From: "Daniel P. Berrange" <berrange@redhat.com> The following 3 patches have been reviewed on the libvirt-security list as the libvirt side of the fix for polkit CVE-2013-4288. Given that it was already reviewed, I have pushed this. Daniel P. Berrange (3): Also store user & group ID values in virIdentity Ensure system identity includes process start time Add support for using 3-arg pkcheck syntax for process (CVE-2013-4311) configure.ac | 8 ++++++++ daemon/remote.c | 22 ++++++++++++++++++--- libvirt.spec.in | 3 +-- src/access/viraccessdriverpolkit.c | 40 +++++++++++++++++++++++++++++++++----- src/rpc/virnetserverclient.c | 18 +++++++++++++++++ src/util/viridentity.c | 39 +++++++++++++++++++++++++++++++++---- src/util/viridentity.h | 2 ++ 7 files changed, 118 insertions(+), 14 deletions(-) -- 1.8.3.1