From 477bd290fa9a178a3db0fe07169bcad10037cdcd Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Sat, 12 Mar 2022 20:57:35 +0000 Subject: Sat Mar 12 20:57:35 UTC 2022 patches/packages/polkit-0.120-x86_64-3_slack15.0.txz: Rebuilt. Patched to fix a security issue where an unprivileged user could cause a denial of service due to process file descriptor exhaustion. Thanks to marav. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115 (* Security fix *) --- ChangeLog.rss | 21 ++- ChangeLog.txt | 9 + FILELIST.TXT | 126 +++++++------ .../packages/polkit-0.120-x86_64-3_slack15.0.txt | 11 ++ .../0001-configure-fix-elogind-support.patch | 29 +++ patches/source/polkit/CVE-2021-4115.patch | 71 ++++++++ .../a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch | 79 ++++++++ patches/source/polkit/doinst.sh | 32 ++++ .../polkit/dont-set-wheel-group-as-admin.diff | 10 + patches/source/polkit/polkit.SlackBuild | 201 +++++++++++++++++++++ patches/source/polkit/slack-desc | 19 ++ recompress.sh | 5 + 12 files changed, 554 insertions(+), 59 deletions(-) create mode 100644 patches/packages/polkit-0.120-x86_64-3_slack15.0.txt create mode 100644 patches/source/polkit/0001-configure-fix-elogind-support.patch create mode 100644 patches/source/polkit/CVE-2021-4115.patch create mode 100644 patches/source/polkit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch create mode 100644 patches/source/polkit/doinst.sh create mode 100644 patches/source/polkit/dont-set-wheel-group-as-admin.diff create mode 100755 patches/source/polkit/polkit.SlackBuild create mode 100644 patches/source/polkit/slack-desc diff --git a/ChangeLog.rss b/ChangeLog.rss index 07e4c9d61..9b809cdce 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,26 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Thu, 10 Mar 2022 02:30:54 GMT - Thu, 10 Mar 2022 12:29:45 GMT + Sat, 12 Mar 2022 20:57:35 GMT + Sun, 13 Mar 2022 12:29:44 GMT maintain_current_git.sh v 1.17 + + Sat, 12 Mar 2022 20:57:35 GMT + Sat, 12 Mar 2022 20:57:35 GMT + https://git.slackware.nl/current/tag/?h=20220312205735 + 20220312205735 + + +patches/packages/polkit-0.120-x86_64-3_slack15.0.txz: Rebuilt. + Patched to fix a security issue where an unprivileged user could cause a + denial of service due to process file descriptor exhaustion. + Thanks to marav. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115 + (* Security fix *) + ]]> + + Thu, 10 Mar 2022 02:30:54 GMT Thu, 10 Mar 2022 02:30:54 GMT diff --git a/ChangeLog.txt b/ChangeLog.txt index 70eabd21a..8ecb25329 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,12 @@ +Sat Mar 12 20:57:35 UTC 2022 +patches/packages/polkit-0.120-x86_64-3_slack15.0.txz: Rebuilt. + Patched to fix a security issue where an unprivileged user could cause a + denial of service due to process file descriptor exhaustion. + Thanks to marav. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4115 + (* Security fix *) ++--------------------------+ Thu Mar 10 02:30:54 UTC 2022 patches/packages/ca-certificates-20220309-noarch-1_slack15.0.txz: Upgraded. This update provides the latest CA certificates to check for the diff --git a/FILELIST.TXT b/FILELIST.TXT index 319aebf9d..2111a1863 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Thu Mar 10 02:36:45 UTC 2022 +Sat Mar 12 21:00:24 UTC 2022 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2022-03-10 02:30 . +drwxr-xr-x 12 root root 4096 2022-03-12 20:57 . -rw-r--r-- 1 root root 5767 2022-02-02 22:44 ./ANNOUNCE.15.0 -rw-r--r-- 1 root root 16617 2022-02-02 23:27 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1115819 2022-03-09 04:18 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-03-09 04:18 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1116942 2022-03-10 02:37 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-03-10 02:37 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 1876035 2022-03-10 02:30 ./ChangeLog.txt +-rw-r--r-- 1 root