AVG-897 log
| Package | polkit |
| Status | Fixed |
| Severity | High |
| Type | authentication bypass |
| Affected | 0.115+24+g5230646-1 |
| Fixed | 0.116-1 |
| Current | 126-2 [extra] |
| Ticket | FS#61751 |
| Created | Thu Feb 14 00:04:45 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-6133 | High | No | Authentication bypass | In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions... |