[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

policykit-1 CVE-2018-19788 in jessie

Dear Maintainers,

(It seems my first attempt to send this mail failed. Sorry if you
received it twice)

As opposed to stretch, I have been unable to reproduce CVE-2018-19788 in
jessie. i.e. systemctl correctly doesn't allow me to stop services, and
pkexec blocks me from executing applications that need privileges. 

Do you think is it safe to consider jessie as not-affected? Or is it
still worth to apply the patch?



Attachment: signature.asc
Description: PGP signature

Reply to: