Updated polkit-qt packages that fix one security issue are now availablefor Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having Important securityimpact. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available from the CVE link in theReferences section.

Polkit-qt is a library that lets developers use the PolicyKit API through aQt-styled API. The polkit-qt library is used by the KDE AuthenticationAgent (KAuth), which is a part of kdelibs.It was found that polkit-qt handled authorization requests with PolicyKitvia a D-Bus API that is vulnerable to a race condition. A local user coulduse this flaw to bypass intended PolicyKit authorizations. This updatemodifies polkit-qt to communicate with PolicyKit via a different API thatis not vulnerable to the race condition. (CVE-2014-5033)All polkit-qt users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue.
Before applying this update, make sure all previously released erratarelevant to your system have been applied.This update is available via the Red Hat Network. Details on how to use theRed Hat Network to apply this update are available athttps://access.redhat.com/articles/11258Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
polkit-qt-0.103.0-10.el7_0.src.rpm
    MD5: d22b16a9d70020581921714882760289SHA-256: a5625c7010a731569cf66b216c994a989fbd126935a6e83b204372470a200cd2
 
x86_64:
polkit-qt-0.103.0-10.el7_0.i686.rpm
    MD5: e1b033e55b1704d3269039dfddefdcadSHA-256: 2e229bf1d3e7e033334a099aa84016421ce3ab6a3eb2b6eb94be8b48b8957389
polkit-qt-0.103.0-10.el7_0.x86_64.rpm
    MD5: fe45261ca94663159a58685043fef5b2SHA-256: 7c84549876b57c61774e97446562dfb0fe101b42abe9f4bf59f670ab76100c91
polkit-qt-debuginfo-0.103.0-10.el7_0.i686.rpm
    MD5: a629b6d52cdf560508e3fd675c3826f7SHA-256: d443001016b02b59884620e80a0e07cd0c7bd342f7cb09607309887ce4074463
polkit-qt-debuginfo-0.103.0-10.el7_0.x86_64.rpm
    MD5: 2b20c276bc500b4ab4b571050b6345ccSHA-256: 41e3f57a046f2d049fbec5a7841bc314b8e4b31cb00e4f15589e66eeb1ee3d8d
polkit-qt-devel-0.103.0-10.el7_0.i686.rpm
    MD5: 56bdb37bdfecae44d07c6c99b38738f7SHA-256: 853429c0f876195a76b70eb7956668313745e1acfa6919c326b3bb96f378d926
polkit-qt-devel-0.103.0-10.el7_0.x86_64.rpm
    MD5: 02f62f749921f63c2f8760a4caa5d2feSHA-256: 76c0dd445a8d9dd2652d5f42fd012483570b55a57ae5de258de3daf1e9d16386
polkit-qt-doc-0.103.0-10.el7_0.noarch.rpm
    MD5: 4abfb03a5c9a1d8c8e0af4a530609ebaSHA-256: cd9e7ca9bfb7b2ceec3e9f716b0e541b90209a245540f15910781a66baeac2b8
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
polkit-qt-0.103.0-10.el7_0.src.rpm
    MD5: d22b16a9d70020581921714882760289SHA-256: a5625c7010a731569cf66b216c994a989fbd126935a6e83b204372470a200cd2
 
x86_64:
polkit-qt-0.103.0-10.el7_0.i686.rpm
    MD5: e1b033e55b1704d3269039dfddefdcadSHA-256: 2e229bf1d3e7e033334a099aa84016421ce3ab6a3eb2b6eb94be8b48b8957389
polkit-qt-0.103.0-10.el7_0.x86_64.rpm
    MD5: fe45261ca94663159a58685043fef5b2SHA-256: 7c84549876b57c61774e97446562dfb0fe101b42abe9f4bf59f670ab76100c91
polkit-qt-debuginfo-0.103.0-10.el7_0.i686.rpm
    MD5: a629b6d52cdf560508e3fd675c3826f7SHA-256: d443001016b02b59884620e80a0e07cd0c7bd342f7cb09607309887ce4074463
polkit-qt-debuginfo-0.103.0-10.el7_0.x86_64.rpm
    MD5: 2b20c276bc500b4ab4b571050b6345ccSHA-256: 41e3f57a046f2d049fbec5a7841bc314b8e4b31cb00e4f15589e66eeb1ee3d8d
polkit-qt-devel-0.103.0-10.el7_0.i686.rpm
    MD5: 56bdb37bdfecae44d07c6c99b38738f7SHA-256: 853429c0f876195a76b70eb7956668313745e1acfa6919c326b3bb96f378d926
polkit-qt-devel-0.103.0-10.el7_0.x86_64.rpm
    MD5: 02f62f749921f63c2f8760a4caa5d2feSHA-256: 76c0dd445a8d9dd2652d5f42fd012483570b55a57ae5de258de3daf1e9d16386
polkit-qt-doc-0.103.0-10.el7_0.noarch.rpm
    MD5: 4abfb03a5c9a1d8c8e0af4a530609ebaSHA-256: cd9e7ca9bfb7b2ceec3e9f716b0e541b90209a245540f15910781a66baeac2b8
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
polkit-qt-0.103.0-10.el7_0.src.rpm
    MD5: d22b16a9d70020581921714882760289SHA-256: a5625c7010a731569cf66b216c994a989fbd126935a6e83b204372470a200cd2
 
PPC:
polkit-qt-0.103.0-10.el7_0.ppc.rpm
    MD5: 6bf37413b2753cb3e53779f165584875SHA-256: 45c8507546ac07d8792d00a67b7878c3cc0a164960a4dc60d5dca2e6355b292c
polkit-qt-0.103.0-10.el7_0.ppc64.rpm
    MD5: e07a55a47b42e2759a57f0230d07a582SHA-256: 2e49465308506a1ebe9fa1a8a96669abe2e1ecfa1e1f7d72496f7bb1d6eeb2e1
polkit-qt-debuginfo-0.103.0-10.el7_0.ppc.rpm
    MD5: 443e1b3945602a967f95c1a2198715e2SHA-256: a0510864853aff5db7de1996f8f7a46abc565f70c6136c0162d52e45a76514e1
polkit-qt-debuginfo-0.103.0-10.el7_0.ppc64.rpm
    MD5: c955fc8696f59791b2547e8ee1dcb08eSHA-256: ddf53397435cbbcf1bc81e0bad23f701716f3e992bbb7917faa227a177f2b1e5
polkit-qt-devel-0.103.0-10.el7_0.ppc.rpm
    MD5: dd95b55934a4e1be210d65107b230149SHA-256: 187d572366d8adc2c6e25782bb675de2a8c79a588a4574d7c5e594af84307db2
polkit-qt-devel-0.103.0-10.el7_0.ppc64.rpm
    MD5: fe07e2ba9abee5f49391ee2938a79efbSHA-256: fb72d14b75ef632edb87e074dea1924f949d8943497b06b1e1eb3f0570ef7391
polkit-qt-doc-0.103.0-10.el7_0.noarch.rpm
    MD5: 4abfb03a5c9a1d8c8e0af4a530609ebaSHA-256: cd9e7ca9bfb7b2ceec3e9f716b0e541b90209a245540f15910781a66baeac2b8
 
s390x:
polkit-qt-0.103.0-10.el7_0.s390.rpm
    MD5: ee7cbf93b02d470a58e35faca04e3b05SHA-256: 1482b3a1341610fb2683f0e97bbb2cefb71927ced1b311ea7f53c918a36ed368
polkit-qt-0.103.0-10.el7_0.s390x.rpm
    MD5: 404156ecd591507ae91d25bb7a95cf9fSHA-256: 7def2d1f96a0ef6ea2904cc7259a0074dc153c979bd4e1f840fedd13fdd1b243
polkit-qt-debuginfo-0.103.0-10.el7_0.s390.rpm
    MD5: 204cfa8b2ca5bf3958bde5ebe83c422eSHA-256: 998d281045d87246426ce9aa6b56e4b32e564619dec1a62fc3e59bb58d900b33
polkit-qt-debuginfo-0.103.0-10.el7_0.s390x.rpm
    MD5: e8f2dbba53ea6d041b06124e7d348c3aSHA-256: 281d9e55d02a8c016de69f6c8db2b78ec40a35b09e121a71601053cfa1f85d44
polkit-qt-devel-0.103.0-10.el7_0.s390.rpm
    MD5: 6637a4e66d4a6e04a30a74929623b0c6SHA-256: c9735acc6dad5a3585c2f3b0544a04ea229f149fde6086309cb116e4c3303161
polkit-qt-devel-0.103.0-10.el7_0.s390x.rpm
    MD5: 64b7f72748a645d6b1d1c5a8c24f8d3aSHA-256: 245b6d522c6b24aa2fe794962290d9a36fea30ef03733eb7909e50c04a4d5c4d
polkit-qt-doc-0.103.0-10.el7_0.noarch.rpm
    MD5: 4abfb03a5c9a1d8c8e0af4a530609ebaSHA-256: cd9e7ca9bfb7b2ceec3e9f716b0e541b90209a245540f15910781a66baeac2b8
 
