UbuntuUpdates.org

Package "libcap2-bin"

Name: libcap2-bin

Description:

POSIX 1003.1e capabilities (utilities)
Latest version: 1:2.32-1ubuntu0.2
Release: focal (20.04)
Level: security
Repository: main
Head package: libcap2
Homepage: https://sites.google.com/site/fullycapable/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libcap2-bin"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libcap2-bin" in Focal

Repository Area Version
base main 1:2.32-1
updates main 1:2.32-1ubuntu0.2

Changelog

Version: 1:2.32-1ubuntu0.2 2025-02-24 17:06:55 UTC

  libcap2 (1:2.32-1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: incorrect group name handling
    - debian/patches/CVE-2025-1390-1.patch: fix potential configuration
      parsing error in pam_cap/pam_cap.c.
    - debian/patches/CVE-2025-1390-2.patch: add a test for bad group prefix
      in pam_cap/sudotest.conf.
    - CVE-2025-1390

 -- Marc Deslauriers <email address hidden> Thu, 20 Feb 2025 11:01:08 -0500
Source diff to previous version
CVE-2025-1390 The PAM module pam_cap.so of libcap configuration supports group names starting with “@”, during actual parsing, configurations not starting with “@”

Version: 1:2.32-1ubuntu0.1 2023-06-14 15:07:08 UTC

  libcap2 (1:2.32-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: process memory exhaustion in pthread_create()
    - debian/patches/CVE-2023-2602.patch: correct the check of
      pthread_create()'s return value in libcap/psx.c.
    - CVE-2023-2602
  * SECURITY UPDATE: integer overflow in _libcap_strdup()
    - debian/patches/CVE-2023-2603.patch: properly handle large strings in
      libcap/cap_alloc.c.
    - CVE-2023-2603

 -- Marc Deslauriers <email address hidden> Wed, 07 Jun 2023 09:02:37 -0400
CVE-2023-2602 A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to
CVE-2023-2603 A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is cl


About   -   Send Feedback to @ubuntu_updates