Overview Repositories Revisions Requests Users Attributes Meta

Revisions of libcap

buildservice-autocommit accepted request 1087357 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 84) 
baserev update by copy to link target
Marcus Meissner's avatar Marcus Meissner (msmeissn) accepted request 1087355 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 83) 
- updated to 2.69
  - An audit was performed on libcap and friends by https://x41-dsec.de/ (blog) . The audit (final report, 2023-05-10) was sponsored by the the Open Source Technology Improvement Fund, https://ostif.org/ (blog). Five issues were found. Four of them are addressed in this release. Each issue was labeled in the audit results as follows:
    - LCAP-CR-23-01 (SEVERITY) LOW (CVE-2023-2602) - found by David Gstir (bsc#1211418)
    - LCAP-CR-23-02 (SEVERITY) MEDIUM (CVE-2023-2603) - found by Richard Weinberger (bsc#1211419)
    - LCAP-CR-23-100 (SEVERITY) NONE
    - LCAP-CR-23-101 (SEVERITY) NONE
    - LCAP-CR-23-102 (SEVERITY) NONE
  - Man page style improvement from Emanuele Torre
buildservice-autocommit accepted request 1075562 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 82) 
baserev update by copy to link target
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 81) 
- update to 2.68:
  * Force libcap internal functions to be hidden outside the library
  * Expanded the list of man page (links) to all of the supported API
    functions.
  * fixed some formatting issues with the libpsx(3) manpage.
  * Add support for a markdown preamble and postscript when generating
    .md versions of the man pages (Bug 217007)
  * psx package clean up
  * fix some copy-paste errors with TestShared()
  * added a more complete psx testing into this test as well
  * cap package clean up
  * drop an unnecessary use of ", _" in the sources
  * cleaned up cap.NamedCount documentation
  * Converted goapps/web/README to .md format and fixed the
    instructions to indicate go mod tidy is needed.
  * cap_compare test binary now cleans up after itself (Bug 217018)
  * Figured out how to cross compile Go programs for arm (i.e. RPi) that
    use C code, don't use cgo but do use the psx package
  * Eliminate use of vendor directory
buildservice-autocommit accepted request 1074160 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 80) 
baserev update by copy to link target
Dirk Mueller's avatar Dirk Mueller (dirkmueller) accepted request 1074133 from Martin Liška's avatar Martin Liška (marxin) (revision 79) 
- Enable LTO and add missing -ffat-lto-objects for the provided
  static libs.
Takashi Iwai's avatar Takashi Iwai (tiwai) accepted request 1074125 from Takashi Iwai's avatar Takashi Iwai (tiwai) (revision 78) 
- Revert LTO again; it still breaks builds
Takashi Iwai's avatar Takashi Iwai (tiwai) accepted request 1073998 from Martin Liška's avatar Martin Liška (marxin) (revision 77) 
- Enable LTO as it works fine.
buildservice-autocommit accepted request 1064421 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 76) 
baserev update by copy to link target
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 75) 
- update to 2.67:
  * Replace use of fgrep with grep -F (POSIX grep flags preferred by
    GNU grep) - patch from David Seifert.
  * Added SPDX identifiers to License file(s). Hopefully this will
    help the various robots out there correctly identify the
    longstanding licenses for libcap and friends. (Bug: 216609
    reported by Günther Noack)
  * Started down the rabbit hole of trying to address (Bug: 216610
    reported by Günther Noack on behalf of Michael Stapelberg)
  * The basic issue is how to link C code with Go psx without using
    CGo. This is all a low level hackery. If you are interested,
    browse the source.
  * Correct for bad whatis entries in man pages (this was throwing a
    Debian build test, detail)
  * Also reviewed man pages and addressed cross linkage issues (Bug:
  * Cleaned up some README.md files (made a github mirror now just so
    I can automatically render them).
  * Changed meaning of DYNAMIC=no builds.
    This now builds everything with static linking except for libc.
    The reason for this exception is explained in the commit message.
  * Inserted demonstration exploit code in capso.so to support
    article.
  * Minor clarification to cap_get_pid() man page concerning pid
    value within namespaces.
buildservice-autocommit accepted request 1007104 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 74) 
baserev update by copy to link target
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 73) 
- update to 2.66:
  * Fix documentation typos in cap_from_text.3
  * Some getpcaps code clean up and a fix for PID argument parsing from Jakub
    Wilk.
  * Slightly more robust Makefiles to address an error with make -j48 test observed
  * Include a simple Go program, captrace, to trace kernel capability validation
    checks
  * This program can be used to figure out what capabilities a program needs to
    operate.
  * captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for
    capability checks and whether or not they succeed for the system, a specific
    PID or a program's direct execution.
  * Trim down the default file capabilities for contrib/sucap/su to those actually
    needed and set USER and HOME environment variables so bash doesn't complain
    about a sourcing error.
buildservice-autocommit accepted request 990728 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 72) 
baserev update by copy to link target
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 71) 
- update to 2.65:
  * Fix syntax error in DEBUG build of protected code in setcap.c.
  * Prevent bash from reading the wrong startup files when the capsh --user=xxx
    argument is used to invoke a shell as the user xxx. This is done by capsh now
    changing the USER and HOME environment variables when --user is specified.
    The argument --noenv can be used to suppress this behavior to what used to be
    the problematic default. (Bug: 215926)
  * Improved documentation
buildservice-autocommit accepted request 969556 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 70) 
baserev update by copy to link target
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 69) 
- update to 2.64:
  * Fix memory leak in libpsx at program exit.
  * Be more resilient to CGo configuration with Go compiler when building tests.
  * Fix cap_*prctl() return code/errno handling.
  * Minor clarification to cap_get_pid() man page concerning pid value within namespaces.
Marcus Meissner's avatar Marcus Meissner (msmeissn) accepted request 957541 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 68) 
Merged some changes and metadata over from the SLE side.

- Use "or" in the license tag to avoid confusion (bsc#1180073)
- Update to version 2.30 (jsc#SLE-17092, jsc#ECO-3460):
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 67) 
- update to 2.63:
  * restore errno to zero by the time main() is executed
  * Consistent psx handling (a panic) for syscalls that return thread dependent
    status Inconsistend behavior noticed by Lorenz Bauer
  * Add a test case for a deadlock under investigation in golang
  * Trim some of the #include file use to make the tree compile more
    efficiently
Dirk Mueller's avatar Dirk Mueller (dirkmueller) committed (revision 66) 
- update to 2.62:
  * Bug fix for Go package "cap" and launching
  * Build cleanups
  * Documentation updates: cap_max_bits has a man page entry
  * Recognize default securebits as a libcap mode: HYBRID
Displaying revisions 1 - 20 of 85
openSUSE Build Service is sponsored by
Places