ALT-BU-2021-3975-1
Branch p9 update bulletin.
Package alt-rootfs-installer updated to version 0.5.0-alt2 for branch p9 in task 274383.
Closed bugs
Опция --supported не работает
Closed vulnerabilities
BDU:2021-03207
Уязвимость функции polkit_system_bus_name_get_creds_sync() демона dbus-daemon библиотеки Polkit, позволяющая нарушителю повысить свои привилегии
Modified: 2025-04-03
CVE-2021-3560
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html
- http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html
- http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html
- http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1961710
- https://bugzilla.redhat.com/show_bug.cgi?id=1961710
- https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
- https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
Package alterator-multiseat updated to version 0.0.5-alt1 for branch p9 in task 273363.
Closed bugs
Устройства доп. рабочего места отображаются в устройствах seat0
При нажатии кнопки "Удалить" сбрасываются настройки рабочих мест
Package NetworkManager updated to version 1.18.10-alt3 for branch p9 in task 274203.
Closed bugs
Альт Рабочая станция К (p9) постоянно запрашивает пароль wifi/не запоминает сеть (кривая поддержка WPA3)