Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP3:Update
apt-cacher-ng
apt-cacher-ng.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File apt-cacher-ng.changes of Package apt-cacher-ng
------------------------------------------------------------------- Mon Jan 20 11:48:53 UTC 2020 - Matthias Gerstner <matthias.gerstner@suse.com> - fix CVE-2019-18899 (bsc#1157703): the systemd service configuration in apt-cacher-ng.service did run apt-cacher-ng as root while /run/apt-cacher-ng was created for the apt-cacher-ng user via systemd-tmpfiles. A compromised apt-cacher-ng could have performed symlink attacks in /run/apt-cacher-ng to cause writes to privileged file system locations by root. Furthermore the socket path /run/apt-cacher-ng/socket could have been replaced by an attacker owned socket, thereby allowing him to hijack privileged client connections to apt-cacher-ng. Additional unexplored security issues could have been possible. To fix this use the upstream service file with correct privilege drop configuration. During update the ownership of /var/log/apt-cacher-ng and /var/cache/apt-cacher-ng as well as a possibly already running apt-cacher-ng instance (files in /run/apt-cacher-ng) need to be fixed in %pre, %post. ------------------------------------------------------------------- Fri Jan 17 12:39:09 UTC 2020 - Matthias Gerstner <matthias.gerstner@suse.com> - add CVE-2020-5202.patch: fixes bsc#1157706, CVE-2020-5202. A local user account that managed to listen on localhost:3142 before the actual apt-cacher-ng systemd service did could have intercepted client traffic sent by e.g. root via the cron job /etc/cron.daily/apt-cacher-ng, possibly including authentication credentials. ------------------------------------------------------------------- Wed Dec 6 10:30:27 UTC 2017 - mpluskal@suse.com - Use more of cmake macros - Use pkgconfig style dependencies ------------------------------------------------------------------- Tue Dec 5 11:38:57 UTC 2017 - mchandras@suse.de - Version bump to 3.1 * Hide credentials in acngtool in some corner cases * Dropped references to distkill.pl script which was superseeded by acngtool * Made default PassThroughPattern setting stricter * Mirror database update * Avoid expiration failure when some index files are missing - Fix logrotate file installation ------------------------------------------------------------------- Fri May 26 09:50:14 UTC 2017 - jengelh@inai.de - Trim description. Use regular %setup call for all unpacking. ------------------------------------------------------------------- Tue May 16 16:41:49 UTC 2017 - mchandras@suse.de - Initial commit
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor