diff mbox series

libcap: Update to version 2.69

Message ID	20230519114753.8468-5-adolf.belka@ipfire.org
State	Accepted
Commit	177c2c3f353cbd07a60bbea9dac21f002b387614
Headers	From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] libcap: Update to version 2.69 Date: Fri, 19 May 2023 13:47:51 +0200 Message-Id: <20230519114753.8468-5-adolf.belka@ipfire.org> In-Reply-To: <20230519114753.8468-1-adolf.belka@ipfire.org> References: <20230519114753.8468-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org>
Series	libcap: Update to version 2.69 \| libcap: Update to version 2.69

Commit Message

Adolf Belka May 19, 2023, 11:47 a.m. UTC

  - Update from version 2.67 to 2.69
- Update of rootfile
- Changelog
Release notes for 2.69
	2023-05-14 19:10:04 -0700
	    An audit was performed on libcap and friends by https://x41-dsec.de/
             https://x41-dsec.de/news/2023/05/15/libcap-source-code-audit/
             The audit (final report, 2023-05-10)
              https://drive.google.com/file/d/1lsuC_tQbQ5pCE2Sy_skw0a7hTzQyQh2C/view?usp=sharing
              was sponsored by the the Open Source Technology Improvement Fund,
              https://ostif.org/ (blog). Five issues were found. Four of them are
              addressed in this release. Each issue was labeled in the audit results as
              follows:
	        LCAP-CR-23-01 (SEVERITY) LOW (CVE-2023-2602) - found by David Gstir
	        LCAP-CR-23-02 (SEVERITY) MEDIUM (CVE-2023-2603) - found by Richard Weinberger
	        LCAP-CR-23-100 (SEVERITY) NONE
	        LCAP-CR-23-101 (SEVERITY) NONE
	    Man page style improvement from Emanuele Torre
	    Partially revive the ability to build the binaries fully statically.
	        This was needed to make bleeding edge kernel debugging/testing via
                 qemu+busybox work again. Addressing an issue I realized only when I
                 tried to answer this stackexchange question.
                 https://unix.stackexchange.com/questions/741532/launch-process-with-limited-capabilities-on-minimal-busybox-based-system
Release notes for 2.68
	2023-03-25 17:03:17 -0700
	    Force libcap internal functions to be hidden outside the library (Bug 217014)
	    Expanded the list of man page (links) to all of the supported API functions.
	        fixed some formatting issues with the libpsx(3) manpage.
	    Add support for a markdown preamble and postscript when generating .md
             versions of the man pages (Bug 217007)
	    psx package clean up
	        fix some copy-paste errors with TestShared()
	        added a more complete psx testing into this test as well
	    cap package clean up
	        drop an unnecessary use of ", _" in the sources
	        cleaned up cap.NamedCount documentation
	    Converted goapps/web/README to .md format and fixed the instructions to
             indicate go mod tidy is needed.
	    cap_compare test binary now cleans up after itself (Bug 217018)
	    Figured out how to cross compile Go programs for arm (i.e. RPi) that use C
             code, don't use cgo but do use the psx package (all part of investigating
             bug 216610).
	    Eliminate use of vendor directory

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 config/rootfiles/common/libcap | 8 ++++++--
 lfs/libcap                     | 4 ++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff mbox series

Patch

diff --git a/config/rootfiles/common/libcap b/config/rootfiles/common/libcap
index af1c22e83..f331e2a43 100644
--- a/config/rootfiles/common/libcap
+++ b/config/rootfiles/common/libcap
@@ -6,20 +6,22 @@  sbin/setcap
 #usr/include/sys/psx_syscall.h
 usr/lib/libcap.so
 usr/lib/libcap.so.2
-usr/lib/libcap.so.2.67
+usr/lib/libcap.so.2.69
 #usr/lib/libpsx.so
 #usr/lib/libpsx.so.2
-usr/lib/libpsx.so.2.67
+usr/lib/libpsx.so.2.69
 #usr/lib/pkgconfig/libcap.pc
 #usr/lib/pkgconfig/libpsx.pc
 #usr/lib/security
 usr/lib/security/pam_cap.so
 #usr/share/man/man1/capsh.1
+#usr/share/man/man3/__psx_syscall.3
 #usr/share/man/man3/cap_clear.3
 #usr/share/man/man3/cap_clear_flag.3
 #usr/share/man/man3/cap_compare.3
 #usr/share/man/man3/cap_copy_ext.3
 #usr/share/man/man3/cap_copy_int.3
+#usr/share/man/man3/cap_copy_int_check.3
 #usr/share/man/man3/cap_drop_bound.3
 #usr/share/man/man3/cap_dup.3
 #usr/share/man/man3/cap_fill.3
@@ -71,6 +73,7 @@  usr/lib/security/pam_cap.so
 #usr/share/man/man3/cap_set_nsowner.3
 #usr/share/man/man3/cap_set_proc.3
 #usr/share/man/man3/cap_set_secbits.3
+#usr/share/man/man3/cap_set_syscall.3
 #usr/share/man/man3/cap_setgroups.3
 #usr/share/man/man3/cap_setuid.3
 #usr/share/man/man3/cap_size.3
@@ -80,6 +83,7 @@  usr/lib/security/pam_cap.so
 #usr/share/man/man3/capsetp.3
 #usr/share/man/man3/libcap.3
 #usr/share/man/man3/libpsx.3
+#usr/share/man/man3/psx_load_syscalls.3
 #usr/share/man/man3/psx_set_sensitivity.3
 #usr/share/man/man3/psx_syscall.3
 #usr/share/man/man3/psx_syscall3.3
diff --git a/lfs/libcap b/lfs/libcap
index 63f4ef8b0..951ed80dc 100644
--- a/lfs/libcap
+++ b/lfs/libcap
@@ -24,7 +24,7 @@ 
 
 include Config
 
-VER        = 2.67
+VER        = 2.69
 
 THISAPP    = libcap-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@  objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = bd9be22e439397a3c1726093cfee2410df93773b3139d50a1cdc10daecb666ddb9b64daded6e0ec9f2fd6defd16ea156dbd66bd55360ea266131f31ea0f0e989
+$(DL_FILE)_BLAKE2 = 94d1fef7666a1c383a8b96f1f6092bd242164631532868b628d2f5de71b42a371d041a978ef7fbadfee3eeb433165444995d1078cd790275bc0433a7875a697e
 
 install : $(TARGET)