Signed-off-by: Vivek Kumbhar <[email protected]> --- .../libcap/files/CVE-2023-2603.patch | 31 +++++++++++++++++++ meta/recipes-support/libcap/libcap_2.66.bb | 1 + 2 files changed, 32 insertions(+) create mode 100644 meta/recipes-support/libcap/files/CVE-2023-2603.patch
diff --git a/meta/recipes-support/libcap/files/CVE-2023-2603.patch b/meta/recipes-support/libcap/files/CVE-2023-2603.patch new file mode 100644 index 0000000000..c5ecb70896 --- /dev/null +++ b/meta/recipes-support/libcap/files/CVE-2023-2603.patch @@ -0,0 +1,31 @@ +From 8785077d6c69482a2814a2f771aaada2f6ea1894 Mon Sep 17 00:00:00 2001 +From: "Andrew G. Morgan" <[email protected]> +Date: Wed, 24 May 2023 06:55:47 -0700 +Subject: Tidy up the overview example for the "cap" package. + +Signed-off-by: Andrew G. Morgan <[email protected]> + +Upstream-Status: Backport [https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?%20id=422bec25ae4a1ab03fd4d6f728695ed279173b18] +CVE: CVE-2023-2603 +Signed-off-by: Vivek Kumbhar <[email protected]> +--- + cap/cap.go | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/cap/cap.go b/cap/cap.go +index 784bf65..df32436 100644 +--- a/cap/cap.go ++++ b/cap/cap.go +@@ -17,7 +17,8 @@ + // + // // Read and display the capabilities of the running process + // c := cap.GetProc() +-// log.Printf("this process has these caps:", c) ++// iab := cap.IABGetProc() ++// log.Printf("this process has these caps: %q [%v]", c, iab) + // + // // Drop any privilege a process might have (including for root, + // // but note root 'owns' a lot of system files so a cap-limited +-- +2.25.1 + diff --git a/meta/recipes-support/libcap/libcap_2.66.bb b/meta/recipes-support/libcap/libcap_2.66.bb index c50e9d8cc7..844ae58506 100644 --- a/meta/recipes-support/libcap/libcap_2.66.bb +++ b/meta/recipes-support/libcap/libcap_2.66.bb @@ -19,6 +19,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/libs/security/linux-privs/${BPN}2/${BPN}-${ " SRC_URI:append:class-nativesdk = " \ file://0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch \ + file://CVE-2023-2603.patch \ " SRC_URI[sha256sum] = "15c40ededb3003d70a283fe587a36b7d19c8b3b554e33f86129c059a4bb466b2" -- 2.25.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#183306): https://lists.openembedded.org/g/openembedded-core/message/183306 Mute This Topic: https://lists.openembedded.org/mt/99713227/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
