Hi there
When I type:
pacman -Ss "polkit"
i get:
extra/polkit-qt5 0.113.0-2
Is this version vulnerable to privledge escalation attacks or am I wrong?
If I am correct should it not be updated in the endeavour repos?
typing
pacman -Syu
it tells me the system is up to date.
link for info:
As far as I understand it the package impacted is polkit and it was fixed in 0.119-1
It seems odd that you don’t have polkit installed. What does pacman -Qi polkit return?
More info here:
https://security.archlinux.org/CVE-2021-3560
Typing
`
pacman -Qi polkit
`
yields this:
Navn : polkit
Version : 0.119-1
So I stand corrected. Thanks for your time, dalto.
$ pacman -Qs polkit
local/polkit 0.119-1
Application development toolkit for controlling system-wide privileges
local/polkit-kde-agent 5.22.0-1 (plasma)
Daemon providing a polkit authentication UI for KDE
local/polkit-qt5 0.113.0-2
A library that allows developers to access PolicyKit API with a nice Qt-style API
Both are installed, as polkit-qt5 requires polkit, and is itself required by kauth and kpmcore.