Commit 979b6651 authored by Miloslav Trmač's avatar Miloslav Trmač
Browse files

Update NEWS for release


Signed-off-by: default avatarMiloslav Trmač <mitr@redhat.com>
parent 3968411b
......@@ -2,6 +2,8 @@
polkit 0.112
--------------
NOTE: This release is an important security update, see below.
WARNING WARNING WARNING: This is a prerelease on the road to polkit
1.0. Public API might change and certain parts of the code still needs
some security review. Use at your own risk.
......@@ -9,7 +11,18 @@ some security review. Use at your own risk.
This is polkit 0.112.
Highlights:
TODO
This release fixes CVE-2013-4288: Race condition with process subjects that do
not have securely determined uid.
pkcheck(1) now supports a new format for the --process argument; all
applications need to use the new format to avoid a race condition (or use
--system-bus-name to identify the process instead).
Similarly, applications using the API should always use
polkit_unix_process_new_for_owner(). polkit_unix_process_new() and
polkit_unix_process_new_full() are unsafe and have been deprecated.
Thanks to Sebastian Krahmer of the SUSE Security Team for reporting this issue.
Build requirements
......@@ -21,12 +34,24 @@ Build requirements
Changes since polkit 0.111:
TODO
Colin Walters (2):
polkitunixprocess: Deprecate racy APIs
pkcheck: Support --process=pid,start-time,uid syntax too
Miloslav Trmač (1):
Post-release version bump to 0.112
Tomas Bzatek (1):
Use GOnce for interface type registration
Tomas Chvatal (2):
Add czech translation po file to distribution.
Update the czech once more with newest pot file.
Thanks to our contributors.
Miloslav Trmač,
$DATE
Colin Walters and Miloslav Trmač,
September 18, 2013
--------------
polkit 0.111
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment