notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
All times are UTC
Ukraine
non port: x11/kdelibs4/files/patch-git_264e976_CVE-2017-8422
SVNWeb

Number of commits found: 1

Wed, 10 May 2017
[ 12:03 tcberner search for other commits by this committer ] Original commit   Revision:440556
Add upstream fixes for CVE-2017-8422 to x11/kdelibs4 and devel/kf5-kauth

KAuth contains a logic flaw in which the service invoking dbus
is not properly checked.

This allows spoofing the identity of the caller and with some
carefully crafted calls can lead to gaining root from an
unprivileged account.

https://www.kde.org/info/security/advisory-20170510-1.txt

Reviewed by:	rakuco
Approved by:	rakuco (mentor)
Obtained from:	https://www.kde.org/info/security/advisory-20170510-1.txt
MFH:		2017Q2
Security:	CVE-2017-8422
Differential Revision:	https://reviews.freebsd.org/D10660

Number of commits found: 1