old

Package-Manager: portage-2.2.6/cvs/Linux x86_64
Manifest-Sign-Key: 0x4868F14D

3 files changed, 12 insertions, 125 deletions

diff --git a/sys-auth/polkit/ChangeLog b/sys-auth/polkit/ChangeLog
index 87282716ad73..2c4d06ac385f 100644
--- a/sys-auth/polkit/ChangeLog
+++ b/sys-auth/polkit/ChangeLog
@@ -1,9 +1,10 @@
 # ChangeLog for sys-auth/polkit
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-auth/polkit/ChangeLog,v 1.151 2013/09/19 17:12:35 ssuominen Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/polkit/ChangeLog,v 1.152 2013/09/19 17:17:05 ssuominen Exp $
 
-  19 Sep 2013; Samuli Suominen <ssuominen@gentoo.org> -polkit-0.110-r1.ebuild:
-  Remove wrongly committed ebuild.
+  19 Sep 2013; Samuli Suominen <ssuominen@gentoo.org> -polkit-0.110-r1.ebuild,
+  -files/polkit-0.110-CVE-2013-4288.patch:
+  old
 
 *polkit-0.112-r1 (19 Sep 2013)
 
diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest
index 50db076d5d17..92b022b59e96 100644
--- a/sys-auth/polkit/Manifest
+++ b/sys-auth/polkit/Manifest
@@ -1,23 +1,22 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 
-AUX polkit-0.110-CVE-2013-4288.patch 5078 SHA256 a8c9ba12ff5b2bc330ac40b069b9648a073238688895282d1841fb1f0eb896d5 SHA512 d36b519b97697649cb253736c0ca7d7d526069afffa1592c280207c91b57fa6e942ce610808f28f29f37981a3459c6937d7679da0778c7c49ba8438fc1d03396 WHIRLPOOL 9bed36bdc4131a20afaca20a3de7bfed4faeba750444a77309dd0c4ab33264513fc0b5637b4eca199408512531eda06480f2c5f2ff5202a750781224d27fc478
 AUX polkit-0.110-W_define.patch 810 SHA256 75a47bbf04e328a8622996d40128752c6951ce434c404cca87ad3838b848874b SHA512 e17cb4867c0d16c04e4d68dfb95eb58f27cf64e1b8c6b36fa24c876c78bee990bb07a08bb7c335e333797075911639b8c6049909e7948bc86fd07e1abce2be88 WHIRLPOOL 74610ba53eb185f3963fe6dfdddcb2eb4aaa4bf23057939dcfde0d4ada296c7f904a2d45e470a0f0cdae9919c6f51512ee45ea7cb623eb3367439abeac2cb538
 DIST polkit-0.110.tar.gz 1390215 SHA256 8e5c5044bb968643b7fa379f287fb10582615df760ad2f1cb84be6e19fafe6e8 SHA512 f2630a84c21216edfc69f56092ba1b127b7765dcf4fe29a7f2f81d7163c11c643a931b215847a3fc6434c482cf12a48fef2f0e2c007d587c8bbb2fbca74eda67 WHIRLPOOL 1a4928733cdab6c9dfa186643959f15d395f6d6cba0a3790a9716282d331ceed3e962e58dc39ed2c40474238fc4d4c9e54662b20d0055059c512d42eed85631b
 DIST polkit-0.112.tar.gz 1429240 SHA256 d695f43cba4748a822fbe864dd32c4887c5da1c71694a47693ace5e88fcf6af6 SHA512 e4ad1bd287b38e5650cb94b1897a959b2ceaa6c19b4478ba872eacb13b58758fd42f6ab1718976162d823d850cd5c99b3ccadf1b57d75dea7790101422029d5f WHIRLPOOL af5dd0a17b7356302b0319e80565d6ac916128dfc85b6e2711147f3de86651f11fe8d08f3d6067d7abd24e263be92403f9d8f46935ba93db571e386a603a038a
