From 796e9d1d3d0eb4dac5d0ccf9583f9b5879ca30f3 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Apr 24 2018 17:23:56 +0000
Subject: import PackageKit-1.1.5-2.el7_5


---

diff --git a/SOURCES/0001-Do-not-set-JUST_REINSTALL-on-any-kind-of-auth-failur.patch b/SOURCES/0001-Do-not-set-JUST_REINSTALL-on-any-kind-of-auth-failur.patch
new file mode 100644
index 0000000..cb98d62
--- /dev/null
+++ b/SOURCES/0001-Do-not-set-JUST_REINSTALL-on-any-kind-of-auth-failur.patch
@@ -0,0 +1,55 @@
+From bb9f9a8fb451d7a2d81f7390993db75491224729 Mon Sep 17 00:00:00 2001
+From: Richard Hughes <richard@hughsie.com>
+Date: Mon, 9 Apr 2018 16:39:56 +0100
+Subject: [PATCH] Do not set JUST_REINSTALL on any kind of auth failure
+
+If we try to continue the auth queue when it has been cancelled (or failed)
+then we fall upon the obscure JUST_REINSTALL transaction flag which only the
+DNF backend actually verifies.
+
+Many thanks to Matthias Gerstner <mgerstner@suse.de> for spotting the problem.
+---
+ src/pk-transaction.c | 27 ++++++++-------------------
+ 1 file changed, 8 insertions(+), 19 deletions(-)
+
+diff --git a/src/pk-transaction.c b/src/pk-transaction.c
+index 1d006c782..ffee29f6f 100644
+--- a/src/pk-transaction.c
++++ b/src/pk-transaction.c
+@@ -2351,25 +2351,14 @@ pk_transaction_authorize_actions_finished_cb (GObject *source_object,
+ 
+ 	/* did not auth */
+ 	if (!polkit_authorization_result_get_is_authorized (result)) {
+-		if (g_strcmp0 (action_id, "org.freedesktop.packagekit.package-install") == 0 &&
+-			       pk_bitfield_contain (priv->cached_transaction_flags,
+-						    PK_TRANSACTION_FLAG_ENUM_ALLOW_REINSTALL)) {
+-			g_debug ("allowing just reinstallation");
+-			pk_bitfield_add (priv->cached_transaction_flags,
+-					 PK_TRANSACTION_FLAG_ENUM_JUST_REINSTALL);
+-		} else {
+-			priv->waiting_for_auth = FALSE;
+-			/* emit an ::StatusChanged, ::ErrorCode() and then ::Finished() */
+-			pk_transaction_status_changed_emit (data->transaction, PK_STATUS_ENUM_FINISHED);
+-			pk_transaction_error_code_emit (data->transaction, PK_ERROR_ENUM_NOT_AUTHORIZED,
+-							"Failed to obtain authentication.");
+-			pk_transaction_finished_emit (data->transaction, PK_EXIT_ENUM_FAILED, 0);
+-
+-			syslog (LOG_AUTH | LOG_NOTICE,
+-				"uid %i failed to obtain auth",
+-				priv->uid);
+-			goto out;
+-		}
++		priv->waiting_for_auth = FALSE;
++		/* emit an ::StatusChanged, ::ErrorCode() and then ::Finished() */
++		pk_transaction_status_changed_emit (data->transaction, PK_STATUS_ENUM_FINISHED);
++		pk_transaction_error_code_emit (data->transaction, PK_ERROR_ENUM_NOT_AUTHORIZED,
++						"Failed to obtain authentication.");
++		pk_transaction_finished_emit (data->transaction, PK_EXIT_ENUM_FAILED, 0);
++		syslog (LOG_AUTH | LOG_NOTICE, "uid %i failed to obtain auth", priv->uid);
++		goto out;
+ 	}
+ 
+ 	if (data->actions->len <= 1) {
+-- 
+2.17.0
+
diff --git a/SOURCES/CentOS-Vendor-Branding.patch b/SOURCES/CentOS-Vendor-Branding.patch
deleted file mode 100644
index 8573a7d..0000000
--- a/SOURCES/CentOS-Vendor-Branding.patch
+++ /dev/null
@@ -1,10 +0,0 @@
-diff -uNrp PackageKit-1.0.7.orig/etc/Vendor.conf PackageKit-1.0.7/etc/Vendor.conf
---- PackageKit-1.0.7.orig/etc/Vendor.conf	2015-04-22 04:54:56.000000000 -0500
-+++ PackageKit-1.0.7/etc/Vendor.conf	2015-11-22 11:03:41.134500772 -0600
-@@ -48,3 +48,6 @@ FontUrl=none
- #
- # default=none
- MimeUrl=none
-+#added by CentOS
-+VendorName=CentOS
-+VendorIcon=fedora-logo-small
diff --git a/SPECS/PackageKit.spec b/SPECS/PackageKit.spec
index a770bd6..efe2d61 100644
--- a/SPECS/PackageKit.spec
+++ b/SPECS/PackageKit.spec
@@ -6,13 +6,16 @@
 Summary:   Package management service
 Name:      PackageKit
 Version:   1.1.5
-Release:   1%{?dist}
+Release:   2%{?dist}
 License:   GPLv2+ and LGPLv2+
 URL:       http://www.freedesktop.org/software/PackageKit/
 Source0:   http://www.freedesktop.org/software/PackageKit/releases/%{name}-%{version}.tar.xz
-Patch0:	CentOS-Vendor-Branding.patch
 
 # Fedora-specific: set Vendor.conf up for Fedora.
+Patch0:    PackageKit-0.3.8-Fedora-Vendor.conf.patch
+
+# CVE-2018-1106
+Patch1:    0001-Do-not-set-JUST_REINSTALL-on-any-kind-of-auth-failur.patch
 
 Requires: %{name}-glib%{?_isa} = %{version}-%{release}
 Requires: PackageKit-backend
@@ -157,7 +160,8 @@ using PackageKit.
 
 %prep
 %setup -q
-%patch0 -p1
+%patch0 -p1 -b .fedora
+%patch1 -p1 -b .CVE-2018-1106
 
 %build
 %configure \
@@ -300,9 +304,9 @@ systemctl disable packagekit-offline-update.service > /dev/null 2>&1 || :
 %{_datadir}/vala/vapi/packagekit-glib2.vapi
 
 %changelog
-* Mon Jul 31 2017 CentOS Sources <bugs@centos.org> - 1.1.5-1.el7.centos
-- remove old branding patch
-- Update Vendor patch to reference CentOS
+* Tue Apr 17 2018 Richard Hughes <rhughes@redhat.com> - 1.1.5-2
+- Fixes CVE-2018-1106
+- Resolves: rhbz#1566425
 
 * Tue Feb 28 2017 Richard Hughes <rhughes@redhat.com> - 1.1.5-1
 - Update to 1.1.5