[Bug 256405] sysutils/polkit: Update to 0.119

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 19 Jun 2021 16:14:42 +0000

--- Comment #6 from Bob Frazier <bobf_at_mrp3.com> ---
I just found this pull request patch related to polkit and CVE-2021-3560


I do not know if it is enough to fix everything but it looks like it's the only
one related to the CVE report.

This patch was apparently committed on 6/3 if I do my date math correctly

I checked the source tarball and it appears to have the patch applied, at least
for that line of code, and is dated 6/3 (along with the patch).

If polkit 0.119 already has this patched, then maybe it's ok now?  I did not
see a newer version of the code available on the polkit tarball site, nor find
any other related patches.

(so maybe confirm it with upstream and then good to go?)

You are receiving this mail because:
You are the assignee for the bug.
Received on Sat Jun 19 2021 - 16:14:42 UTC

Original text of this message