Also discussed on the security list, and now pushed to v0.10.2-maint. I'm working on patching v1.0.5-maint next, since that also affects Fedora. ALL of the v*-maint branches need this backported; although I have just been focusing on the Fedora branches, I'm willing to help do the work for other branches that matter to anyone else. Cole will be cutting 1.0.5.6 and 0.10.2.8 later today. Daniel P. Berrange (2): Include process start time when doing polkit checks Add support for using 3-arg pkcheck syntax for process (CVE-2013-4311) configure.ac | 8 +++ daemon/remote.c | 28 ++++++++-- libvirt.spec.in | 3 +- src/rpc/virnetserverclient.c | 8 ++- src/rpc/virnetserverclient.h | 3 +- src/rpc/virnetsocket.c | 19 +++++-- src/rpc/virnetsocket.h | 3 +- src/util/virprocess.c | 118 +++++++++++++++++++++++++++++++++++++++++++ src/util/virprocess.h | 3 ++ src/util/virstring.c | 11 ++++ src/util/virstring.h | 2 + 11 files changed, 192 insertions(+), 14 deletions(-) -- 1.8.3.1 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list