pool/polkit
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity

Compare commits

merge into: pool:factory
Branches Tags
pool:factory pool:slfo-main pool:slfo-1.2
...
pull from: pool:slfo-1.2
Branches Tags
pool:slfo-main pool:factory pool:slfo-1.2

1 Commits
factory ... slfo-1.2

Author SHA256 Message Date
Adrian Schröter
c4177d0609 Sync changes to SLFO-1.2 branch 2025-08-20 10:44:18 +02:00
3 changed files with 39 additions and 0 deletions
Expand all files Collapse all files

30
0001-Nested-.policy-files-cause-xml-parsing-overflow-lead.patch Normal file
View File

@@ -0,0 +1,30 @@
From 107d3801361b9f9084f78710178e683391f1d245 Mon Sep 17 00:00:00 2001
From: Jan Rybar <jrybar@redhat.com>
Date: Fri, 6 Jun 2025 13:25:55 +0200
Subject: [PATCH] Nested .policy files cause xml parsing overflow leading to
crash
---
src/polkitbackend/polkitbackendactionpool.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
index 43f89cb..f4acca9 100644
--- a/src/polkitbackend/polkitbackendactionpool.c
+++ b/src/polkitbackend/polkitbackendactionpool.c
@@ -739,6 +739,12 @@ _start (void *data, const char *el, const char **attr)
guint num_attr;
ParserData *pd = data;
+ if (pd->stack_depth < 0 || pd->stack_depth >= PARSER_MAX_DEPTH)
+ {
+ g_warning ("XML parsing reached max depth?");
+ goto error;
+ }
+
for (num_attr = 0; attr[num_attr] != NULL; num_attr++)
;
--
2.43.0

7
polkit.changes
View File

@@ -1,3 +1,10 @@
-------------------------------------------------------------------
Tue Jul 15 14:15:03 UTC 2025 - Marcus Meissner <meissner@suse.com>
- CVE-2025-7519: Fixed that a XML policy file with a large number of
nested elements may lead to out-of-bounds write (bsc#1246472)
added 0001-Nested-.policy-files-cause-xml-parsing-overflow-lead.patch
-------------------------------------------------------------------
Wed Aug 14 12:33:37 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>

2
polkit.spec
View File

@@ -46,6 +46,8 @@ Patch3: polkit-keyinit.patch
Patch4: polkit-adjust-libexec-path.patch
# Read actions also from /etc/polkit-1/actions
Patch6: polkit-actions-in-etc.patch
# PATCH-FIX-UPSTREAM 0001-Nested-.policy-files-cause-xml-parsing-overflow-lead.patch meissner@ -- 1246472 VUL-0: CVE-2025-7519 polkit: XML policy file with a large number of nested elements may lead to out-of-bounds write
Patch7: 0001-Nested-.policy-files-cause-xml-parsing-overflow-lead.patch
BuildRequires: gcc-c++
BuildRequires: gettext-devel