[ubuntu/trusty-proposed] policykit-1 0.105-4ubuntu1 (Accepted)

Sun Nov 3 18:51:14 UTC 2013

policykit-1 (0.105-4ubuntu1) trusty; urgency=low

  * Merge with Debian unstable. Remaining Ubuntu changes:
    - Switch to using logind for session tracking. Depend on libpam-systemd
      instead of consolekit, and add libsystemd-login-dev build dependency.
    - debian/policykit-1.postinst: Don't restart polkitd if we are upgrading
      from a version that uses ConsoleKit. We need to keep the old daemon
      running until the next reboot, as all the current user sessions still
      have a CK session and no logind cgroup yet.
    - Build using autoreconf to update config.{guess,sub} files.
    - Configure with --disable-silent-rules.

policykit-1 (0.105-4) unstable; urgency=low

  * Acknowledge non-maintainer upload for CVE-2013-4288.
  * Also cherry-pick the upstream commit which deprecates the racy APIs.
  * debian/patches/09_pam_environment.patch: set process environment from
    pam_getenvlist().
  * debian/patches/01_pam_polkit.patch: adjust patch to invoke pam_env, so our
    global settings from /etc/environment are applied correctly.
  * The two changes above fix pkexec to properly export the pam environment.
    Thanks Steve Langasek for the patch. (Closes: #692340)

policykit-1 (0.105-3+nmu1) unstable; urgency=high

  * Non-maintainer upload by the Security Team.
  * Fix cve-2013-4288: race condition in pkcheck.c (closes: #723717).

Date: Wed, 30 Oct 2013 16:10:44 -0700
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/policykit-1/0.105-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 30 Oct 2013 16:10:44 -0700
Source: policykit-1
Binary: policykit-1 policykit-1-doc libpolkit-gobject-1-0 libpolkit-gobject-1-dev libpolkit-agent-1-0 libpolkit-agent-1-dev libpolkit-backend-1-0 libpolkit-backend-1-dev gir1.2-polkit-1.0
Architecture: source
Version: 0.105-4ubuntu1
Distribution: trusty
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 gir1.2-polkit-1.0 - GObject introspection data for PolicyKit
 libpolkit-agent-1-0 - PolicyKit Authentication Agent API
 libpolkit-agent-1-dev - PolicyKit Authentication Agent API - development files
 libpolkit-backend-1-0 - PolicyKit backend API
 libpolkit-backend-1-dev - PolicyKit backend API - development files
 libpolkit-gobject-1-0 - PolicyKit Authorization API
 libpolkit-gobject-1-dev - PolicyKit Authorization API - development files
 policykit-1 - framework for managing administrative policies and privileges
 policykit-1-doc - documentation for PolicyKit-1
Closes: 692340 723717
Changes: 
 policykit-1 (0.105-4ubuntu1) trusty; urgency=low
 .
   * Merge with Debian unstable. Remaining Ubuntu changes:
     - Switch to using logind for session tracking. Depend on libpam-systemd
       instead of consolekit, and add libsystemd-login-dev build dependency.
     - debian/policykit-1.postinst: Don't restart polkitd if we are upgrading
       from a version that uses ConsoleKit. We need to keep the old daemon
       running until the next reboot, as all the current user sessions still
       have a CK session and no logind cgroup yet.
     - Build using autoreconf to update config.{guess,sub} files.
     - Configure with --disable-silent-rules.
 .
 policykit-1 (0.105-4) unstable; urgency=low
 .
   * Acknowledge non-maintainer upload for CVE-2013-4288.
   * Also cherry-pick the upstream commit which deprecates the racy APIs.
   * debian/patches/09_pam_environment.patch: set process environment from
     pam_getenvlist().
   * debian/patches/01_pam_polkit.patch: adjust patch to invoke pam_env, so our
     global settings from /etc/environment are applied correctly.
   * The two changes above fix pkexec to properly export the pam environment.
     Thanks Steve Langasek for the patch. (Closes: #692340)
 .
 policykit-1 (0.105-3+nmu1) unstable; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Fix cve-2013-4288: race condition in pkcheck.c (closes: #723717).
Checksums-Sha1: 
 205d2c4a859e06c4ee8964052680e0f5770d367f 2916 policykit-1_0.105-4ubuntu1.dsc
 53d56484a5bffb0aaf645c8d813b3063e01e8423 1431080 policykit-1_0.105.orig.tar.gz
 bd2f401908881c6595ef01a55c33a50e7890070a 20638 policykit-1_0.105-4ubuntu1.debian.tar.gz
Checksums-Sha256: 
 36af605fe871762041e189b832b673e65fef5f43f0308b1deafea85011d7986e 2916 policykit-1_0.105-4ubuntu1.dsc
 8fdc7cc8ba4750fcce1a4db9daa759c12afebc7901237e1c993c38f08985e1df 1431080 policykit-1_0.105.orig.tar.gz
 a9c533d08ee0ee30bd1bf8180f69b981fbf436c385c0b09964d78a06fe086a32 20638 policykit-1_0.105-4ubuntu1.debian.tar.gz
Files: 
 92200bef9268252eaddb46f0f8da9283 2916 admin optional policykit-1_0.105-4ubuntu1.dsc
 9c29e1b6c214f0bd6f1d4ee303dfaed9 1431080 admin optional policykit-1_0.105.orig.tar.gz
 7db3450e7917d13aa6d9d6a4646426e2 20638 admin optional policykit-1_0.105-4ubuntu1.debian.tar.gz
Original-Maintainer: Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBCgAGBQJSdpq8AAoJEGVp2FWnRL6TAcMQAKwdJZIMBxeEp5FRDPWsipi6
Gm9NDlltzWEYzNHo81ovah02AHctGWqnCS/iAuG3+IA98Xo+HSTHMf3UcYMmIHgh
nq1fGjlAePmoBdzbtXpNF7DauzXQlidr1LnAEh2mODWaiL1ggB2E0gFKbTA6yZf+
zPoLMa8BdjfEgOk7APpb6IaVF7yfwOmIZ8LsrAS2NPsPtA6j4meM3u2uhostBYOe
pxNYWSOJAlsjdXeOxPaHgrtJUEJ7j3iKLQhmyQWFocitWRheTzSjHe0x0RH1Fjb5
obp8M5kF9QKM1icObG5NF8YImECaBT1xYqMa6I3k+W3VVkIosgevl4cQ4BOSgPit
Lhp08g9gweL2iqIQJAQcMJp+srrh1+WlbtZk7A97WGVrjTVBHWlFDGv2DlVNmXcU
1PZr6PG1Tka7ir8HZy/BYX39pqg1Aaen69N3RTaOJrr600AU+1qddaM2OknpLgYc
5mNdXfwz9P17zWgwcrf540uzIpvjwHIlKYNOdzvfVh0Uqrx14waem72zqcXik93p
34KFcANnnNCDVI31fU16NI4Lq1OPJYIZK/BsJjLwTX3qKdXsZdMxtGUSQhF+sFRG
6qZs70TumSRSQdztrrRwhZGBO9lJiiTUAaM1zymgywAKYtZLYcvW0rzwsu+4ygvL
w3UiYy+gWGCNoCQ4QWi9
=pX5Q
-----END PGP SIGNATURE-----