Hello community, here is the log from the commit of package libcap for openSUSE:11.4 checked in at Fri Nov 4 15:10:15 CET 2011. -------- --- old-versions/11.4/all/libcap/libcap.changes 2010-12-02 15:48:24.000000000 +0100 +++ 11.4/libcap/libcap.changes 2011-11-02 11:41:47.000000000 +0100 @@ -1,0 +2,6 @@ +Wed Nov 2 11:41:28 CET 2011 - tiwai@suse.de + +- Fix VUL-0: libcap2: capsh does not chdir after chroot + (CVE-2011-4099, bnc#727715) + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.4/all/libcap Destination is old-versions/11.4/UPDATES/all/libcap calling whatdependson for 11.4-i586 New: ---- libcap-CVE-2011-4099.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libcap.spec ++++++ --- /var/tmp/diff_new_pack.WI2pTp/_old 2011-11-04 15:08:38.000000000 +0100 +++ /var/tmp/diff_new_pack.WI2pTp/_new 2011-11-04 15:08:38.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package libcap (Version 2.19) +# spec file for package libcap # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -24,9 +24,10 @@ AutoReqProv: on Summary: Library for Capabilities (linux-privs) Support Version: 2.19 -Release: 1 +Release: 9.<RELEASE10> Source: ftp://ftp.de.kernel.org/pub/linux/libs/security/linux-privs/libcap2/libcap-%{version}.tar.bz2 Source2: baselibs.conf +Patch: libcap-CVE-2011-4099.diff #URL: http://www.kernel.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: libattr-devel @@ -91,6 +92,7 @@ %prep %setup -q +%patch -p1 %build # lib=%{_lib} make %{?_smp_mflags} COPTFLAG="$RPM_OPT_FLAGS" ++++++ libcap-CVE-2011-4099.diff ++++++
From af725c50c2930485947bd958dbdf984faf8fc1ba Mon Sep 17 00:00:00 2001 From: "Andrew G. Morgan"
Date: Sun, 24 Jul 2011 19:17:25 -0700 Subject: [PATCH] Change directory to "/" after --chroot operation.
Thanks to Steve Grubb for suggesting this. He wrote:
=========
I was reviewing something recently and discovered a problem in capsh. The capsh
program has a --chroot command line option. Inspecting the code shows that it does not
do a chdir("/") after calling chroot. This means that '.' is outside the chroot.
Additional info:
http://cwe.mitre.org/data/definitions/243.html
=========
Signed-off-by: Andrew G. Morgan