root 1876429 2022-03-12 20:57 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,7 +25,7 @@ drwxr-xr-x 2 root root 4096 2022-02-02 08:21 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1456084 2022-03-09 04:17 ./FILELIST.TXT +-rw-r--r-- 1 root root 1457492 2022-03-10 02:36 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY -rw-r--r-- 1 root root 864745 2022-02-02 08:25 ./PACKAGES.TXT -rw-r--r-- 1 root root 8034 2022-02-02 03:36 ./README.TXT @@ -737,13 +737,13 @@ drwxr-xr-x 2 root root 4096 2008-05-07 05:21 ./pasture/source/php/pear -rwxr-xr-x 1 root root 9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild -rw-r--r-- 1 root root 775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz -rw-r--r-- 1 root root 830 2005-12-09 05:18 ./pasture/source/php/slack-desc -drwxr-xr-x 4 root root 4096 2022-03-10 02:36 ./patches --rw-r--r-- 1 root root 17560 2022-03-10 02:36 ./patches/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-03-10 02:36 ./patches/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 23532 2022-03-10 02:36 ./patches/FILE_LIST --rw-r--r-- 1 root root 8199908 2022-03-10 02:36 ./patches/MANIFEST.bz2 --rw-r--r-- 1 root root 12005 2022-03-10 02:36 ./patches/PACKAGES.TXT -drwxr-xr-x 3 root root 4096 2022-03-10 02:36 ./patches/packages +drwxr-xr-x 4 root root 4096 2022-03-12 21:00 ./patches +-rw-r--r-- 1 root root 18424 2022-03-12 21:00 ./patches/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-03-12 21:00 ./patches/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 24650 2022-03-12 21:00 ./patches/FILE_LIST +-rw-r--r-- 1 root root 8206383 2022-03-12 21:00 ./patches/MANIFEST.bz2 +-rw-r--r-- 1 root root 12621 2022-03-12 21:00 ./patches/PACKAGES.TXT +drwxr-xr-x 3 root root 4096 2022-03-12 21:00 ./patches/packages -rw-r--r-- 1 root root 327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt -rw-r--r-- 1 root root 10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz -rw-r--r-- 1 root root 163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc @@ -799,13 +799,16 @@ drwxr-xr-x 2 root root 4096 2022-03-09 04:17 ./patches/packages/linux-5.15 -rw-r--r-- 1 root root 345 2022-02-18 04:57 ./patches/packages/php-7.4.28-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 5825644 2022-02-18 04:57 ./patches/packages/php-7.4.28-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-02-18 04:57 ./patches/packages/php-7.4.28-x86_64-1_slack15.0.txz.asc +-rw-r--r-- 1 root root 450 2022-03-12 20:37 ./patches/packages/polkit-0.120-x86_64-3_slack15.0.txt +-rw-r--r-- 1 root root 403284 2022-03-12 20:37 ./patches/packages/polkit-0.120-x86_64-3_slack15.0.txz +-rw-r--r-- 1 root root 163 2022-03-12 20:37 ./patches/packages/polkit-0.120-x86_64-3_slack15.0.txz.asc -rw-r--r-- 1 root root 392 2022-03-02 20:36 ./patches/packages/seamonkey-2.53.11-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 38098120 2022-03-02 20:36 ./patches/packages/seamonkey-2.53.11-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-03-02 20:36 ./patches/packages/seamonkey-2.53.11-x86_64-1_slack15.0.txz.asc -rw-r--r-- 1 root root 354 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txt -rw-r--r-- 1 root root 2805300 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz -rw-r--r-- 1 root root 163 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz.asc -drwxr-xr-x 17 root root 4096 2022-03-10 02:28 ./patches/source +drwxr-xr-x 18 root root 4096 2022-03-12 20:40 ./patches/source drwxr-xr-x 2 root root 4096 2022-01-16 05:07 ./patches/source/aaa_base -rw-r--r-- 1 root root 11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz -rwxr-xr-x 1 root root 3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild @@ -939,6 +942,15 @@ drwxr-xr-x 2 root root 4096 2022-02-18 02:03 ./patches/source/php -rw-r--r-- 1 root root 605 2020-03-17 21:22 ./patches/source/php/php.imap.api.diff.gz -rw-r--r-- 1 root root 805 2020-05-12 19:14 ./patches/source/php/php.ini-development.diff.gz -rw-r--r-- 1 root root 796 2021-02-19 19:05 ./patches/source/php/slack-desc +drwxr-xr-x 2 root root 4096 2022-03-12 20:26 ./patches/source/polkit +-rw-r--r-- 1 root root 610 2018-08-20 21:35 ./patches/source/polkit/0001-configure-fix-elogind-support.patch.gz +-rw-r--r-- 1 root root 890 2022-03-12 20:25 ./patches/source/polkit/CVE-2021-4115.patch.gz +-rw-r--r-- 1 root root 1061 2022-01-26 02:14 ./patches/source/polkit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch.gz +-rw-r--r-- 1 root root 484 2020-11-30 06:55 ./patches/source/polkit/doinst.sh.gz +-rw-r--r-- 1 root root 292 2015-01-02 05:35 ./patches/source/polkit/dont-set-wheel-group-as-admin.diff.gz +-rw-r--r-- 1 root root 675865 2021-10-06 18:06 ./patches/source/polkit/polkit-0.120.tar.lz +-rwxr-xr-x 1 root root 6539 2022-03-12 20:36 ./patches/source/polkit/polkit.SlackBuild +-rw-r--r-- 1 root root 903 2020-11-01 20:04 ./patches/source/polkit/slack-desc drwxr-xr-x 3 root root 4096 2022-03-02 19:58 ./patches/source/seamonkey drwxr-xr-x 2 root root 4096 2016-07-03 18:05 ./patches/source/seamonkey/autoconf -rw-r--r-- 1 root root 5869 2016-07-03 18:04 ./patches/source/seamonkey/autoconf/autoconf-2.13-consolidated_fixes-1.patch.gz @@ -2714,18 +2726,18 @@ drwxr-xr-x 2 root root 69632 2022-02-01 08:29 ./slackware64/kde -rw-r--r-- 1 root root 163 2022-01-08 22:38 ./slackware64/kde/kxmlgui-5.90.0-x86_64-1.txz.asc -rw-r--r-- 1 root root 286 2022-01-08 22:43 ./slackware64/kde/kxmlrpcclient-5.90.0-x86_64-1.txt -rw-r--r-- 1 root root 44864 2022-01-08 22:43 ./slackware64/kde/kxmlrpcclient-5.90.0-x86_64-1.txz --rw-r--r-- 1 root root 163 2022-01-08 22:43 ./slackware64/kde/kxmlrpcclient-5.90.0-x86_64-1.txz.asc --rw-r--r-- 1 root root 455 2022-01-25 19:27 ./slackware64/kde/latte-dock-0.10.8-x86_64-1.txt --rw-r--r-- 1 root root 1339320 2022-01-25 19:27 ./slackware64/kde/latte-dock-0.10.8-x86_64-1.txz --rw-r--r-- 1 root root 163 2022-01-25 19:27 ./slackware64/kde/latte-dock-0.10.8-x86_64-1.txz.asc --rw-r--r-- 1 root root 323 2022-01-04 21:36 ./slackware64/kde/layer-shell-qt-5.23.5-x86_64-1.txt --rw-r--r-- 1 root root 25628 2022-01-04 21:36 ./slackware64/kde/layer-shell-qt-5.23.5-x86_64-1.txz --rw-r--r-- 1 root root 163 2022-01-04 21:36 ./slackware64/kde/layer-shell-qt-5.23.5-x86_64-1.txz.asc --rw-r--r-- 1 root root 243 2022-01-06 21:41 ./slackware64/kde/libgravatar-21.12.1-x86_64-1.txt --rw-r--r-- 1 root root 51648 2022-01-06 21:41 ./slackware64/kde/libgravatar-21.12.1-x86_64-1.txz --rw-r--r-- 1 root root 163 2022-01-06 21:41 ./slackware64/kde/libgravatar-21.12.1-x86_64-1.txz.asc --rw-r--r-- 1 root root 178 2022-01-06 22:14 ./slackware64/kde/libkcddb-21.12.1-x86_64-1.txt --rw-r--r-- 1 root root 297760 2022-01-06 22:14 ./slackware64/kde/libkcddb-21.12.1-x86_64-1.txz +-rw-r--r-- 1 root root 163 2022-01-08 22:43 ./slackware64/kde/kxmlrpcclient-5.90.0-x86_64-1.txz.asc +-rw-r--r-- 1 root root 455 2022-01-25 19:27 ./slackware64/kde/latte-dock-0.10.8-x86_64-1.txt +-rw-r--r-- 1 root root 1339320 2022-01-25 19:27 ./slackware64/kde/latte-dock-0.10.8-x86_64-1.txz +-rw-r--r-- 1 root root 163 2022-01-25 19:27 ./slackware64/kde/latte-dock-0.10.8-x86_64-1.txz.asc +-rw-r--r-- 1 root root 323 2022-01-04 21:36 ./slackware64/kde/layer-shell-qt-5.23.5-x86_64-1.txt +-rw-r--r-- 1 root root 25628 2022-01-04 21:36 ./slackware64/kde/layer-shell-qt-5.23.5-x86_64-1.txz +-rw-r--r-- 1 root root 163 2022-01-04 21:36 ./slackware64/kde/layer-shell-qt-5.23.5-x86_64-1.txz.asc +-rw-r--r-- 1 root root 243 2022-01-06 21:41 ./slackware64/kde/libgravatar-21.12.1-x86_64-1.txt +-rw-r--r-- 1 root root 51648 2022-01-06 21:41 ./slackware64/kde/libgravatar-21.12.1-x86_64-1.txz +-rw-r--r-- 1 root root 163 2022-01-06 21:41 ./slackware64/kde/libgravatar-21.12.1-x86_64-1.txz.asc +-rw-r--r-- 1 root root 178 2022-01-06 22:14 ./slackware64/kde/libkcddb-21.12.1-x86_64-1.txt +-rw-r--r-- 1 root root 297760 2022-01-06 22:14 ./slackware64/kde/libkcddb-21.12.1-x86_64-1.txz -rw-r--r-- 1 root root 163 2022-01-06 22:14 ./slackware64/kde/libkcddb-21.12.1-x86_64-1.txz.asc -rw-r--r-- 1 root root 275 2022-01-06 22:14 ./slackware64/kde/libkcompactdisc-21.12.1-x86_64-1.txt -rw-r--r-- 1 root root 70500 2022-01-06 22:14 ./slackware64/kde/libkcompactdisc-21.12.1-x86_64-1.txz @@ -5469,20 +5481,20 @@ drwxr-xr-x 2 root root 65536 2022-02-01 04:47 ./slackware64/x -rw-r--r-- 1 root root 300 2021-02-13 13:13 ./slackware64/x/xkill-1.0.5-x86_64-4.txt -rw-r--r-- 1 root root 20180 2021-02-13 13:13 ./slackware64/x/xkill-1.0.5-x86_64-4.txz -rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xkill-1.0.5-x86_64-4.txz.asc --rw-r--r-- 1 root root 307 2021-02-13 13:13 ./slackware64/x/xload-1.1.3-x86_64-4.txt --rw-r--r-- 1 root root 24060 2021-02-13 13:13 ./slackware64/x/xload-1.1.3-x86_64-4.txz --rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xload-1.1.3-x86_64-4.txz.asc --rw-r--r-- 1 root root 293 2021-02-13 13:13 ./slackware64/x/xlogo-1.0.5-x86_64-3.txt --rw-r--r-- 1 root root 24284 2021-02-13 13:13 ./slackware64/x/xlogo-1.0.5-x86_64-3.txz --rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xlogo-1.0.5-x86_64-3.txz.asc --rw-r--r-- 1 root root 348 2021-02-13 13:13 ./slackware64/x/xlsatoms-1.1.3-x86_64-3.txt --rw-r--r-- 1 root root 18852 2021-02-13 13:13 ./slackware64/x/xlsatoms-1.1.3-x86_64-3.txz --rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xlsatoms-1.1.3-x86_64-3.txz.asc --rw-r--r-- 1 root root 286 2021-02-13 13:13 ./slackware64/x/xlsclients-1.1.4-x86_64-4.txt --rw-r--r-- 1 root root 21528 2021-02-13 13:13 ./slackware64/x/xlsclients-1.1.4-x86_64-4.txz --rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xlsclients-1.1.4-x86_64-4.txz.asc --rw-r--r-- 1 root root 237 2021-02-13 13:13 ./slackware64/x/xlsfonts-1.0.6-x86_64-4.txt --rw-r--r-- 1 root root 22992 2021-02-13 13:13 ./slackware64/x/xlsfonts-1.0.6-x86_64-4.txz +-rw-r--r-- 1 root root 307 2021-02-13 13:13 ./slackware64/x/xload-1.1.3-x86_64-4.txt +-rw-r--r-- 1 root root 24060 2021-02-13 13:13 ./slackware64/x/xload-1.1.3-x86_64-4.txz +-rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xload-1.1.3-x86_64-4.txz.asc +-rw-r--r-- 1 root root 293 2021-02-13 13:13 ./slackware64/x/xlogo-1.0.5-x86_64-3.txt +-rw-r--r-- 1 root root 24284 2021-02-13 13:13 ./slackware64/x/xlogo-1.0.5-x86_64-3.txz +-rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xlogo-1.0.5-x86_64-3.txz.asc +-rw-r--r-- 1 root root 348 2021-02-13 13:13 ./slackware64/x/xlsatoms-1.1.3-x86_64-3.txt +-rw-r--r-- 1 root root 18852 2021-02-13 13:13 ./slackware64/x/xlsatoms-1.1.3-x86_64-3.txz +-rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xlsatoms-1.1.3-x86_64-3.txz.asc +-rw-r--r-- 1 root root 286 2021-02-13 13:13 ./slackware64/x/xlsclients-1.1.4-x86_64-4.txt +-rw-r--r-- 1 root root 21528 2021-02-13 13:13 ./slackware64/x/xlsclients-1.1.4-x86_64-4.txz +-rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xlsclients-1.1.4-x86_64-4.txz.asc +-rw-r--r-- 1 root root 237 2021-02-13 13:13 ./slackware64/x/xlsfonts-1.0.6-x86_64-4.txt +-rw-r--r-- 1 root root 22992 2021-02-13 13:13 ./slackware64/x/xlsfonts-1.0.6-x86_64-4.txz -rw-r--r-- 1 root root 163 2021-02-13 13:13 ./slackware64/x/xlsfonts-1.0.6-x86_64-4.txz.asc -rw-r--r-- 1 root root 165 2021-02-13 13:13 ./slackware64/x/xmag-1.0.6-x86_64-4.txt -rw-r--r-- 1 root root 30584 2021-02-13 13:13 ./slackware64/x/xmag-1.0.6-x86_64-4.txz @@ -15158,23 +15170,23 @@ drwxr-xr-x 2 root root 4096 2021-01-29 18:38 ./source/xap/xpdf/lang -rw-r--r-- 1 root root 224 2013-03-28 20:51 ./source/xap/xpdf/lang/xpdf-latin2.diff.gz -rw-r--r-- 1 root root 1804 2011-08-15 21:28 ./source/xap/xpdf/lang/xpdf-thai-2011-aug-15.tar.xz -rw-r--r-- 1 root root 252 2013-03-28 20:51 ./source/xap/xpdf/lang/xpdf-thai.diff.gz --rw-r--r-- 1 root root 1152 2011-08-15 21:28 ./source/xap/xpdf/lang/xpdf-turkish-2011-aug-15.tar.xz --rw-r--r-- 1 root root 239 2013-03-28 20:51 ./source/xap/xpdf/lang/xpdf-turkish.diff.gz -drwxr-xr-x 2 root root 4096 2021-01-29 18:32 ./source/xap/xpdf/patches --rw-r--r-- 1 root root 555 2017-09-26 04:39 ./source/xap/xpdf/patches/xpdfrc.diff.gz --rw-r--r-- 1 root root 640 2018-02-27 06:13 ./source/xap/xpdf/slack-desc --rw-r--r-- 1 root root 667845 2021-01-27 23:15 ./source/xap/xpdf/xpdf-4.03.tar.lz --rwxr-xr-x 1 root root 5287 2021-09-25 18:39 ./source/xap/xpdf/xpdf.SlackBuild --rw-r--r-- 1 root root 3260 2010-01-11 05:07 ./source/xap/xpdf/xpdf.desktop --rw-r--r-- 1 root root 27 2019-10-03 18:45 ./source/xap/xpdf/xpdf.url --rw-r--r-- 1 root root 2751 2016-03-03 05:04 ./source/xap/xpdf/xpdfIcon.xpm -drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/xap/xsane --rw-r--r-- 1 root root 951 2018-02-27 06:13 ./source/xap/xsane/slack-desc --rw-r--r-- 1 root root 1073 2015-03-26 16:54 ./source/xap/xsane/xsane-0.995-close-fds.patch.gz --rw-r--r-- 1 root root 521 2015-03-26 16:54 ./source/xap/xsane/xsane-0.995-xdg-open.patch.gz --rw-r--r-- 1 root root 1558 2015-03-26 16:54 ./source/xap/xsane/xsane-0.996-no-eula.patch.gz --rw-r--r-- 1 root root 1679 2015-03-26 16:54 ./source/xap/xsane/xsane-0.997-ipv6.patch.gz --rw-r--r-- 1 root root 1383 2015-03-26 16:54 ./source/xap/xsane/xsane-0.997-off-root-build.patch.gz +-rw-r--r-- 1 root root 1152 2011-08-15 21:28 ./source/xap/xpdf/lang/xpdf-turkish-2011-aug-15.tar.xz +-rw-r--r-- 1 root root 239 2013-03-28 20:51 ./source/xap/xpdf/lang/xpdf-turkish.diff.gz +drwxr-xr-x 2 root root 4096 2021-01-29 18:32 ./source/xap/xpdf/patches +-rw-r--r-- 1 root root 555 2017-09-26 04:39 ./source/xap/xpdf/patches/xpdfrc.diff.gz +-rw-r--r-- 1 root root 640 2018-02-27 06:13 ./source/xap/xpdf/slack-desc +-rw-r--r-- 1 root root 667845 2021-01-27 23:15 ./source/xap/xpdf/xpdf-4.03.tar.lz +-rwxr-xr-x 1 root root 5287 2021-09-25 18:39 ./source/xap/xpdf/xpdf.SlackBuild +-rw-r--r-- 1 root root 3260 2010-01-11 05:07 ./source/xap/xpdf/xpdf.desktop +-rw-r--r-- 1 root root 27 2019-10-03 18:45 ./source/xap/xpdf/xpdf.url +-rw-r--r-- 1 root root 2751 2016-03-03 05:04 ./source/xap/xpdf/xpdfIcon.xpm +drwxr-xr-x 2 root root 4096 2021-02-13 05:32 ./source/xap/xsane +-rw-r--r-- 1 root root 951 2018-02-27 06:13 ./source/xap/xsane/slack-desc +-rw-r--r-- 1 root root 1073 2015-03-26 16:54 ./source/xap/xsane/xsane-0.995-close-fds.patch.gz +-rw-r--r-- 1 root root 521 2015-03-26 16:54 ./source/xap/xsane/xsane-0.995-xdg-open.patch.gz +-rw-r--r-- 1 root root 1558 2015-03-26 16:54 ./source/xap/xsane/xsane-0.996-no-eula.patch.gz +-rw-r--r-- 1 root root 1679 2015-03-26 16:54 ./source/xap/xsane/xsane-0.997-ipv6.patch.gz +-rw-r--r-- 1 root root 1383 2015-03-26 16:54 ./source/xap/xsane/xsane-0.997-off-root-build.patch.gz -rw-r--r-- 1 root root 771 2015-03-26 16:54 ./source/xap/xsane/xsane-0.998-desktop-file.patch.gz -rw-r--r-- 1 root root 630 2015-03-26 16:54 ./source/xap/xsane/xsane-0.998-libpng.patch.gz -rw-r--r-- 1 root root 1032 2015-03-26 16:54 ./source/xap/xsane/xsane-0.998-preview-selection.patch.gz diff --git a/patches/packages/polkit-0.120-x86_64-3_slack15.0.txt b/patches/packages/polkit-0.120-x86_64-3_slack15.0.txt new file mode 100644 index 000000000..3fab4403d --- /dev/null +++ b/patches/packages/polkit-0.120-x86_64-3_slack15.0.txt @@ -0,0 +1,11 @@ +polkit: polkit (authentication framework) +polkit: +polkit: PolicyKit is an application-level toolkit for defining and handling +polkit: the policy that allows unprivileged processes to speak to privileged +polkit: processes. PolicyKit is specifically targeting applications in rich +polkit: desktop environments on multi-user UNIX-like operating systems. +polkit: +polkit: Homepage: http://www.freedesktop.org/wiki/Software/polkit +polkit: +polkit: +polkit: diff --git a/patches/source/polkit/0001-configure-fix-elogind-support.patch b/patches/source/polkit/0001-configure-fix-elogind-support.patch new file mode 100644 index 000000000..4c40bd9b2 --- /dev/null +++ b/patches/source/polkit/0001-configure-fix-elogind-support.patch @@ -0,0 +1,29 @@ +From 08bb656496cd3d6213bbe9473f63f2d4a110da6e Mon Sep 17 00:00:00 2001 +From: Rasmus Thomsen +Date: Wed, 11 Apr 2018 13:14:14 +0200 +Subject: [PATCH] configure: fix elogind support + +HAVE_LIBSYSTEMD is used to determine which source files to use. +We have to check if either have_libsystemd or have_libelogind is +true, as both of these need the source files which are used when +HAVE_LIBSYSTEMD is true. +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 36df239..da47ecb 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -221,7 +221,7 @@ AS_IF([test "x$cross_compiling" != "xyes" ], [ + + AC_SUBST(LIBSYSTEMD_CFLAGS) + AC_SUBST(LIBSYSTEMD_LIBS) +-AM_CONDITIONAL(HAVE_LIBSYSTEMD, [test "$have_libsystemd" = "yes"], [Using libsystemd]) ++AM_CONDITIONAL(HAVE_LIBSYSTEMD, [test "$have_libsystemd" = "yes" || test "$have_libelogind" = "yes" ], [Using libsystemd]) + + dnl --------------------------------------------------------------------------- + dnl - systemd unit / service files +-- +2.17.0 + diff --git a/patches/source/polkit/CVE-2021-4115.patch b/patches/source/polkit/CVE-2021-4115.patch new file mode 100644 index 000000000..3cb55819c --- /dev/null +++ b/patches/source/polkit/CVE-2021-4115.patch @@ -0,0 +1,71 @@ +diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c +index 8ed1363..2fbf5f1 100644 +--- a/src/polkit/polkitsystembusname.c ++++ b/src/polkit/polkitsystembusname.c +@@ -62,6 +62,10 @@ enum + PROP_NAME, + }; + ++ ++guint8 dbus_call_respond_fails; // has to be global because of callback ++ ++ + static void subject_iface_init (PolkitSubjectIface *subject_iface); + + G_DEFINE_TYPE_WITH_CODE (PolkitSystemBusName, polkit_system_bus_name, G_TYPE_OBJECT, +@@ -364,6 +368,7 @@ on_retrieved_unix_uid_pid (GObject *src, + if (!v) + { + data->caught_error = TRUE; ++ dbus_call_respond_fails += 1; + } + else + { +@@ -405,6 +410,8 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus + tmp_context = g_main_context_new (); + g_main_context_push_thread_default (tmp_context); + ++ dbus_call_respond_fails = 0; ++ + /* Do two async calls as it's basically as fast as one sync call. + */ + g_dbus_connection_call (connection, +@@ -432,11 +439,34 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus + on_retrieved_unix_uid_pid, + &data); + +- while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error)) +- g_main_context_iteration (tmp_context, TRUE); ++ while (TRUE) ++ { ++ /* If one dbus call returns error, we must wait until the other call ++ * calls _call_finish(), otherwise fd leak is possible. ++ * Resolves: GHSL-2021-077 ++ */ + +- if (data.caught_error) +- goto out; ++ if ( (dbus_call_respond_fails > 1) ) ++ { ++ // we got two faults, we can leave ++ goto out; ++ } ++ ++ if ((data.caught_error && (data.retrieved_pid || data.retrieved_uid))) ++ { ++ // we got one fault and the other call finally finished, we can leave ++ goto out; ++ } ++ ++ if ( !(data.retrieved_uid && data.retrieved_pid) ) ++ { ++ g_main_context_iteration (tmp_context, TRUE); ++ } ++ else ++ { ++ break; ++ } ++ } + + if (out_uid) + *out_uid = data.uid; diff --git a/patches/source/polkit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch b/patches/source/polkit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch new file mode 100644 index 000000000..a06300a53 --- /dev/null +++ b/patches/source/polkit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch @@ -0,0 +1,79 @@ +From a2bf5c9c83b6ae46cbd5c779d3055bff81ded683 Mon Sep 17 00:00:00 2001 +From: Jan Rybar +Date: Tue, 25 Jan 2022 17:21:46 +0000 +Subject: [PATCH] pkexec: local privilege escalation (CVE-2021-4034) + +--- + src/programs/pkcheck.c | 5 +++++ + src/programs/pkexec.c | 23 ++++++++++++++++++++--- + 2 files changed, 25 insertions(+), 3 deletions(-) + +diff --git a/src/programs/pkcheck.c b/src/programs/pkcheck.c +index f1bb4e1..768525c 100644 +--- a/src/programs/pkcheck.c ++++ b/src/programs/pkcheck.c +@@ -363,6 +363,11 @@ main (int argc, char *argv[]) + local_agent_handle = NULL; + ret = 126; + ++ if (argc < 1) ++ { ++ exit(126); ++ } ++ + /* Disable remote file access from GIO. */ + setenv ("GIO_USE_VFS", "local", 1); + +diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c +index 7698c5c..84e5ef6 100644 +--- a/src/programs/pkexec.c ++++ b/src/programs/pkexec.c +@@ -488,6 +488,15 @@ main (int argc, char *argv[]) + pid_t pid_of_caller; + gpointer local_agent_handle; + ++ ++ /* ++ * If 'pkexec' is called THIS wrong, someone's probably evil-doing. Don't be nice, just bail out. ++ */ ++ if (argc<1) ++ { ++ exit(127); ++ } ++ + ret = 127; + authority = NULL; + subject = NULL; +@@ -614,10 +623,10 @@ main (int argc, char *argv[]) + + path = g_strdup (pwstruct.pw_shell); + if (!path) +- { ++ { + g_printerr ("No shell configured or error retrieving pw_shell\n"); + goto out; +- } ++ } + /* If you change this, be sure to change the if (!command_line) + case below too */ + command_line = g_strdup (path); +@@ -636,7 +645,15 @@ main (int argc, char *argv[]) + goto out; + } + g_free (path); +- argv[n] = path = s; ++ path = s; ++ ++ /* argc<2 and pkexec runs just shell, argv is guaranteed to be null-terminated. ++ * /-less shell shouldn't happen, but let's be defensive and don't write to null-termination ++ */ ++ if (argv[n] != NULL) ++ { ++ argv[n] = path; ++ } + } + if (access (path, F_OK) != 0) + { +-- +GitLab + diff --git a/patches/source/polkit/doinst.sh b/patches/source/polkit/doinst.sh new file mode 100644 index 000000000..3d81307e8 --- /dev/null +++ b/patches/source/polkit/doinst.sh @@ -0,0 +1,32 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +if [ -r etc/pam.d/polkit-1.new ]; then + config etc/pam.d/polkit-1.new +fi + +# Make sure the polkitd user and group exist: +if ! grep -q "^polkitd:" etc/passwd ; then + echo "polkitd:x:87:87:PolicyKit daemon owner:/var/lib/polkit:/bin/false" >> etc/passwd +fi +if ! grep -q "^polkitd:" etc/group ; then + echo "polkitd:x:87:" >> etc/group +fi + +# Remove obsolete rules: +rm -f etc/polkit-1/localauthority/50-local.d/*.pkla{,.new} +rm -f etc/polkit-1/rules.d/*.pkla{,.new} + +# Remove obsolete directory: +rmdir etc/polkit-1/localauthority/50-local.d 2> /dev/null +rmdir etc/polkit-1/localauthority 2> /dev/null + diff --git a/patches/source/polkit/dont-set-wheel-group-as-admin.diff b/patches/source/polkit/dont-set-wheel-group-as-admin.diff new file mode 100644 index 000000000..6a86ac280 --- /dev/null +++ b/patches/source/polkit/dont-set-wheel-group-as-admin.diff @@ -0,0 +1,10 @@ +diff -Nur polkit-0.112.orig/src/polkitbackend/50-default.rules polkit-0.112/src/polkitbackend/50-default.rules +--- polkit-0.112.orig/src/polkitbackend/50-default.rules 2013-04-29 12:28:57.000000000 -0500 ++++ polkit-0.112/src/polkitbackend/50-default.rules 2015-01-01 23:32:40.154400050 -0600 +@@ -8,5 +8,5 @@ + // about configuring polkit. + + polkit.addAdminRule(function(action, subject) { +- return ["unix-group:wheel"]; ++ return ["unix-user:root"]; + }); diff --git a/patches/source/polkit/polkit.SlackBuild b/patches/source/polkit/polkit.SlackBuild new file mode 100755 index 000000000..abe639fcb --- /dev/null +++ b/patches/source/polkit/polkit.SlackBuild @@ -0,0 +1,201 @@ +#!/bin/bash + +# Copyright 2009, 2011, 2015 Robby Workman, Northport, Alabama, USA +# Copyright 2010 Eric Hameleers, Eindhoven, NL +# Copyright 2009, 2010, 2011, 2012, 2013, 2018, 2020 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. + +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=polkit +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-3_slack15.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j$(expr $(nproc) + 1) "} + +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \+ -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \+ + +zcat $CWD/dont-set-wheel-group-as-admin.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/CVE-2021-4115.patch.gz | patch -p1 --verbose || exit 1 + +# https://gitlab.freedesktop.org/polkit/polkit/-/issues/29 +zcat $CWD/0001-configure-fix-elogind-support.patch.gz | patch -p1 || exit 1 + +# If we get here and don't have a polkitd user/group, add one. +# Otherwise a few directories in the package will have wrong permissions. +if ! grep -q "^polkitd:" /etc/passwd ; then + groupadd -fg 87 polkitd + useradd -c "PolicyKit daemon owner" -d /var/lib/polkit -u 87 -g polkitd -s /bin/false polkitd +fi + +# Choose correct options depending on whether PAM is installed: +if [ -L /lib${LIBDIRSUFFIX}/libpam.so.? ]; then + PAM_OPTIONS="--with-authfw=pam --with-pam-module-dir=/lib${LIBDIRSUFFIX}/security" + unset SHADOW_OPTIONS +else + unset PAM_OPTIONS + SHADOW_OPTIONS="--with-authfw=shadow" +fi + +if [ ! -r configure ]; then + if [ -x ./autogen.sh ]; then + NOCONFIGURE=1 ./autogen.sh + else + autoreconf -vif + fi +fi + +LIBELOGIND_CFLAGS="$(pkg-config --cflags libelogind)" \ +LIBELOGIND_LIBS="$(pkg-config --libs libelogind)" \ +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-man-pages \ + --enable-gtk-doc \ + --mandir=/usr/man \ + --disable-static \ + --disable-examples \ + --enable-introspection \ + --enable-libsystemd-login=no \ + --enable-libelogind=yes \ + $PAM_OPTIONS \ + $SHADOW_OPTIONS \ + --enable-verbose-mode \ + --with-os-type=Slackware \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Don't ship .la files: +rm -f $PKG/{,usr/}lib${LIBDIRSUFFIX}/*.la + +# Create homedir for polkit. This is mentioned in /etc/passwd, but isn't +# actually used for anything later. Perms don't matter. +mkdir -p $PKG/var/lib/polkit + +# Move dbus configs to system location: +mkdir -p $PKG/usr/share/dbus-1/system.d/ +mv $PKG/etc/dbus-1/system.d/* $PKG/usr/share/dbus-1/system.d/ +rmdir --parents $PKG/etc/dbus-1/system.d/ + +# Leave the /etc/polkit-1/rules.d/ dir in place, but move the config(s) +mv $PKG/etc/polkit-1/rules.d/* $PKG/usr/share/polkit-1/rules.d/ + +if [ ! -z "$PAM_OPTIONS" ]; then + # Make the PAM file .new: + mv $PKG/etc/pam.d/polkit-1 $PKG/etc/pam.d/polkit-1.new +fi + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING HACKING INSTALL NEWS README \ + $PKG/usr/doc/$PKGNAM-$VERSION +( cd $PKG/usr/doc/$PKGNAM-$VERSION; ln -s ../../share/gtk-doc/html/polkit-1 html ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/polkit/slack-desc b/patches/source/polkit/slack-desc new file mode 100644 index 000000000..5eb518d6f --- /dev/null +++ b/patches/source/polkit/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-----------------------------------------------------| +polkit: polkit (authentication framework) +polkit: +polkit: PolicyKit is an application-level toolkit for defining and handling +polkit: the policy that allows unprivileged processes to speak to privileged +polkit: processes. PolicyKit is specifically targeting applications in rich +polkit: desktop environments on multi-user UNIX-like operating systems. +polkit: +polkit: Homepage: http://www.freedesktop.org/wiki/Software/polkit +polkit: +polkit: +polkit: diff --git a/recompress.sh b/recompress.sh index 5a9f1c496..4593e3220 100755 --- a/recompress.sh +++ b/recompress.sh @@ -1191,6 +1191,11 @@ gzip ./patches/source/php/php.enchant-2.patch gzip ./patches/source/php/doinst.sh gzip ./patches/source/php/php.imap.api.diff gzip ./patches/source/php/php.ini-development.diff +gzip ./patches/source/polkit/dont-set-wheel-group-as-admin.diff +gzip ./patches/source/polkit/CVE-2021-4115.patch +gzip ./patches/source/polkit/doinst.sh +gzip ./patches/source/polkit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch +gzip ./patches/source/polkit/0001-configure-fix-elogind-support.patch gzip ./patches/source/at/doinst.sh gzip ./patches/source/mozilla-firefox/firefox.moz_plugin_path.diff gzip ./patches/source/mozilla-firefox/ff.ui.scrollToClick.diff -- cgit v1.2.3