Package: linuxcnc-uspace
Severity: important
Version: 1:2.9.0
 
According to the release announcement for version 2.9.9, there is a
security issue that need to be fixed in LinuxCNC:

  To address the last part first, it has been noted by two separate
  people that a weakness in the RTAPI allows for privilege escalation as
  it runs as setuid root (to give direct access to hardware). Given the
  use-case for most LinuxCNC machines this is unlilely to be a problem
  in most cases; most hobby users will have root access anyway. The
  issue has been patched in both 2.9 and in the development branch.


I am not sure which version the problem appeared, but list is as
existing in oldstable to get a fairly solid baseline.

-- 
Happy hacking
Petter Reinholdtsen

Reply via email to