-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4350-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff December 06, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : policykit-1 CVE ID : CVE-2018-19788 Debian Bug : 915332 It was discovered that incorrect processing of very high UIDs in Policykit, a framework for managing administrative policies and privileges, could result in authentication bypass. For the stable distribution (stretch), this problem has been fixed in version 0.105-18+deb9u1. We recommend that you upgrade your policykit-1 packages. For the detailed security status of policykit-1 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/policykit-1 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Debian: DSA-4350-1: policykit-1 security update
It was discovered that incorrect processing of very high UIDs in Policykit, a framework for managing administrative policies and privileges, could result in authentication bypass.
