Red Hat Bugzilla – Bug 439982
CVE-2008-1658 PolicyKit: format string vulnerability
Last modified: 2008-04-24 07:22:29 EDT
Format string vulnerability was discovered in the PolicyKit grant helper. User
may specify password with formatting sequences and cause polkit-grant-helper to
crash or bypass authentication.
Upstream bug report with proposed patch:
Original report in Ubuntu BTS:
PolicyKit-0.6-2.fc8 has been submitted as an update for Fedora 8
PolicyKit-0.6-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: