Synopsis: Important: polkit security update Advisory ID: SLSA-2013:1270-1 Issue Date: 2013-09-19 CVE Numbers: CVE-2013-4288 -- A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges. (CVE-2013-4288) Note: Applications that invoke pkcheck with the --process option need to be modified to use the pid,pid-start-time,uid argument for that option, to allow pkcheck to check process authorization correctly. The system must be rebooted for this update to take effect. -- SL6 x86_64 polkit-0.96-5.el6_4.i686.rpm polkit-0.96-5.el6_4.x86_64.rpm polkit-debuginfo-0.96-5.el6_4.i686.rpm polkit-debuginfo-0.96-5.el6_4.x86_64.rpm polkit-devel-0.96-5.el6_4.i686.rpm polkit-devel-0.96-5.el6_4.x86_64.rpm polkit-docs-0.96-5.el6_4.x86_64.rpm i386 polkit-0.96-5.el6_4.i686.rpm polkit-debuginfo-0.96-5.el6_4.i686.rpm polkit-devel-0.96-5.el6_4.i686.rpm polkit-docs-0.96-5.el6_4.i686.rpm noarch polkit-desktop-policy-0.96-5.el6_4.noarch.rpm - Scientific Linux Development Team