aboutsummaryrefslogtreecommitdiff
path: root/debian/patches/CVE-2020-27349.patch
diff options
context:
space:
mode:
authorLibravatar Mubashshir <ahm@jadupc.com>2023-08-26 16:01:54 +0600
committerLibravatar Mubashshir <ahm@jadupc.com>2023-08-26 16:01:54 +0600
commit22b47d8f27c3d4558f1df2d79cad7a63fd7cc871 (patch)
tree4f9e55dec008a3f1de61cabfb577fe254ae6e36e /debian/patches/CVE-2020-27349.patch
parent70faa8e9a0ff3cba74b4f753e257d56b768fcbd2 (diff)
downloadaptdaemon-22b47d8f27c3d4558f1df2d79cad7a63fd7cc871.tar.gz
aptdaemon-22b47d8f27c3d4558f1df2d79cad7a63fd7cc871.zip
Drop unused patches
Signed-off-by: Mubashshir <ahm@jadupc.com>
Diffstat (limited to 'debian/patches/CVE-2020-27349.patch')
-rw-r--r--debian/patches/CVE-2020-27349.patch31
1 files changed, 0 insertions, 31 deletions
diff --git a/debian/patches/CVE-2020-27349.patch b/debian/patches/CVE-2020-27349.patch
deleted file mode 100644
index 230ed4a..0000000
--- a/debian/patches/CVE-2020-27349.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 5d6e1ca82a07ef1739dfea20ad17f077ceccfdcf Mon Sep 17 00:00:00 2001
-From: Julian Andres Klode <julian.klode@canonical.com>
-Date: Tue, 1 Dec 2020 12:25:00 +0100
-Subject: [PATCH] Check PolicyKit before simulating local install
- (CVE-2020-27349)
-
-Given that we are opening a deb here as root that is controlled
-by a non-root user, without any authorization, this is a whole
-lot of safety issues.
-
-Bug-Ubuntu: https://bugs.launchpad.net/bugs/1899193/
----
- aptdaemon/core.py | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/aptdaemon/core.py b/aptdaemon/core.py
-index 885b30b..6043b17 100644
---- a/aptdaemon/core.py
-+++ b/aptdaemon/core.py
-@@ -1073,6 +1073,8 @@ class Transaction(DBusObject):
- def _simulate_real(self):
- if self._simulated_cb:
- raise errors.TransactionAlreadySimulating()
-+ if self.role == enums.ROLE_INSTALL_FILE:
-+ yield self._check_auth()
- self.queue.worker.simulate(self)
- deferred = Deferred()
- if self._idle_watch is not None:
---
-2.29.2
-