[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#862347: marked as done (unblock: kauth/5.28.0-2)

Your message dated Fri, 12 May 2017 11:41:00 +0000
with message-id <a2517207-999d-35ca-b8f4-727994ec3aab@thykier.net>
and subject line Re: Bug#862347: unblock: kauth/5.28.0-2
has caused the Debian Bug report #862347,
regarding unblock: kauth/5.28.0-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
862347: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862347
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Dear release team

kauth has recently received CVE-2017-8422 [1]. I have already uploaded the 
patched version to unstable and it built fine in all the architectures.

I'm attaching the corresponding debdiff.

Please unblock package kauth

Regards,

[1]: https://security-tracker.debian.org/tracker/CVE-2017-8422

unblock kauth/5.28.0-2

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'testing'), (500, 'stable'), (50, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)

diff -Nru kauth-5.28.0/debian/changelog kauth-5.28.0/debian/changelog
--- kauth-5.28.0/debian/changelog	2016-11-18 16:03:28.000000000 +0100
+++ kauth-5.28.0/debian/changelog	2017-05-10 15:03:15.000000000 +0200
@@ -1,3 +1,13 @@
+kauth (5.28.0-2) unstable; urgency=medium
+
+  * Drop applied patch: kauth_add_license
+  * Add new upstream patch:
+    Verify-that-whoever-is-calling-us-is-actually-who-he-says.patch.
+    Fixes CVE-2017-8422 in kauth
+  * Update symbols files.
+
+ -- Maximiliano Curia <maxy@debian.org>  Wed, 10 May 2017 15:03:15 +0200
+
 kauth (5.28.0-1) unstable; urgency=medium
 
