Bug 32559 - libcap new security issues CVE-2023-260[23]
Summary: libcap new security issues CVE-2023-260[23]
Status: RESOLVED DUPLICATE of bug 31938
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: Cauldron
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: All Packagers
QA Contact: Sec team
URL:
Whiteboard: MGA9TOO, MGA8TOO
Keywords:
Depends on:
Blocks:
 
Reported: 2023-11-24 12:34 CET by Nicolas Salguero
Modified: 2023-11-27 16:07 CET (History)
0 users

See Also:
Source RPM: libcap-2.52-5.mga9.src.rpm
CVE:
Status comment: Fixed upstream in 2.69

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Salguero 2023-11-24 12:34:13 CET 
Redhat has issued an advisory for that CVE:
https://lwn.net/Articles/952248/

The problem is fixed in 2.69.

Mageia 8 and 9 are also affected.
Nicolas Salguero 2023-11-24 12:34:43 CET

Whiteboard: (none) => MGA9TOO, MGA8TOO
Source RPM: (none) => libcap-2.52-5.mga9.src.rpm
Status comment: (none) => Fixed upstream in 2.69

Comment 1 Lewis Smith 2023-11-24 21:28:01 CET 
I think the main pkgs are lib64cap2, libcap-utils.
Our current v2.52 is quite old.

No one packager in view for this, so assigning the bug globally.

Assignee: bugsquad => pkg-bugs

Comment 2 Nicolas Salguero 2023-11-27 16:07:53 CET 
Duplicate of bug 31938.

*** This bug has been marked as a duplicate of bug 31938 ***

Resolution: (none) => DUPLICATE
Status: NEW => RESOLVED
Note You need to log in before you can comment on or make changes to this bug.