Plesk for Linux kb: technical
- Plesk for Linux
CVE-2021-4034 vulnerability was discovered in
Local privilege escalation through polkit's
Call to Action
Apply security patches from OS vendor:
- Debian: CVE-2021-4034
- Ubuntu: USN-5252-2
- RedHat-based (CentOS, RHEL, CloudLinux, AlmaLinux etc): CVE-2021-4034
On Centos 7 seems to be just a mitigation. Is there a planning to have a fix thru yum? Thanks
Davide Manzi Plesk does not ship polkit's
pkexecutility. It is a pure system package that each Operating System like CentOS ships and manages itself. So taking into account that Plesk does not ship this package and it cannot be installed via Plesk, therefore there is no plan for any fix from Plesk side via system packager's manager like yum or apt. And that is why the Plesk KB article provides only a link to the system security patch which should be applied at your side with the assistance of a system administrator if needed.
Please sign in to leave a comment.