   [ Automatic packaging ]
diff -Nru kauth-5.28.0/debian/libkf5auth5.symbols kauth-5.28.0/debian/libkf5auth5.symbols
--- kauth-5.28.0/debian/libkf5auth5.symbols	2016-11-18 16:03:28.000000000 +0100
+++ kauth-5.28.0/debian/libkf5auth5.symbols	2017-05-10 15:03:15.000000000 +0200
@@ -1,4 +1,4 @@
-# SymbolsHelper-Confirmed: 5.27.0 alpha amd64 arm64 armel armhf hppa hurd-i386 i386 m68k mips mips64el mipsel powerpc powerpcspe ppc64 ppc64el s390x sparc64 x32
+# SymbolsHelper-Confirmed: 5.28.0 amd64
 kauth_backend_plugin.so libkf5auth5 #MINVER#
  qt_plugin_instance@Base 5.0.0
  qt_plugin_query_metadata@Base 5.0.0
@@ -73,6 +73,7 @@
  _ZN5KAuth6Action11setHelperIdERK7QString@Base 4.96.0
  _ZN5KAuth6Action12setArgumentsERK4QMapI7QString8QVariantE@Base 4.96.0
  _ZN5KAuth6Action15setParentWidgetEP7QWidget@Base 4.96.0
+ _ZN5KAuth6Action16staticMetaObjectE@Base 5.28.0
  _ZN5KAuth6Action7executeENS0_13ExecutionModeE@Base 4.96.0
  _ZN5KAuth6Action7setNameERK7QString@Base 4.96.0
  _ZN5KAuth6ActionC1ERK7QString@Base 4.96.0
diff -Nru kauth-5.28.0/debian/patches/kauth_add_license kauth-5.28.0/debian/patches/kauth_add_license
--- kauth-5.28.0/debian/patches/kauth_add_license	2016-11-18 16:03:28.000000000 +0100
+++ kauth-5.28.0/debian/patches/kauth_add_license	1970-01-01 01:00:00.000000000 +0100
@@ -1,52 +0,0 @@
-From: Debian/Kubuntu Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
-Date: Sun, 15 May 2016 14:44:11 +0200
-Subject: kauth_add_license
-
-commit 748e9dc14325ca50dbd2789824acf888a85dc049
-Author: Maximiliano Curia <maxy@gnuservers.com.ar>
-Date:   Fri Mar 20 13:59:59 2015 +0100
-
-    Add missing license
-    
-    The cmake files:
-    cmake/FindPolkitQt.cmake
-    cmake/KF5AuthMacros.cmake
-    cmake/FindPolkitQt-1.cmake
-    claim:
-    Redistribution and use is allowed according to the terms of the BSD license.
-    For details see the accompanying COPYING-CMAKE-SCRIPTS file.
-    
-    So we need to distribute the COPYING-CMAKE-SCRIPTS file with this package.
----
- COPYING-CMAKE-SCRIPTS | 22 ++++++++++++++++++++++
- 1 file changed, 22 insertions(+)
- create mode 100644 COPYING-CMAKE-SCRIPTS
-
-diff --git a/COPYING-CMAKE-SCRIPTS b/COPYING-CMAKE-SCRIPTS
-new file mode 100644
-index 0000000..53b6b71
---- /dev/null
-+++ b/COPYING-CMAKE-SCRIPTS
-@@ -0,0 +1,22 @@
-+Redistribution and use in source and binary forms, with or without
-+modification, are permitted provided that the following conditions
-+are met:
-+
-+1. Redistributions of source code must retain the copyright
-+   notice, this list of conditions and the following disclaimer.
-+2. Redistributions in binary form must reproduce the copyright
-+   notice, this list of conditions and the following disclaimer in the
-+   documentation and/or other materials provided with the distribution.
-+3. The name of the author may not be used to endorse or promote products
-+   derived from this software without specific prior written permission.
-+
-+THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
-+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
-+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
-+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
-+NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
-+THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff -Nru kauth-5.28.0/debian/patches/series kauth-5.28.0/debian/patches/series
--- kauth-5.28.0/debian/patches/series	2016-11-18 16:03:28.000000000 +0100
+++ kauth-5.28.0/debian/patches/series	2017-05-10 15:03:15.000000000 +0200
@@ -1 +1 @@
-kauth_add_license
+Verify-that-whoever-is-calling-us-is-actually-who-he-says.patch
diff -Nru kauth-5.28.0/debian/patches/Verify-that-whoever-is-calling-us-is-actually-who-he-says.patch kauth-5.28.0/debian/patches/Verify-that-whoever-is-calling-us-is-actually-who-he-says.patch
--- kauth-5.28.0/debian/patches/Verify-that-whoever-is-calling-us-is-actually-who-he-says.patch	1970-01-01 01:00:00.000000000 +0100
+++ kauth-5.28.0/debian/patches/Verify-that-whoever-is-calling-us-is-actually-who-he-says.patch	2017-05-10 15:03:15.000000000 +0200
@@ -0,0 +1,194 @@
+From: Albert Astals Cid <aacid@kde.org>
