[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-201406-27.xml - gentoo-commits

From:	"Chris Reffett (creffett)" <creffett@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-201406-27.xml
Date:	Thu, 26 Jun 2014 22:25:28
Message-Id:	`20140626222455.728902004E@flycatcher.gentoo.org`

1

creffett    14/06/26 22:24:55

2

3

  Added:                glsa-201406-27.xml

4

  Log:

5

  GLSA 201406-27

6

7

Revision  Changes    Path

8

1.1                  xml/htdocs/security/en/glsa/glsa-201406-27.xml

9

10

file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-27.xml?rev=1.1&view=markup

11

plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-27.xml?rev=1.1&content-type=text/plain

12

13

Index: glsa-201406-27.xml

14

===================================================================

15

<?xml version="1.0" encoding="UTF-8"?>

16

<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>

17

<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>

18

<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">

19

<glsa id="201406-27">

20

  <title>polkit, Spice-Gtk, systemd, HPLIP, libvirt: Privilege escalation</title>

21

  <synopsis>A race condition in polkit could allow a local attacker to gain

22

    escalated privileges.

23

  </synopsis>

24

  <product type="ebuild">polkit spice-gtk systemd hplip libvirt</product>

25

  <announced>June 26, 2014</announced>

26

  <revised>June 26, 2014: 1</revised>

27

  <bug>484486</bug>

28

  <bug>484488</bug>

29

  <bug>485420</bug>

30

  <bug>485546</bug>

31

  <bug>485904</bug>

32

  <access>local</access>

33

  <affected>

34

    <package name="net-print/hplip" auto="yes" arch="*">

35

      <unaffected range="ge">3.14.1</unaffected>

36

      <vulnerable range="lt">3.14.1</vulnerable>

37

    </package>

38

    <package name="net-misc/spice-gtk" auto="yes" arch="*">

39

      <unaffected range="ge">0.21</unaffected>

40

      <vulnerable range="lt">0.21</vulnerable>

41

    </package>

42

    <package name="sys-apps/systemd" auto="yes" arch="*">

43

      <unaffected range="ge">204-r1</unaffected>

44

      <vulnerable range="lt">204-r1</vulnerable>

45

    </package>

46

    <package name="app-emulation/libvirt" auto="yes" arch="*">

47

      <unaffected range="ge">1.1.2-r3</unaffected>

48

      <vulnerable range="lt">1.1.2-r3</vulnerable>

49

    </package>

50

    <package name="sys-auth/polkit" auto="yes" arch="*">

51

      <unaffected range="ge">0.112</unaffected>

52

      <vulnerable range="lt">0.112</vulnerable>

53

    </package>

54

  </affected>

55

  <background>

56

    <p>polkit is a toolkit for managing policies relating to unprivileged

57

      processes communicating with privileged processes.

58

    </p>

59

  </background>

60

  <description>

61

    <p>polkit has a race condition which potentially allows a process to change

62

      its UID/EUID via suid or pkexec before authentication is completed.

63

    </p>

64

  </description>

65

  <impact type="high">

66

    <p>A local attacker could start a suid or pkexec process through a

67

      polkit-enabled application, which could result in privilege escalation or

68

      bypass of polkit restrictions.

69

    </p>

70

  </impact>

71

  <workaround>

72

    <p>There is no known workaround at this time.</p>

73

  </workaround>

74

  <resolution>

75

    <p>All polkit users should upgrade to the latest version:</p>

76

77

    <code>

78

      # emerge --sync

79

      # emerge --ask --oneshot --verbose "&gt;=sys-auth/polkit-0.112"

80

    </code>

81

82

    <p>All HPLIP users should upgrade to the latest version:</p>

83

84

    <code>

85

      # emerge --sync

86

      # emerge --ask --oneshot --verbose "&gt;=net-print/hplip-3.14.1"

87

    </code>

88

89

    <p>All Spice-Gtk users should upgrade to the latest version:</p>

90

91

    <code>

92

      # emerge --sync

93

      # emerge --ask --oneshot --verbose "&gt;=net-misc/spice-gtk-0.21"

94

    </code>

95

96

    <p>All systemd users should upgrade to the latest version:</p>

97

98

    <code>

99

      # emerge --sync

100

      # emerge --ask --oneshot --verbose "&gt;=sys-apps/systemd-204-r1"

101

    </code>

102

103

    <p>All libvirt users should upgrade to the latest version:</p>

104

105

    <code>

106

      # emerge --sync

107

      # emerge --ask --oneshot --verbose "&gt;=app-emulation/libvirt-1.1.2-r3"

108

    </code>

109

  </resolution>

110

  <references>

111

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4288">CVE-2013-4288</uri>

112

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4311">CVE-2013-4311</uri>

113

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4324">CVE-2013-4324</uri>

114

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4325">CVE-2013-4325</uri>

115

    <uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4327">CVE-2013-4327</uri>

116

  </references>

117

  <metadata tag="requester" timestamp="Sun, 29 Sep 2013 15:18:50 +0000">ackle</metadata>

