polkit: fix CVE-2019-6133

Jann Horn of Google found that Polkit doesn't properly check if a process is already authenticated, which can lead to an authentication reuse by a different user[0]. See also [1] Closes #55391 [0]: https://bugs.chromium.org/p/project-zero/issues/detail?id=1692 [1]: https://gitlab.freedesktop.org/polkit/polkit/issues/75
author: worldofpeace <worldofpeace@users.noreply.github.com> 2019-02-07 17:23:05 -0500
committer: worldofpeace <worldofpeace@users.noreply.github.com> 2019-02-07 18:07:08 -0500
commit: 7da64c9fbeafa113713ae6fcab695eaef1132b21 (patch)
tree: 3027a30e3352c445c8f2116a9e0ff88294f25742 /pkgs/development/libraries/polkit
parent: 91aeda143254e3dacc075d6860fa0058578614a6 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix
index 83f19e442c605..737a9a5badf23 100644
--- a/pkgs/development/libraries/polkit/default.nix
+++ b/pkgs/development/libraries/polkit/default.nix
@@ -21,6 +21,12 @@ stdenv.mkDerivation rec {
   };
 
   patches = [
+    # CVE-2019-6133 - See: https://bugs.chromium.org/p/project-zero/issues/detail?id=1692
+    (fetchpatch {
+      url = "https://gitlab.freedesktop.org/polkit/polkit/commit/6cc6aafee135ba44ea748250d7d29b562ca190e3.patch";
+      name = "CVE-2019-6133.patch";
+      sha256 = "0jjlbjzqcz96xh6w3nv3ss9jl0hhrcd7jg4aa5advf08ibaj29r1";
+    })
     # CVE-2018-19788 - high UID fixup
     (fetchpatch {
       url = "https://gitlab.freedesktop.org/polkit/polkit/commit/5230646dc6876ef6e27f57926b1bad348f636147.patch";
author	worldofpeace <worldofpeace@users.noreply.github.com>	2019-02-07 17:23:05 -0500
committer	worldofpeace <worldofpeace@users.noreply.github.com>	2019-02-07 18:07:08 -0500
commit	7da64c9fbeafa113713ae6fcab695eaef1132b21 (patch)
tree	3027a30e3352c445c8f2116a9e0ff88294f25742 /pkgs/development/libraries/polkit
parent	91aeda143254e3dacc075d6860fa0058578614a6 (diff)