+Date: Wed, 10 May 2017 10:03:45 +0200
+Subject: Verify that whoever is calling us is actually who he says he is
+
+CVE-2017-8422
+---
+ src/AuthBackend.cpp                         |  5 +++++
+ src/AuthBackend.h                           |  7 +++++++
+ src/backends/dbus/DBusHelperProxy.cpp       | 27 +++++++++++++++++++++++++--
+ src/backends/dbus/DBusHelperProxy.h         |  6 +++++-
+ src/backends/policykit/PolicyKitBackend.cpp |  5 +++++
+ src/backends/policykit/PolicyKitBackend.h   |  1 +
+ src/backends/polkit-1/Polkit1Backend.cpp    |  5 +++++
+ src/backends/polkit-1/Polkit1Backend.h      |  1 +
+ 8 files changed, 54 insertions(+), 3 deletions(-)
+
+diff --git a/src/AuthBackend.cpp b/src/AuthBackend.cpp
+index ff91dd5..fa8c258 100644
+--- a/src/AuthBackend.cpp
++++ b/src/AuthBackend.cpp
+@@ -54,6 +54,11 @@ void AuthBackend::setCapabilities(AuthBackend::Capabilities capabilities)
+     d->capabilities = capabilities;
+ }
+ 
++AuthBackend::ExtraCallerIDVerificationMethod AuthBackend::extraCallerIDVerificationMethod() const
++{
++    return NoExtraCallerIDVerificationMethod;
++}
++
+ bool AuthBackend::actionExists(const QString &action)
+ {
+     Q_UNUSED(action);
+diff --git a/src/AuthBackend.h b/src/AuthBackend.h
+index c67a706..09195ef 100644
+--- a/src/AuthBackend.h
++++ b/src/AuthBackend.h
+@@ -43,6 +43,12 @@ public:
+     };
+     Q_DECLARE_FLAGS(Capabilities, Capability)
+ 
++    enum ExtraCallerIDVerificationMethod {
++        NoExtraCallerIDVerificationMethod,
++        VerifyAgainstDBusServiceName,
++        VerifyAgainstDBusServicePid,
++    };
++
+     AuthBackend();
+     virtual ~AuthBackend();
+     virtual void setupAction(const QString &action) = 0;
+@@ -50,6 +56,7 @@ public:
+     virtual Action::AuthStatus authorizeAction(const QString &action) = 0;
+     virtual Action::AuthStatus actionStatus(const QString &action) = 0;
+     virtual QByteArray callerID() const = 0;
++    virtual ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const;
+     virtual bool isCallerAuthorized(const QString &action, QByteArray callerID) = 0;
+     virtual bool actionExists(const QString &action);
+ 
+diff --git a/src/backends/dbus/DBusHelperProxy.cpp b/src/backends/dbus/DBusHelperProxy.cpp
+index d2620ac..36bc6a8 100644
+--- a/src/backends/dbus/DBusHelperProxy.cpp
++++ b/src/backends/dbus/DBusHelperProxy.cpp
+@@ -232,6 +232,29 @@ bool DBusHelperProxy::hasToStopAction()
+     return m_stopRequest;
+ }
+ 
++bool DBusHelperProxy::isCallerAuthorized(const QString &action, const QByteArray &callerID)
++{
++    // Check the caller is really who it says it is
++    switch (BackendsManager::authBackend()->extraCallerIDVerificationMethod()) {
++        case AuthBackend::NoExtraCallerIDVerificationMethod:
++        break;
++
++        case AuthBackend::VerifyAgainstDBusServiceName:
++            if (message().service().toUtf8() != callerID) {
++                return false;
++            }
++        break;
++
++        case AuthBackend::VerifyAgainstDBusServicePid:
++            if (connection().interface()->servicePid(message().service()).value() != callerID.toUInt()) {
++                return false;
++            }
++        break;
++    }
++
++    return BackendsManager::authBackend()->isCallerAuthorized(action, callerID);
++}
++
+ QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArray &callerID, QByteArray arguments)
+ {
+     if (!responder) {
+@@ -256,7 +279,7 @@ QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArra
+     QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value<QTimer *>();
+     timer->stop();
+ 
+-    if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) {
++    if (isCallerAuthorized(action, callerID)) {
+         QString slotname = action;
+         if (slotname.startsWith(m_name + QLatin1Char('.'))) {
+             slotname = slotname.right(slotname.length() - m_name.length() - 1);
+@@ -298,7 +321,7 @@ uint DBusHelperProxy::authorizeAction(const QString &action, const QByteArray &c
+     QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value<QTimer *>();
+     timer->stop();
+ 
