Information on source package policykit-1

Available versions

ReleaseVersion
stretch0.105-18+deb9u1
stretch (security)0.105-18+deb9u2
buster0.105-25+deb10u1
bullseye0.105-31+deb11u1
bookworm0.105-33
sid0.105-33

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2021-4115fixedfixedvulnerable (no DSA)fixedfixedThere is a flaw in polkit which can allow an unprivileged user to caus ...
CVE-2019-6133vulnerable (no DSA)fixedfixedfixedfixedIn PolicyKit (aka polkit) 0.115, the "start time" protection mechanism ...
CVE-2018-1116vulnerable (no DSA)fixedfixedfixedfixedA flaw was found in polkit before version 0.116. The implementation of ...
CVE-2016-2568vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)vulnerablevulnerablepkexec, when used with --user nonpriv, allows local users to escape to ...

Resolved issues

BugDescription
CVE-2021-4034A local privilege escalation vulnerability was found on polkit's pkexe ...
CVE-2021-3560It was found that polkit could be tricked into bypassing the credentia ...
CVE-2018-19788A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user wi ...
CVE-2015-4625Integer overflow in the authentication_agent_new_cookie function in Po ...
CVE-2015-3256PolicyKit (aka polkit) before 0.113 allows local users to cause a deni ...
CVE-2015-3255The polkit_backend_action_pool_init function in polkitbackend/polkitba ...
CVE-2015-3218The authentication_agent_new function in polkitbackend/polkitbackendin ...
CVE-2013-4288Race condition in PolicyKit (aka polkit) allows local users to bypass ...
CVE-2011-4945PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which ...
CVE-2011-1485Race condition in the pkexec utility and polkitd daemon in PolicyKit ( ...
CVE-2010-0750pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users t ...
CVE-2008-1658Format string vulnerability in the grant helper (polkit-grant-helper.c ...

Security announcements

DSA / DLADescription
DSA-5059-1policykit-1 - security update
DLA-2899-1policykit-1 - security update
DLA-1644-1policykit-1 - security update
DSA-4350-1policykit-1 - security update
DLA-1448-1policykit-1 - security update
DSA-2319-1policykit-1 - race condition

Search for package or bug name: Reporting problems