Context Navigation

← Previous Ticket
Next Ticket →

#5258 closed enhancement (fixed)

libcap-2.69

Reported by:	Douglas R. Reno	Owned by:	Bruce Dubbs
Priority:	high	Milestone:	12.0
Component:	Book	Version:	git
Severity:	normal	Keywords:
Cc:

Description

Contains a fix for CVE-2023-2602 and CVE-2023-2603

Change History (5)

comment:1 by Xi Ruoyao, 11 months ago

An audit was performed on libcap and friends by https://x41-dsec.de/ (blog) . The audit (final report, 2023-05-10) was sponsored by the the Open Source Technology Improvement Fund, https://ostif.org/ (blog). Five issues were found. Four of them are addressed in this release. Each issue was labeled in the audit results as follows:

LCAP-CR-23-01 (SEVERITY) LOW (CVE-2023-2602) - found by David Gstir
LCAP-CR-23-02 (SEVERITY) MEDIUM (CVE-2023-2603) - found by Richard Weinberger
LCAP-CR-23-100 (SEVERITY) NONE
LCAP-CR-23-101 (SEVERITY) NONE
~~LCAP-CR-23-102 (SEVERITY) NONE~~

Man page style improvement from Emanuele Torre

Partially revive the ability to build the binaries fully statically.

This was needed to make bleeding edge kernel debugging/testing via qemu+busybox work again. Addressing an issue I realized only when I tried to answer this stackexchange question.

comment:2 by Bruce Dubbs, 11 months ago

Owner:	changed from lfs-book to Bruce Dubbs
Status:	new → assigned

comment:3 by Bruce Dubbs, 11 months ago

Resolution:	→ fixed
Status:	assigned → closed

Fixed at commit 1fde5b2617369cdf70948bcf07c217bb19c9be94

comment:4 by Douglas R. Reno, 11 months ago

SA-11.3-032 issued.

comment:5 by Bruce Dubbs, 9 months ago

Milestone:	11.4 → 12.0

Milestone renamed

Note: See TracTickets for help on using tickets.

Download in other formats: