stikonas | can somebody look at https://bugs.launchpad.net/ubuntu/+source/kpmcore/+bug/1903774 It has now been 5 months with no reaction (that's CVE with local privilege escalation). Almost all other distros fixed it last October. | 10:09 |
---|---|---|
ubottu | Launchpad bug 1903774 in kpmcore (Ubuntu) "kpmcore 4.1.0: CVE-2020-27187" [Undecided,New] | 10:09 |
RikMills | stikonas: if you could provide some steps to test/verify the fix the fix, that would help | 10:31 |
RikMills | oops, too many fixes | 10:31 |
stikonas | well, the service was completely rewritten, so you can just check if files move to the new location e.g. now kpmcore_externalcommandhelper should be in libexec/ dir instead of libexec/kauth/. When I was testing the fix myself I hacked partitionmanager executable to allow running more than one copy by removing KDBusService service(KDBusService::Unique); from partitionmanager/src/main.cpp and then only first partitionmanager asks for | 10:43 |
stikonas | root password | 10:43 |
stikonas | but that needs recompilation... | 10:43 |
BluesKaj | 'Morning folks | 12:06 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!