Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Slackware: 2022-025-02 Moderate: Polkit Local Privilege Escalation Fix

slackware
Calendar Grey January 26, 2022
Dist Slackware Esm H88
Updated polkit versions for Slackware 14.0, 14.1, and 14.2 released to fix vulnerabilities leading to local privilege escalation.
New polkit packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue

Summary

Here are the details from the Slackware 14.2 ChangeLog: patches/packages/polkit-0.113-i586-4_slack14.2.txz: Rebuilt. [PATCH] pkexec: local privilege escalation. Thanks to Qualys Research Labs for reporting this issue. For more information, see: https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 https://www.cve.org/CVERecord?id=CVE-2021-4034 (* Security fix *)

Topics%20covered

Topics Covered

security advisory local privilege escalation security fix moderate severity slackware polkit

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/polkit-0.105-i486-5_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/polkit-0.105-x86_64-5_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/polkit-0.105-i486-5_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/polkit-0.105-x86_64-5_slack14.1.txz
Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/polkit-0.113-i586-4_slack14.2.txz
Updated package for Slackware x...

Read the Full Advisory

MD5 Signatures

Slackware 14.0 package: 063a61e5d1646a05be8087f00d1770c9 polkit-0.105-i486-5_slack14.0.txz
Slackware x86_64 14.0 package: 8a59f716ab0d316d9b96bbae9cddc609 polkit-0.105-x86_64-5_slack14.0.txz
Slackware 14.1 package: 6bba0d55d0dbdc203452ae71dfe6afb9 polkit-0.105-i486-5_slack14.1.txz
Slackware x86_64 14.1 package: 85748ced32e92f3f63c9b53540b84014 polkit-0.105-x86_64-5_slack14.1.txz
Slackware 14.2 package: 6f5e9bfcfbc6110ed2354c03b7bc34d6 polkit-0.113-i586-4_slack14.2.txz
Slackware x86_64 14.2 package: 8bbdb6d3b5caeb2c9d9ced0a435199e6 polkit-0.113-x86_64-4_slack14.2.txz
Slackware -current package: cb9b374e9dacfb417ed82f3205cb2d73 l/polkit-0.120-i586-2.txz
Slackware x86_64 -current package: fbc1fe202f4ea23bb429b7c99d3d409d l/polkit-0.120-x86_64-2.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory local privilege escalation security fix moderate severity slackware polkit

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg polkit-0.113-i586-4_slack14.2.txz

Your message here