public inbox for development@lists.ipfire.org
 help / color / mirror / Atom feed
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] libcap: Update to version 2.69
Date: Fri, 19 May 2023 13:47:51 +0200	[thread overview]
Message-ID: <20230519114753.8468-5-adolf.belka@ipfire.org> (raw)
In-Reply-To: <20230519114753.8468-1-adolf.belka@ipfire.org>

[-- Attachment #1: Type: text/plain, Size: 5017 bytes --]

- Update from version 2.67 to 2.69
- Update of rootfile
- Changelog
Release notes for 2.69
	2023-05-14 19:10:04 -0700
	    An audit was performed on libcap and friends by https://x41-dsec.de/
             https://x41-dsec.de/news/2023/05/15/libcap-source-code-audit/
             The audit (final report, 2023-05-10)
              https://drive.google.com/file/d/1lsuC_tQbQ5pCE2Sy_skw0a7hTzQyQh2C/view?usp=sharing
              was sponsored by the the Open Source Technology Improvement Fund,
              https://ostif.org/ (blog). Five issues were found. Four of them are
              addressed in this release. Each issue was labeled in the audit results as
              follows:
	        LCAP-CR-23-01 (SEVERITY) LOW (CVE-2023-2602) - found by David Gstir
	        LCAP-CR-23-02 (SEVERITY) MEDIUM (CVE-2023-2603) - found by Richard Weinberger
	        LCAP-CR-23-100 (SEVERITY) NONE
	        LCAP-CR-23-101 (SEVERITY) NONE
	    Man page style improvement from Emanuele Torre
	    Partially revive the ability to build the binaries fully statically.
	        This was needed to make bleeding edge kernel debugging/testing via
                 qemu+busybox work again. Addressing an issue I realized only when I
                 tried to answer this stackexchange question.
                 https://unix.stackexchange.com/questions/741532/launch-process-with-limited-capabilities-on-minimal-busybox-based-system
Release notes for 2.68
	2023-03-25 17:03:17 -0700
	    Force libcap internal functions to be hidden outside the library (Bug 217014)
	    Expanded the list of man page (links) to all of the supported API functions.
	        fixed some formatting issues with the libpsx(3) manpage.
	    Add support for a markdown preamble and postscript when generating .md
             versions of the man pages (Bug 217007)
	    psx package clean up
	        fix some copy-paste errors with TestShared()
	        added a more complete psx testing into this test as well
	    cap package clean up
	        drop an unnecessary use of ", _" in the sources
	        cleaned up cap.NamedCount documentation
	    Converted goapps/web/README to .md format and fixed the instructions to
             indicate go mod tidy is needed.
	    cap_compare test binary now cleans up after itself (Bug 217018)
	    Figured out how to cross compile Go programs for arm (i.e. RPi) that use C
             code, don't use cgo but do use the psx package (all part of investigating
             bug 216610).
	    Eliminate use of vendor directory

Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
 config/rootfiles/common/libcap | 8 ++++++--
 lfs/libcap                     | 4 ++--
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/config/rootfiles/common/libcap b/config/rootfiles/common/libcap
index af1c22e83..f331e2a43 100644
--- a/config/rootfiles/common/libcap
+++ b/config/rootfiles/common/libcap
@@ -6,20 +6,22 @@ sbin/setcap
 #usr/include/sys/psx_syscall.h
 usr/lib/libcap.so
 usr/lib/libcap.so.2
-usr/lib/libcap.so.2.67
+usr/lib/libcap.so.2.69
 #usr/lib/libpsx.so
 #usr/lib/libpsx.so.2
-usr/lib/libpsx.so.2.67
+usr/lib/libpsx.so.2.69
 #usr/lib/pkgconfig/libcap.pc
 #usr/lib/pkgconfig/libpsx.pc
 #usr/lib/security
 usr/lib/security/pam_cap.so
 #usr/share/man/man1/capsh.1
+#usr/share/man/man3/__psx_syscall.3
 #usr/share/man/man3/cap_clear.3
 #usr/share/man/man3/cap_clear_flag.3
 #usr/share/man/man3/cap_compare.3
 #usr/share/man/man3/cap_copy_ext.3
 #usr/share/man/man3/cap_copy_int.3
+#usr/share/man/man3/cap_copy_int_check.3
 #usr/share/man/man3/cap_drop_bound.3
 #usr/share/man/man3/cap_dup.3
 #usr/share/man/man3/cap_fill.3
@@ -71,6 +73,7 @@ usr/lib/security/pam_cap.so
 #usr/share/man/man3/cap_set_nsowner.3
 #usr/share/man/man3/cap_set_proc.3
 #usr/share/man/man3/cap_set_secbits.3
+#usr/share/man/man3/cap_set_syscall.3
 #usr/share/man/man3/cap_setgroups.3
 #usr/share/man/man3/cap_setuid.3
 #usr/share/man/man3/cap_size.3
@@ -80,6 +83,7 @@ usr/lib/security/pam_cap.so
 #usr/share/man/man3/capsetp.3
 #usr/share/man/man3/libcap.3
 #usr/share/man/man3/libpsx.3
+#usr/share/man/man3/psx_load_syscalls.3
 #usr/share/man/man3/psx_set_sensitivity.3
 #usr/share/man/man3/psx_syscall.3
 #usr/share/man/man3/psx_syscall3.3
diff --git a/lfs/libcap b/lfs/libcap
index 63f4ef8b0..951ed80dc 100644
--- a/lfs/libcap
+++ b/lfs/libcap
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 2.67
+VER        = 2.69
 
 THISAPP    = libcap-$(VER)
 DL_FILE    = $(THISAPP).tar.xz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = bd9be22e439397a3c1726093cfee2410df93773b3139d50a1cdc10daecb666ddb9b64daded6e0ec9f2fd6defd16ea156dbd66bd55360ea266131f31ea0f0e989
+$(DL_FILE)_BLAKE2 = 94d1fef7666a1c383a8b96f1f6092bd242164631532868b628d2f5de71b42a371d041a978ef7fbadfee3eeb433165444995d1078cd790275bc0433a7875a697e
 
 install : $(TARGET)
 
-- 
2.40.1


  parent reply	other threads:[~2023-05-19 11:47 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-05-19 11:47 [PATCH] curl: Update to version 8.1.0 Adolf Belka
2023-05-19 11:47 ` [PATCH] dhcpcd: Update to version 10.0.1 Adolf Belka
2023-06-02  9:01   ` Michael Tremer
2023-06-02 10:33     ` Adolf Belka
2023-06-02 10:40       ` Michael Tremer
2023-06-02 11:37         ` Adolf Belka
2023-05-19 11:47 ` [PATCH] ethtool: Update to version 6.3 Adolf Belka
2023-05-19 11:47 ` [PATCH] harfbuzz: Update to version 7.3.0 Adolf Belka
2023-05-19 11:47 ` Adolf Belka [this message]
2023-05-19 11:47 ` [PATCH] nettle: Update to version 3.9 Adolf Belka
2023-05-19 11:47 ` [PATCH] pam: Update to version 1.5.3 Adolf Belka

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20230519114753.8468-5-adolf.belka@ipfire.org \
    --to=adolf.belka@ipfire.org \
    --cc=development@lists.ipfire.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox