[ubuntu/saucy-proposed] ubuntu-system-service 0.2.5 (Accepted)

[Marc Deslauriers]

ubuntu-system-service (0.2.5) saucy; urgency=low

  * SECURITY UPDATE: possible privilege escalation via policykit UID lookup
    race.
    - UbuntuSystemService/utils.py: pass system-bus-name as a subject
      instead of pid so policykit can get the information from the system
      bus.
    - CVE-2013-1062

Date: Wed, 18 Sep 2013 13:21:34 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Michael Vogt <mvo at ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/ubuntu-system-service/0.2.5
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 18 Sep 2013 13:21:34 -0400
Source: ubuntu-system-service
Binary: ubuntu-system-service
Architecture: source
Version: 0.2.5
Distribution: saucy
Urgency: low
Maintainer: Michael Vogt <mvo at ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 ubuntu-system-service - Dbus service to set various system-wide configurations
Changes: 
 ubuntu-system-service (0.2.5) saucy; urgency=low
 .
   * SECURITY UPDATE: possible privilege escalation via policykit UID lookup
     race.
     - UbuntuSystemService/utils.py: pass system-bus-name as a subject
       instead of pid so policykit can get the information from the system
       bus.
     - CVE-2013-1062
Checksums-Sha1: 
 b1bfa3971654265dc8f1bbff439c0d05a52766e5 1651 ubuntu-system-service_0.2.5.dsc
 ca730b55a86290f87803b81b967efedaef5508e9 18105 ubuntu-system-service_0.2.5.tar.gz
Checksums-Sha256: 
 f3e08c32a4414cfc29b66c3fc8f3b96411db4997e9ad99f3d37474dee23ab12b 1651 ubuntu-system-service_0.2.5.dsc
 2b2c441897276e970f5439b7b0894d58051ec58af1660ffa0c90f707759a7664 18105 ubuntu-system-service_0.2.5.tar.gz
Files: 
 ff0a08821fff9ab6843508c1c8759ba1 1651 admin optional ubuntu-system-service_0.2.5.dsc
 7438d58fee6c7bd1ddcae22c70691e5d 18105 admin optional ubuntu-system-service_0.2.5.tar.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBCgAGBQJSOeMIAAoJEGVp2FWnRL6TokMQAL2o1y0Jb9fSpy9VyNNaHaqC
G7MXHsDDO/kFiF/XjXDmy3HpRS56si326uP3ODdQNFD74Nlt9gWzEwfNdpGzHd1q
hzdrcxtQPXocoLmNe+9cFIEtdqUojhylWgnVtFzsPkhgdvnzh8xJdx6FyZJa13nu
CM3XbeV2BRp4wgMuYtXVFfo8RA2WWz1SfZtDE/9U8jOrBoxXoBFsLfjyMOVeCUCa
/Nd+hdUthWcza2uHvh9JZ2dDEqsTvNjuUncPphO9huT1QHOpi+KgvK38yU8Y2Zrq
GT5AVxRBKD8JRFESGWJ2e/MCBcx8i+frRU4gDpt6kimhy8QZHwO5XkdsqJAgcT2s
RfzATGEURRzwfbUmc6a6g0/blqF6v1h1FGbmLlSpaCfeEyDkD7CPr73px2+16H14
Ox2BmIp0m6/lxV5NpRpxrbHXGS9GiV8D2HbKWRxhFYvhtHPqYBfwKDNfkKEJCpMa
X8Ydf1NM9VKe/C2fZW/bi47fg8tBJGPM/kxyZ6//XI12qNi1c3zoZcVjFyuKjx2F
yQB6FLGG6kD1dqmuE09QOmq1VFMzJvHcidS5sLQsw0OtLTpvbICVYDIbe47l7hyc
yNs2bYTGr74q6DddyQeHiHOSodQ+CwIzKCKpHd8Mz+vTKtmNngjrd90bGtahoQFU
biKGE0WZpU/9egV6riO3
=h7fH
-----END PGP SIGNATURE-----