 EBUILD polkit-0.110.ebuild 3042 SHA256 77f25cf950072a856731546f040c41fdb6b4e5bf4a9da2aacfdeee8b85d68860 SHA512 8c1555692406becc97eae07b2feb55c63915fcbc91688b6d80527c64b44e58624c806ada9c06efddb96acefc5ce5ac8ecef220594716a942ad651a018aefc8fa WHIRLPOOL ad47215ffcee4ecdddf1d1a5a6a24941462e927f673202ef055c72afd3f5165e2011b853dbbec19e40546143ce23177ec139ed9fb796353fb9935a731b89da3a
 EBUILD polkit-0.112-r1.ebuild 2917 SHA256 c042712741821e5430bb8152bf69717f86d44a2d8ccf7af7a8c08fb53cae9ace SHA512 be704280ac78bbda7ff1480e5cfcf3bb74d7eff4e3cd3c4a20b430f229863cde2e62a8b42d506365cd316722551f9f625122da09050c3d4b403fd3d36d6c2b0b WHIRLPOOL 2f1b853618e825f90f8c70c7c3072b677ccb99ec35f135a501cab83ce175ac219e3e8f80fe2d42e559764960178b4379a55a84e1644ef7bc4c998524d314690a
 EBUILD polkit-0.112.ebuild 2731 SHA256 84de835f0ab4751cdb38807a65e8e65cd02ef5cd94ff0268ca78b3f36390fe4b SHA512 02e84bbd72a92c600c70ab82c4f6adbabc818aca5af0401cc65469cfa5a2fd139c377b42d362a8c8a5f892358db62bd76d50f739b43a38fa26e7a27326781eff WHIRLPOOL 2ccd1676acbf3892464a5b72f82db209b6d8540f81b841662349e2a4c0abe0fd1dbe18ab93ed85180b3e88c7b643b6d07890cd7167341c73b14fa1da3f32a187
-MISC ChangeLog 21233 SHA256 e50159c300d16c16507c489acabb703c27c785ce9210143825be5d4ebd4f30ca SHA512 9b585c18a15b2898bd8517e604b6a9774b2cd15e15ab05de1f5b69549a76951ec5a1bc80351dbcb09b37e2616120d415f30e46d26f124cbe6523e11bc6474eac WHIRLPOOL 102ab8c88d0889b98efd4b21c723f1dee0bc85ccc7c04c7cf86c18a12b7e7f1da38611fcb2bda8e87d6783bb61f5946dbf25f3a6a77347a54cbd541ba90da218
+MISC ChangeLog 21247 SHA256 0de8c07199de662afcdc2cea0ff37fd6af090cc7de1cdf405ba0ac711e027c93 SHA512 a8263d61b848a3d7864ddf1db7c845fdc57c70aa0f25c20dff6037685f6140da9de369c28a86d6195e343ef391978d50c1fb26f578fd2aa3740fd6c98ae7117d WHIRLPOOL 79a39cc6e59e2dd744f058f93427308b5ba099af049e99bb07cb2ab3d8067219929a49e6c501ace71238296f7b08f95f4b1d8a44c789870af1fa8970743753a1
 MISC metadata.xml 516 SHA256 be8c8239fecd14fd1a9c1dee11ccb98b1188aceacf6ea58233a0f958ab648aba SHA512 293585c3b4c95b76af687f398645982d84d583e3cbf039a181c67c9710a899dad34cba9ff43f7be03a00d7552f42f0ac0a2a997c3ce7c9b80097a43f501001d4 WHIRLPOOL 4caf1316226570bec927b20957e420217a490c91013154b84f56fddf50cd5b525ccd0fd736a305ef5bc772cca734aadd8fec757238021b3e05046b503468e1a5
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.21 (GNU/Linux)
 
-iQEcBAEBCAAGBQJSOzBVAAoJEEdUh39IaPFNb6gH/RpLujXclsVYC/1u8/4D/UsY
-9nHWN2PI0AKjHsoir59mnCyF4+W54rFAXIhmZ5UrNoJPPquWEvF+QytVqLd1FFxI
-IGta89bDBoBB9CiweJRRQZqW+pllbM+JwkmxilNcvW/t58hnME+7FMULb2wVfV5k
-QkP4pn88y7arAFnzEU8N6jg0OLhO2kiFGdaa2qTlTdP8OL6qWcy0B1AChLpUBQAr
-0nB/ey0GGfeKT34+EjSFzyKJ6CmGcmCjkpkX3S+MJlVqr+hP5PG9mZJvai4qTlfD
-NWPTHdpAq2sUvMGVbExWYC/zTL4AOgnBqBWLoQ9S6qww99erHCrC7IgoIh3486s=
-=9pw4
+iQEcBAEBCAAGBQJSOzFjAAoJEEdUh39IaPFN1wEH/0Q+OVs7WwpyGNZ6dV4odT1I
+niCYiQqVIYQeFvBR59Re1rp77An99cPUII0M9PshlhZq34Tr1BKfYm+I1PM3ha6j
+CrG9ai5amtVbno8R8CDD1T+UkSJRDYtq8uE2GFtmBn7GbQqlkwcX7RC/uhffj+Ba
+HUdqujyjlL+O2TyxbG/HTAbjTLoQkTg3XLbbXwFvvTujOC6UFAndNPwXQRMs1mpq
+4rimtzEFCGrA5hhycFDnQvpoHRhRkwN3diuC7vA6WFb73AabyMt9YL834xQ+MGk1
+tEnzL8b1QEygeeT4d2vDKwmzmxjJa+Cr94o+2ECLlfXClKyRPD1NvHkRG68szDc=
+=TDMw
 -----END PGP SIGNATURE-----
diff --git a/sys-auth/polkit/files/polkit-0.110-CVE-2013-4288.patch b/sys-auth/polkit/files/polkit-0.110-CVE-2013-4288.patch
deleted file mode 100644
index af2d7f276046..000000000000
--- a/sys-auth/polkit/files/polkit-0.110-CVE-2013-4288.patch
+++ /dev/null
@@ -1,113 +0,0 @@
-commit c3502abf72c0c098adb40d7e362e94f93844a6b1
-Author: Colin Walters <walters@verbum.org>
-Date:   Mon Aug 19 12:16:11 2013 -0400
-
-    pkcheck: Support --process=pid,start-time,uid syntax too
-    
-    The uid is a new addition; this allows callers such as libvirt to
-    close a race condition in reading the uid of the process talking to
-    them.  They can read it via getsockopt(SO_PEERCRED) or equivalent,
-    rather than having pkcheck look at /proc later after the fact.
-    
-    Programs which invoke pkcheck but need to know beforehand (i.e.  at
-    compile time) whether or not it supports passing the uid can
-    use:
-    
-    pkcheck_supports_uid=$($PKG_CONFIG --variable pkcheck_supports_uid polkit-gobject-1)
-    test x$pkcheck_supports_uid = xyes
-    (cherry picked from commit 3968411b0c7ba193f9b9276ec911692aec248608)
-    
-    Conflicts:
-    	src/programs/pkcheck.c
-
-diff --git a/data/polkit-gobject-1.pc.in b/data/polkit-gobject-1.pc.in
-index c39677d..5c4c620 100644
---- a/data/polkit-gobject-1.pc.in
-+++ b/data/polkit-gobject-1.pc.in
-@@ -11,3 +11,6 @@ Version: @VERSION@
- Libs: -L${libdir} -lpolkit-gobject-1
- Cflags: -I${includedir}/polkit-1
- Requires: gio-2.0 >= 2.18 glib-2.0 >= 2.18
-+# Programs using pkcheck can use this to determine
-+# whether or not it can be passed a uid.
-+pkcheck_supports_uid=true
-diff --git a/docs/man/pkcheck.xml b/docs/man/pkcheck.xml
-index fc54054..c856ca4 100644
---- a/docs/man/pkcheck.xml
-+++ b/docs/man/pkcheck.xml
-@@ -55,6 +55,9 @@
-             <arg choice="plain">
-               <replaceable>pid,pid-start-time</replaceable>
-             </arg>
-+            <arg choice="plain">
-+              <replaceable>pid,pid-start-time,uid</replaceable>
-+            </arg>
-           </group>
-         </arg>
-         <arg choice="plain">
-@@ -90,7 +93,7 @@
-     <title>DESCRIPTION</title>
-     <para>
-       <command>pkcheck</command> is used to check whether a process, specified by
--      either <option>--process</option> or <option>--system-bus-name</option>,