118

  <metadata tag="submitter" timestamp="Thu, 26 Jun 2014 22:23:13 +0000">

119

    creffett

120

  </metadata>

121

</glsa>

1	creffett 14/06/26 22:24:55
2
3	Added: glsa-201406-27.xml
4	Log:
5	GLSA 201406-27
6
7	Revision Changes Path
8	1.1 xml/htdocs/security/en/glsa/glsa-201406-27.xml
9
10	file : http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-27.xml?rev=1.1&view=markup
11	plain: http://sources.gentoo.org/viewvc.cgi/gentoo/xml/htdocs/security/en/glsa/glsa-201406-27.xml?rev=1.1&content-type=text/plain
12
13	Index: glsa-201406-27.xml
14	===================================================================
15	<?xml version="1.0" encoding="UTF-8"?>
16	<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
17	<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
18	<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
19	<glsa id="201406-27">
20	<title>polkit, Spice-Gtk, systemd, HPLIP, libvirt: Privilege escalation</title>
21	<synopsis>A race condition in polkit could allow a local attacker to gain
22	escalated privileges.
23	</synopsis>
24	<product type="ebuild">polkit spice-gtk systemd hplip libvirt</product>
25	<announced>June 26, 2014</announced>
26	<revised>June 26, 2014: 1</revised>
27	<bug>484486</bug>
28	<bug>484488</bug>
29	<bug>485420</bug>
30	<bug>485546</bug>
31	<bug>485904</bug>
32	<access>local</access>
33	<affected>
34	<package name="net-print/hplip" auto="yes" arch="*">
35	<unaffected range="ge">3.14.1</unaffected>
36	<vulnerable range="lt">3.14.1</vulnerable>
37	</package>
38	<package name="net-misc/spice-gtk" auto="yes" arch="*">
39	<unaffected range="ge">0.21</unaffected>
40	<vulnerable range="lt">0.21</vulnerable>
41	</package>
42	<package name="sys-apps/systemd" auto="yes" arch="*">
43	<unaffected range="ge">204-r1</unaffected>
44	<vulnerable range="lt">204-r1</vulnerable>
45	</package>
46	<package name="app-emulation/libvirt" auto="yes" arch="*">
47	<unaffected range="ge">1.1.2-r3</unaffected>
48	<vulnerable range="lt">1.1.2-r3</vulnerable>
49	</package>
50	<package name="sys-auth/polkit" auto="yes" arch="*">
51	<unaffected range="ge">0.112</unaffected>
52	<vulnerable range="lt">0.112</vulnerable>
53	</package>
54	</affected>
55	<background>
56	<p>polkit is a toolkit for managing policies relating to unprivileged
57	processes communicating with privileged processes.
58	</p>
59	</background>
60	<description>
61	<p>polkit has a race condition which potentially allows a process to change
62	its UID/EUID via suid or pkexec before authentication is completed.
63	</p>
64	</description>
65	<impact type="high">
66	<p>A local attacker could start a suid or pkexec process through a
67	polkit-enabled application, which could result in privilege escalation or
68	bypass of polkit restrictions.
69	</p>
70	</impact>
71	<workaround>
72	<p>There is no known workaround at this time.</p>
73	</workaround>
74	<resolution>
75	<p>All polkit users should upgrade to the latest version:</p>
76
77	<code>
78	# emerge --sync
79	# emerge --ask --oneshot --verbose ">=sys-auth/polkit-0.112"
80	</code>
81
82	<p>All HPLIP users should upgrade to the latest version:</p>
83
84	<code>
85	# emerge --sync
86	# emerge --ask --oneshot --verbose ">=net-print/hplip-3.14.1"
87	</code>
88
89	<p>All Spice-Gtk users should upgrade to the latest version:</p>
90
91	<code>
92	# emerge --sync
93	# emerge --ask --oneshot --verbose ">=net-misc/spice-gtk-0.21"
94	</code>
95
96	<p>All systemd users should upgrade to the latest version:</p>
97
98	<code>
99	# emerge --sync
100	# emerge --ask --oneshot --verbose ">=sys-apps/systemd-204-r1"
101	</code>
102
103	<p>All libvirt users should upgrade to the latest version:</p>
104
105	<code>
106	# emerge --sync
107	# emerge --ask --oneshot --verbose ">=app-emulation/libvirt-1.1.2-r3"
108	</code>
109	</resolution>
110	<references>
111	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4288">CVE-2013-4288</uri>
112	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4311">CVE-2013-4311</uri>
113	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4324">CVE-2013-4324</uri>
114	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4325">CVE-2013-4325</uri>
115	<uri link="http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4327">CVE-2013-4327</uri>
116	</references>
117	<metadata tag="requester" timestamp="Sun, 29 Sep 2013 15:18:50 +0000">ackle</metadata>
118	<metadata tag="submitter" timestamp="Thu, 26 Jun 2014 22:23:13 +0000">
119	creffett
120	</metadata>
121	</glsa>

Gentoo Archives: gentoo-commits