Bug 727715 - VUL-0: libcap2: capsh does not chdir after chroot
VUL-0: libcap2: capsh does not chdir after chroot
Status: RESOLVED FIXED
: 727713 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: General
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
maint:released:11.3:43992 maint:relea...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-11-02 09:02 UTC by Ludwig Nussel
Modified: 2011-11-21 07:00 UTC (History)
2 users (show)

See Also:
Found By: Other
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ludwig Nussel 2011-11-02 09:02:35 UTC
Your friendly security team received the following report via oss-security.
Please respond ASAP.
The issue is public.

------------------------------------------------------------------------------
Date: Tue, 01 Nov 2011 20:54:37 +0530
From: Huzaifa Sidhpurwala <huzaifas@redhat.com>
Subject: [oss-security] libcap/capsh: does not chdir after chroot

Hi All,

It was found that capsh program, usually shipped with the libcap
package, did not do a chdir("/") after calling chroot, when called with
a "--chroot" option. This resulted in the current directory being
outside the chroot.

This has been assigned CVE-2011-4099

Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=722694


-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team
Comment 1 Ludwig Nussel 2011-11-02 09:33:22 UTC
*** Bug 727713 has been marked as a duplicate of this bug. ***
Comment 2 Takashi Iwai 2011-11-02 10:52:59 UTC
The fixed packages for openSUSE-11.3 and 11.4 are submitted via OBS SRID 89926 and 89927, respectively.
The fixed package for SLE11 is submitted via IBS SRID 16033.

SLE10 has a different version of libcap, so no need for patch.

I took the upstream patch instead of RedHat's one.
Comment 3 Bernhard Wiedemann 2011-11-02 11:00:27 UTC
This is an autogenerated message for OBS integration:
This bug (727715) was mentioned in
https://build.opensuse.org/request/show/89926 11.3 / libcap
https://build.opensuse.org/request/show/89927 11.4 / libcap
Comment 5 Swamp Workflow Management 2011-11-03 21:47:47 UTC
The SWAMPID for this issue is 43975.
This issue was rated as moderate.
Please submit fixed packages until 2011-11-17.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 6 Swamp Workflow Management 2011-11-18 10:19:31 UTC
Update released for: libcap, libcap-debugsource, libcap-devel, libcap-progs, libcap-progs-debuginfo, libcap2, libcap2-debuginfo
Products:
openSUSE 11.3 (debug, i586, x86_64)
openSUSE 11.4 (debug, i586, x86_64)
Comment 7 Swamp Workflow Management 2011-11-18 13:31:47 UTC
Update released for: libcap, libcap-debuginfo, libcap-debugsource, libcap-devel, libcap-progs, libcap2, libcap2-32bit, libcap2-x86
Products:
SLE-DEBUGINFO 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-DESKTOP 11-SP1 (i386, x86_64)
SLE-SDK 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1 (i386, ia64, ppc64, s390x, x86_64)
SLE-SERVER 11-SP1-TERADATA (x86_64)
SLES4VMWARE 11-SP1 (i386, x86_64)
Comment 8 Matthias Weckbecker 2011-11-18 14:02:25 UTC
Updates released?
Comment 9 Bernhard Wiedemann 2011-11-20 08:00:16 UTC
This is an autogenerated message for OBS integration:
This bug (727715) was mentioned in
https://build.opensuse.org/request/show/92689 Evergreen:11.1 / libcap
Comment 10 Bernhard Wiedemann 2011-11-21 07:00:09 UTC
This is an autogenerated message for OBS integration:
This bug (727715) was mentioned in
https://build.opensuse.org/request/show/92801 Evergreen:11.2 / libcap