-+      either <option>--process</option> (see below) or <option>--system-bus-name</option>,
-       is authorized for <replaceable>action</replaceable>. The <option>--detail</option>
-       option can be used zero or more times to pass details about <replaceable>action</replaceable>.
-       If <option>--allow-user-interaction</option> is passed, <command>pkcheck</command> blocks
-@@ -160,15 +163,23 @@ KEY3=VALUE3
-   <refsect1 id="pkcheck-notes">
-     <title>NOTES</title>
-     <para>
--      Since process identifiers can be recycled, the caller should always use
--      <replaceable>pid,pid-start-time</replaceable> to specify the process
--      to check for authorization when using the <option>--process</option> option.
--      The value of <replaceable>pid-start-time</replaceable>
--      can be determined by consulting e.g. the
-+      Do not use either the bare <replaceable>pid</replaceable> or
-+      <replaceable>pid,start-time</replaceable> syntax forms for
-+      <option>--process</option>.  There are race conditions in both.
-+      New code should always use
-+      <replaceable>pid,pid-start-time,uid</replaceable>.  The value of
-+      <replaceable>start-time</replaceable> can be determined by
-+      consulting e.g. the
-       <citerefentry><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>
--      file system depending on the operating system. If only <replaceable>pid</replaceable>
--      is passed to the <option>--process</option> option, then <command>pkcheck</command>
--      will look up the start time itself but note that this may be racy.
-+      file system depending on the operating system.  If fewer than 3
-+      arguments are passed, <command>pkcheck</command> will attempt to
-+      look up them up internally, but note that this may be racy.
-+    </para>
-+    <para>
-+      If your program is a daemon with e.g. a custom Unix domain
-+      socket, you should determine the <replaceable>uid</replaceable>
-+      parameter via operating system mechanisms such as
-+      <literal>PEERCRED</literal>.
-     </para>
-   </refsect1>
- 
-diff --git a/src/programs/pkcheck.c b/src/programs/pkcheck.c
-index 719a36c..057e926 100644
---- a/src/programs/pkcheck.c
-+++ b/src/programs/pkcheck.c
-@@ -372,6 +372,7 @@ main (int argc, char *argv[])
-       else if (g_strcmp0 (argv[n], "--process") == 0 || g_strcmp0 (argv[n], "-p") == 0)
-         {
-           gint pid;
-+	  guint uid;
-           guint64 pid_start_time;
- 
-           n++;
-@@ -381,7 +382,11 @@ main (int argc, char *argv[])
-               goto out;
-             }
- 
--          if (sscanf (argv[n], "%i,%" G_GUINT64_FORMAT, &pid, &pid_start_time) == 2)
-+          if (sscanf (argv[n], "%i,%" G_GUINT64_FORMAT ",%u", &pid, &pid_start_time, &uid) == 3)
-+            {
-+              subject = polkit_unix_process_new_for_owner (pid, pid_start_time, uid);
-+            }
-+          else if (sscanf (argv[n], "%i,%" G_GUINT64_FORMAT, &pid, &pid_start_time) == 2)
-             {
-               subject = polkit_unix_process_new_full (pid, pid_start_time);
-             }