libcap-devel-2.69-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12945 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libcap-devel-2.69-1.1 on GA media These are all security issues fixed in the libcap-devel-2.69-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12945 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12945 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2023-2602/ SUSE CVE CVE-2023-2602 page https://www.suse.com/security/cve/CVE-2023-2603/ SUSE CVE CVE-2023-2603 page openSUSE Tumbleweed libcap-devel-2.69-1.1 libcap-progs-2.69-1.1 libcap2-2.69-1.1 libcap2-32bit-2.69-1.1 libpsx2-2.69-1.1 libpsx2-32bit-2.69-1.1 libcap-devel-2.69-1.1 as a component of openSUSE Tumbleweed libcap-progs-2.69-1.1 as a component of openSUSE Tumbleweed libcap2-2.69-1.1 as a component of openSUSE Tumbleweed libcap2-32bit-2.69-1.1 as a component of openSUSE Tumbleweed libpsx2-2.69-1.1 as a component of openSUSE Tumbleweed libpsx2-32bit-2.69-1.1 as a component of openSUSE Tumbleweed A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. CVE-2023-2602 openSUSE Tumbleweed:libcap-devel-2.69-1.1 openSUSE Tumbleweed:libcap-progs-2.69-1.1 openSUSE Tumbleweed:libcap2-2.69-1.1 openSUSE Tumbleweed:libcap2-32bit-2.69-1.1 openSUSE Tumbleweed:libpsx2-2.69-1.1 openSUSE Tumbleweed:libpsx2-32bit-2.69-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2602.html CVE-2023-2602 https://bugzilla.suse.com/1211418 SUSE Bug 1211418 A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. CVE-2023-2603 openSUSE Tumbleweed:libcap-devel-2.69-1.1 openSUSE Tumbleweed:libcap-progs-2.69-1.1 openSUSE Tumbleweed:libcap2-2.69-1.1 openSUSE Tumbleweed:libcap2-32bit-2.69-1.1 openSUSE Tumbleweed:libpsx2-2.69-1.1 openSUSE Tumbleweed:libpsx2-32bit-2.69-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2023-2603.html CVE-2023-2603 https://bugzilla.suse.com/1211419 SUSE Bug 1211419