+-    if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) {
++    if (isCallerAuthorized(action, callerID)) {
+         retVal = static_cast<uint>(Action::AuthorizedStatus);
+     } else {
+         retVal = static_cast<uint>(Action::DeniedStatus);
+diff --git a/src/backends/dbus/DBusHelperProxy.h b/src/backends/dbus/DBusHelperProxy.h
+index 8f4254c..656d669 100644
+--- a/src/backends/dbus/DBusHelperProxy.h
++++ b/src/backends/dbus/DBusHelperProxy.h
+@@ -25,12 +25,13 @@
+ #include "kauthactionreply.h"
+ 
+ #include <QDBusConnection>
++#include <QDBusContext>
+ #include <QVariant>
+ 
+ namespace KAuth
+ {
+ 
+-class DBusHelperProxy : public HelperProxy
++class DBusHelperProxy : public HelperProxy, protected QDBusContext
+ {
+     Q_OBJECT
+     Q_PLUGIN_METADATA(IID "org.kde.DBusHelperProxy")
+@@ -79,6 +80,9 @@ Q_SIGNALS:
+ 
+ private Q_SLOTS:
+     void remoteSignalReceived(int type, const QString &action, QByteArray blob);
++
++private:
++    bool isCallerAuthorized(const QString &action, const QByteArray &callerID);
+ };
+ 
+ } // namespace Auth
+diff --git a/src/backends/policykit/PolicyKitBackend.cpp b/src/backends/policykit/PolicyKitBackend.cpp
+index c2b4d42..bf038a8 100644
+--- a/src/backends/policykit/PolicyKitBackend.cpp
++++ b/src/backends/policykit/PolicyKitBackend.cpp
+@@ -78,6 +78,11 @@ QByteArray PolicyKitBackend::callerID() const
+     return a;
+ }
+ 
++AuthBackend::ExtraCallerIDVerificationMethod Polkit1Backend::extraCallerIDVerificationMethod() const
++{
++    return VerifyAgainstDBusServicePid;
++}
++
+ bool PolicyKitBackend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+     QDataStream s(&callerID, QIODevice::ReadOnly);
+diff --git a/src/backends/policykit/PolicyKitBackend.h b/src/backends/policykit/PolicyKitBackend.h
+index eb17a3a..38b0240 100644
+--- a/src/backends/policykit/PolicyKitBackend.h
++++ b/src/backends/policykit/PolicyKitBackend.h
+@@ -40,6 +40,7 @@ public:
+     virtual Action::AuthStatus authorizeAction(const QString &);
+     virtual Action::AuthStatus actionStatus(const QString &);
+     virtual QByteArray callerID() const;
++    ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const Q_DECL_OVERRIDE;
+     virtual bool isCallerAuthorized(const QString &action, QByteArray callerID);
+ 
+ private Q_SLOTS:
+diff --git a/src/backends/polkit-1/Polkit1Backend.cpp b/src/backends/polkit-1/Polkit1Backend.cpp
+index 78ee5bb..774588c 100644
+--- a/src/backends/polkit-1/Polkit1Backend.cpp
++++ b/src/backends/polkit-1/Polkit1Backend.cpp
+@@ -162,6 +162,11 @@ QByteArray Polkit1Backend::callerID() const
+         return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+ 
++AuthBackend::ExtraCallerIDVerificationMethod Polkit1Backend::extraCallerIDVerificationMethod() const
++{
++    return VerifyAgainstDBusServiceName;
++}
++
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+     PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+diff --git a/src/backends/polkit-1/Polkit1Backend.h b/src/backends/polkit-1/Polkit1Backend.h
+index e0d661b..d816664 100644
+--- a/src/backends/polkit-1/Polkit1Backend.h
++++ b/src/backends/polkit-1/Polkit1Backend.h
+@@ -49,6 +49,7 @@ public:
+     virtual Action::AuthStatus authorizeAction(const QString &);
+     virtual Action::AuthStatus actionStatus(const QString &);
+     virtual QByteArray callerID() const;
++    ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const Q_DECL_OVERRIDE;
+     virtual bool isCallerAuthorized(const QString &action, QByteArray callerID);
+     virtual bool actionExists(const QString &action);
+

--- End Message ---
--- Begin Message --- 
Maximiliano Curia:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Dear release team
> 
> kauth has recently received CVE-2017-8422 [1]. I have already uploaded the 
> patched version to unstable and it built fine in all the architectures.
> 
> I'm attaching the corresponding debdiff.
> 
> Please unblock package kauth
> 
> Regards,
> 
> [1]: https://security-tracker.debian.org/tracker/CVE-2017-8422
> 
> unblock kauth/5.28.0-2
> 
> [...]
>

Unblocked, thanks.

~Niels

--- End Message ---
Reply to: