Polkit was updated to 0.113 to fix four security issues.
The following vulnerabilities were fixed:
- CVE-2015-4625: a local privilege escalation due to predictable
authentication session cookie values. (boo#935119)
- CVE-2015-3256: various memory corruption vulnerabilities in use of the
JavaScript interpreter, possibly leading to local privilege escalation.
(boo#943816)
- CVE-2015-3255: a memory corruption vulnerability in handling duplicate
action IDs, possibly leading to local privilege escalation. (boo#939246)
- CVE-2015-3218: Allowed any local user to crash polkitd. (boo#933922)