Bug#915332: marked as done (policykit-1: CVE-2018-19788: unprivileged users with UID can successfully execute any systemctl command)

[Debian Bug Tracking System]

Your message dated Fri, 07 Dec 2018 20:45:19 +0000
with message-id <e1gvmzv-0006gj...@fasolo.debian.org>
and subject line Bug#915332: fixed in policykit-1 0.105-18+deb9u1
has caused the Debian Bug report #915332,
regarding policykit-1: CVE-2018-19788: unprivileged users with UID can 
successfully execute any systemctl command
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
915332: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915332
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Source: policykit-1
Severity: grave
Tags: security upstream
Justification: user security hole
Forwarded: https://gitlab.freedesktop.org/polkit/polkit/issues/74

As reported in https://gitlab.freedesktop.org/polkit/polkit/issues/74
, a unprivileged user with UID > INT_MAX can successfully execute any
systemctl command .

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

Source: policykit-1
Source-Version: 0.105-18+deb9u1

We believe that the bug you reported is fixed in the latest version of
policykit-1, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 915...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Moritz Mühlenhoff <j...@debian.org> (supplier of updated policykit-1 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 06 Dec 2018 18:38:04 +0100
Source: policykit-1
Binary: policykit-1 policykit-1-doc libpolkit-gobject-1-0 
libpolkit-gobject-1-dev libpolkit-agent-1-0 libpolkit-agent-1-dev 
libpolkit-backend-1-0 libpolkit-backend-1-dev gir1.2-polkit-1.0
Architecture: source amd64 all
Version: 0.105-18+deb9u1
Distribution: stretch-security
Urgency: medium
Maintainer: Utopia Maintenance Team 
<pkg-utopia-maintain...@lists.alioth.debian.org>
Changed-By: Moritz Mühlenhoff <j...@debian.org>
Description:
 gir1.2-polkit-1.0 - GObject introspection data for PolicyKit
 libpolkit-agent-1-0 - PolicyKit Authentication Agent API
 libpolkit-agent-1-dev - PolicyKit Authentication Agent API - development files
 libpolkit-backend-1-0 - PolicyKit backend API
 libpolkit-backend-1-dev - PolicyKit backend API - development files
 libpolkit-gobject-1-0 - PolicyKit Authorization API
 libpolkit-gobject-1-dev - PolicyKit Authorization API - development files
 policykit-1 - framework for managing administrative policies and privileges
 policykit-1-doc - documentation for PolicyKit-1
Closes: 915332
Changes:
 policykit-1 (0.105-18+deb9u1) stretch-security; urgency=medium
 .
   * CVE-2018-19788 (Closes: #915332)
Checksums-Sha1:
 859fbcfed146dd43479df159c44c488bbe826d4d 2923 policykit-1_0.105-18+deb9u1.dsc
 53d56484a5bffb0aaf645c8d813b3063e01e8423 1431080 policykit-1_0.105.orig.tar.gz
 fc287d68d839d061afda742f3dfd486f40b20124 44764 
policykit-1_0.105-18+deb9u1.debian.tar.xz
 ce9ceea141f947544fe25e8044bff045fa2dc9fa 16758 
gir1.2-polkit-1.0_0.105-18+deb9u1_amd64.deb
 c476ca3e108fb42b2710b76a72b063f1235c8337 44940 
libpolkit-agent-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 43801db517655e7d02a164e02ad49d3d76ab5d49 24388 
libpolkit-agent-1-0_0.105-18+deb9u1_amd64.deb
 3af7618e5374a015cc72ecfb97d78cd0de914be2 30512 
libpolkit-agent-1-dev_0.105-18+deb9u1_amd64.deb
 0823367d3f5beec409cbe1dc425222a751106eb1 119792 
libpolkit-backend-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 95d7fb15e75d9dd5ad111d4768dd9b26d69be407 45748 
libpolkit-backend-1-0_0.105-18+deb9u1_amd64.deb
 2ddad95f2698c22af26453b1b71a449787112b43 51378 
libpolkit-backend-1-dev_0.105-18+deb9u1_amd64.deb
 4cb2d1ddfe94d909c217495204cd9a44bfa2a5bf 133690 
libpolkit-gobject-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 07861e147f8df4e45336d17381731d6d95e5801c 43776 
libpolkit-gobject-1-0_0.105-18+deb9u1_amd64.deb
 06f2bb0ce20e3e783aee8b112a4c362f090cee39 63288 
libpolkit-gobject-1-dev_0.105-18+deb9u1_amd64.deb
 16219f25ae1066c119150481458bcd792d746471 84940 
policykit-1-dbgsym_0.105-18+deb9u1_amd64.deb
 b3d17e29fd90ebafaf170755534317aca6a81d22 260296 
policykit-1-doc_0.105-18+deb9u1_all.deb
 d58ae0a4950b0586620c0413cd6d1debc30e8deb 12938 
policykit-1_0.105-18+deb9u1_amd64.buildinfo
 72469037f25b61dcedca22845d066821097a4150 63464 
policykit-1_0.105-18+deb9u1_amd64.deb
Checksums-Sha256:
 c7752407aba06c9ef4566ac0d08d1036ef004e4cfeb6c165da8cc0904a0ddf7d 2923 
policykit-1_0.105-18+deb9u1.dsc
 8fdc7cc8ba4750fcce1a4db9daa759c12afebc7901237e1c993c38f08985e1df 1431080 
policykit-1_0.105.orig.tar.gz
 1e3ab3d76de849058db84fd8b93425b95f3235e65b6b0ee5307ef6e6cd2dd519 44764 
policykit-1_0.105-18+deb9u1.debian.tar.xz
 1ab2156a665c94d9b53ea840355f2f05b1c2762af00c5d2703f59b35c75a8ebb 16758 
gir1.2-polkit-1.0_0.105-18+deb9u1_amd64.deb
 ae4bb7cb08c263758f84d2646790aaf2392c00d7a69bd57fe61b4c9e583a9004 44940 
libpolkit-agent-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 6a7a3f638a98d3fe701af47cbc392d3d5ac62913085f9947488e13477c6ca25f 24388 
libpolkit-agent-1-0_0.105-18+deb9u1_amd64.deb
 b16977086175a3e2dfd7592e6419401f5482db7fc13a55af6bf05b8ffa37eb6f 30512 
libpolkit-agent-1-dev_0.105-18+deb9u1_amd64.deb
 b75f80c307b9fdad864babf36739dd3ad7e12830fe5ddadd28f9d8e9aa4cabc6 119792 
libpolkit-backend-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 d64e71174e30ccf1dc9eb5b4a1c965bfc3d7a79f4b25990b4c3dd6c101e24030 45748 
libpolkit-backend-1-0_0.105-18+deb9u1_amd64.deb
 c0b3e4aace976868730fbc9322eb5f447842dc4eb470e9871ad50b91048bb75f 51378 
libpolkit-backend-1-dev_0.105-18+deb9u1_amd64.deb
 f5126ebb760fe3e4ee54535e7548b0661e9c8975901c2d07e59f59a94eb0bb1a 133690 
libpolkit-gobject-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 0611d7b8e5113bdc7257aa38f8500e2b78ff9fd91a6555114a482a101b7db835 43776 
libpolkit-gobject-1-0_0.105-18+deb9u1_amd64.deb
 c7127ef20ddfc3fa5ac25fa636e1edbb222d3f6570f05bdc3d32675c9fd039d0 63288 
libpolkit-gobject-1-dev_0.105-18+deb9u1_amd64.deb
 35d867eaef28bb3980ef88fa950e7411030d330d48cb0958fcd1e63b80e40716 84940 
policykit-1-dbgsym_0.105-18+deb9u1_amd64.deb
 8ae5014509b5e652af74ab58f9ecbaf178b78e7c36b0e3f308abaa5c1000461c 260296 
policykit-1-doc_0.105-18+deb9u1_all.deb
 3703ddd7e5a1b593602e6da5a4ac2f3605e63a2689d57e3172fc00d2065b9577 12938 
policykit-1_0.105-18+deb9u1_amd64.buildinfo
 a9e6d88f730676d413acefb2a463ecc7e780f92ee2697d2344f24866e88db678 63464 
policykit-1_0.105-18+deb9u1_amd64.deb
Files:
 2b938d7a95ec05f386ec3c25a2b8f584 2923 admin optional 
policykit-1_0.105-18+deb9u1.dsc
 9c29e1b6c214f0bd6f1d4ee303dfaed9 1431080 admin optional 
policykit-1_0.105.orig.tar.gz
 c3e452962e6a0f6bff4fa51e5091d91a 44764 admin optional 
policykit-1_0.105-18+deb9u1.debian.tar.xz
 9880a09328978e011cc75f78abadefc1 16758 introspection optional 
gir1.2-polkit-1.0_0.105-18+deb9u1_amd64.deb
 6a9673efdc43d49ab80e0a1a1ef24e4d 44940 debug extra 
libpolkit-agent-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 227e5eb6cc3989fe87add81f495cb484 24388 libs optional 
libpolkit-agent-1-0_0.105-18+deb9u1_amd64.deb
 97549ef05267c5874cc508614ac0210c 30512 libdevel optional 
libpolkit-agent-1-dev_0.105-18+deb9u1_amd64.deb
 f504cf4c2b7e7ab25f884dc3fb124877 119792 debug extra 
libpolkit-backend-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 982bf2fc276d483d6a8804df9d529719 45748 libs optional 
libpolkit-backend-1-0_0.105-18+deb9u1_amd64.deb
 5112162ee34162d3c5bc554e7822a341 51378 libdevel optional 
libpolkit-backend-1-dev_0.105-18+deb9u1_amd64.deb
 c3992a910a282f0c9a86a9678e844fe6 133690 debug extra 
libpolkit-gobject-1-0-dbgsym_0.105-18+deb9u1_amd64.deb
 f45d307aea95e1ccacb6e7c13a32b33e 43776 libs optional 
libpolkit-gobject-1-0_0.105-18+deb9u1_amd64.deb
 9520a17c7e283cdcdb8acde41e0bafcc 63288 libdevel optional 
libpolkit-gobject-1-dev_0.105-18+deb9u1_amd64.deb
 86dca0b3d4bf71b7d64e22fe5ca177ee 84940 debug extra 
policykit-1-dbgsym_0.105-18+deb9u1_amd64.deb
 0d4dcecf3e4e935213557ad6a29ee567 260296 doc optional 
policykit-1-doc_0.105-18+deb9u1_all.deb
 aed56305387f27b16ea6d39c40296d59 12938 admin optional 
policykit-1_0.105-18+deb9u1_amd64.buildinfo
 bdc63ea2ba7f3fd2810674c0d2fa0bcc 63464 admin optional 
policykit-1_0.105-18+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlwJYyYACgkQEMKTtsN8
TjYy3w//ZV5GOYR6BgRgEU2XnljYIcS/kW66JbGx6McmDz8Ftz5Y4gvmOlUdl/cW
XtyRwlQWc2QJ7JaKJpaMCkW/qOc3mPFSDR214DZeHSeUEQen7gJnw0V5xmHCmrr8
M4VqlKddMPma3um8MOUbHehCxQZQJGGQbUZYwJa8I0RJdAunZTyM5smDbBFNkC2c
1v0oZklvWC0Tr+0b9GUFSAlarlDl1qj4HZ/4sSl3r7Ga3SI3AddWprNnA8HvkemP
VAWHp4aLm2K2GoV2v5fB28mH986fFzf6iEHo+jJvOMtSvn4oxIbPaMDesAOBnoOj
/yNRbGGOD3EdxU5rjo4GtDOMc5yZ7DplXjzsEuQfN9YhfHLoOF1CPVjBq4ECxAOa
aAaKLVbhc7YE9QJg15gYzDhB8VeYVFI82insRtVFDn1SyYLEbpwhnwFg7rJ3kGty
BWjy0A2buff7DkjSxZJQz9w9jrBtosGvxou/pboqPIKk3PSpsmrrMUNy/xJkkuHQ
Tud8MWmTJ6nXHSI4leojrJe4ijDijaQv7DXkH8jNZE5gpCv8usDi0y95KKRK1UCg
AOss4OndZIm2USSPvK4PUgAtgTizUSCcWtliIVWLfgsXGvF+Ms2LmsxPEUVVfUcH
EaDQ6OmFXfsNk+YeQjeJPNzD8Vf8rjzPCcVJwuYery+zM5kLZWs=
=nDXQ
-----END PGP SIGNATURE-----

--- End Message ---