Two security issues fixed upstream in libcap 2.69 have been announced: https://www.openwall.com/lists/oss-security/2023/05/15/4 https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe Details are here: https://www.openwall.com/lists/oss-security/2023/05/16/2 Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Fixed upstream in 2.69
Another package with no one maintainer in view, so this is to assign globally.
Assignee: bugsquad => pkg-bugs
Ubuntu has issued an advisory for this on June 14: https://ubuntu.com/security/notices/USN-6166-1
Suggested advisory: ======================== The updated packages fix security vulnerabilities: A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. (CVE-2023-2602) A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. (CVE-2023-2603) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2602 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2603 https://www.openwall.com/lists/oss-security/2023/05/15/4 https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe https://www.openwall.com/lists/oss-security/2023/05/16/2 https://ubuntu.com/security/notices/USN-6166-1 ======================== Updated packages in core/updates_testing: ======================== lib(64)cap2-2.46-1.1.mga8 lib(64)cap-devel-2.46-1.1.mga8 libcap-utils-2.46-1.1.mga8 pam_cap-2.46-1.1.mga8 from SRPM: libcap-2.46-1.1.mga8.src.rpm
Version: Cauldron => 8Source RPM: libcap-2.52-2.mga9.src.rpm => libcap-2.46-1.mga8.src.rpmAssignee: pkg-bugs => qa-bugsStatus: NEW => ASSIGNEDCC: (none) => nicolas.salgueroStatus comment: Fixed upstream in 2.69 => (none)Whiteboard: MGA8TOO => (none)
MGA8-64 MATE on Acer Aspire 5253 No installation issues Ref bug 3938 (a bit beyond my level) # capsh --chroot=/ -- -c /bin/pwd / # getcap -v py3requests_test2.py py3requests_test2.py # getpcaps py3requests_test2.py py3requests_test2.py: =ep Giving the OK on the basis it looks reasonable.
Whiteboard: (none) => MGA8-64-OKCC: (none) => herman.viaene
Validating. Advisory in comment 3.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0205.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED
Video games can be a great way to connect with friends and family. Many games allow players to compete or cooperate with each other online, and they can be a great way to stay in touch with loved ones who live far away. https://dinosaurgameoffline.com
CC: (none) => zetisonapi
*** Bug 32559 has been marked as a duplicate of this bug. ***
Redactle uses less Wikipedia articles, which is beneficial. Wikipedia's top 10,000 Level 4 articles form this list. That's little compared to Wikipedia's 6 million articles. You couldn't write about classical concerts with raucous audiences or Fake Bread, but you could discuss Greco-Roman wrestling, algebraic topology, and Ralph Waldo Emerson. https://ricepuritytest2024.com/
CC: (none) => troy28217