-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] polkit (SSA:2021-158-02) New polkit packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/polkit-0.113-i586-3_slack14.2.txz: Rebuilt. This update includes a mitigation for local privilege escalation using polkit_system_bus_name_get_creds_sync(). For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you. Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/polkit-0.113-i586-3_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/polkit-0.113-x86_64-3_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/polkit-0.119-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/polkit-0.119-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.2 package: d0a4fd417b76e84c8d9cd6ebe114e647 polkit-0.113-i586-3_slack14.2.txz Slackware x86_64 14.2 package: d7772cbf234dc38e87298cbaa37ba80e polkit-0.113-x86_64-3_slack14.2.txz Slackware -current package: 64fec13a890084fb063867ddca80cc3f l/polkit-0.119-i586-1.txz Slackware x86_64 -current package: 69e81fef9df950635769876e703ed639 l/polkit-0.119-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg polkit-0.113-i586-3_slack14.2.txz +-----+