP SIGNATURE-----

--- End Message ---