Opened 8 months ago
Closed 8 months ago
#5335 closed enhancement (fixed)
procps-ng-4.0.4
| Reported by: | Bruce Dubbs | Owned by: | Bruce Dubbs |
|---|---|---|---|
| Priority: | high | Milestone: | 12.1 |
| Component: | Book | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (6)
comment:1 by , 8 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
follow-up: 3 comment:2 by , 8 months ago
comment:3 by , 8 months ago
Replying to Xi Ruoyao:
FTBFS on systemd.
Fix available at https://gitlab.com/procps-ng/procps/-/commit/ca004d4657d5e8b468a4552ede429be53193a3a9.
Workaround: make src_w_LDADD='$(LDADD) -lsystemd'
comment:4 by , 8 months ago
procps-ng-4.0.4
- library (API & ABI unchanged)
- increment revision: 0:2:0
- tolerates all potential 'cpuinfo' formats
issue #272 - restore the proper main thread tics valuations
issue #280 - Remove myself from proc count
merge #193 - Refactor the escape code
Debian #1035649
- free: -L one line output
issue #156 - pgrep: Use only --signal option for signal
Debian #1031765 - pgrep: suppress >15 warning if using regex
Debian #1037450 - pidof: Add -t option to show threads
merge #190 - pmap: Reset totals between processes
issue #298 - ps: fixed missing or corrupted fields with -m option
Debian #1036631, issue #279 - ps: Fix buffer overflow in -C option CVE-2023-4016
Debian #1042887, issue #297 - ps: Add --signames to show signal names in masks
merge #98 - sysctl: -N show names
merge #198, RH #2222056 - tests: dont compare floats with ==
issue #271 - tests: skips tests if maps missing
merge #197, Gentoo #583036 - top: bad command line arguments yield EXIT_FAILURE
issue #273 - top: avoids keystroke induced '%Cpu' distortions
- top: includes VM (guest) tics in 'system' overhead
issue #274 - top: includes VM (guest) tics with '!' toggle
merge #179 - top: lessen summary cpu distortions on first display
merge #180 - top: better backspace handling wtth line edits
issue #278 - vmstat: Print guest time in non-wide mode
- w: Fix musl UT_HOSTSIZE issue
- watch: Add color support at compile time
issue #296
comment:5 by , 8 months ago
| Priority: | normal → high |
|---|
CVE-2023-4016 is a vulnerability with low severity. To exploit it the attacker must trick the user to run a script with some strange patterns in a "ps -C ..." command.
Still marking it as a security fix though.
comment:6 by , 8 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at commit 3864d235cfd3623f6a4765d9acd13caee62c6629
Note:
See TracTickets
for help on using tickets.
FTBFS on systemd.
Fix available at https://gitlab.com/procps-ng/procps/-/commit/ca004d4657d5e8b468a4552ede429be53193a3a9.