x86_64:
polkit-qt-0.103.0-10.el7_0.i686.rpm
    MD5: e1b033e55b1704d3269039dfddefdcadSHA-256: 2e229bf1d3e7e033334a099aa84016421ce3ab6a3eb2b6eb94be8b48b8957389
polkit-qt-0.103.0-10.el7_0.x86_64.rpm
    MD5: fe45261ca94663159a58685043fef5b2SHA-256: 7c84549876b57c61774e97446562dfb0fe101b42abe9f4bf59f670ab76100c91
polkit-qt-debuginfo-0.103.0-10.el7_0.i686.rpm
    MD5: a629b6d52cdf560508e3fd675c3826f7SHA-256: d443001016b02b59884620e80a0e07cd0c7bd342f7cb09607309887ce4074463
polkit-qt-debuginfo-0.103.0-10.el7_0.x86_64.rpm
    MD5: 2b20c276bc500b4ab4b571050b6345ccSHA-256: 41e3f57a046f2d049fbec5a7841bc314b8e4b31cb00e4f15589e66eeb1ee3d8d
polkit-qt-devel-0.103.0-10.el7_0.i686.rpm
    MD5: 56bdb37bdfecae44d07c6c99b38738f7SHA-256: 853429c0f876195a76b70eb7956668313745e1acfa6919c326b3bb96f378d926
polkit-qt-devel-0.103.0-10.el7_0.x86_64.rpm
    MD5: 02f62f749921f63c2f8760a4caa5d2feSHA-256: 76c0dd445a8d9dd2652d5f42fd012483570b55a57ae5de258de3daf1e9d16386
polkit-qt-doc-0.103.0-10.el7_0.noarch.rpm
    MD5: 4abfb03a5c9a1d8c8e0af4a530609ebaSHA-256: cd9e7ca9bfb7b2ceec3e9f716b0e541b90209a245540f15910781a66baeac2b8
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
polkit-qt-0.103.0-10.el7_0.src.rpm
    MD5: d22b16a9d70020581921714882760289SHA-256: a5625c7010a731569cf66b216c994a989fbd126935a6e83b204372470a200cd2
 
x86_64:
polkit-qt-0.103.0-10.el7_0.i686.rpm
    MD5: e1b033e55b1704d3269039dfddefdcadSHA-256: 2e229bf1d3e7e033334a099aa84016421ce3ab6a3eb2b6eb94be8b48b8957389
polkit-qt-0.103.0-10.el7_0.x86_64.rpm
    MD5: fe45261ca94663159a58685043fef5b2SHA-256: 7c84549876b57c61774e97446562dfb0fe101b42abe9f4bf59f670ab76100c91
polkit-qt-debuginfo-0.103.0-10.el7_0.i686.rpm
    MD5: a629b6d52cdf560508e3fd675c3826f7SHA-256: d443001016b02b59884620e80a0e07cd0c7bd342f7cb09607309887ce4074463
polkit-qt-debuginfo-0.103.0-10.el7_0.x86_64.rpm
    MD5: 2b20c276bc500b4ab4b571050b6345ccSHA-256: 41e3f57a046f2d049fbec5a7841bc314b8e4b31cb00e4f15589e66eeb1ee3d8d
polkit-qt-devel-0.103.0-10.el7_0.i686.rpm
    MD5: 56bdb37bdfecae44d07c6c99b38738f7SHA-256: 853429c0f876195a76b70eb7956668313745e1acfa6919c326b3bb96f378d926
polkit-qt-devel-0.103.0-10.el7_0.x86_64.rpm
    MD5: 02f62f749921f63c2f8760a4caa5d2feSHA-256: 76c0dd445a8d9dd2652d5f42fd012483570b55a57ae5de258de3daf1e9d16386
polkit-qt-doc-0.103.0-10.el7_0.noarch.rpm
    MD5: 4abfb03a5c9a1d8c8e0af4a530609ebaSHA-256: cd9e7ca9bfb7b2ceec3e9f716b0e541b90209a245540f15910781a66baeac2b8
 
(The unlinked packages above are only available from the Red Hat Network)
1094890 – CVE-2014-5033 polkit-qt: insecure calling of polkit

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply