lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <aIkfm1AGBoINgSRF@mail.hallyn.com>
Date: Tue, 29 Jul 2025 14:23:07 -0500
From: "Serge E. Hallyn" <serge@...lyn.com>
To: torvalds@...ux-foundation.org, linux-security-module@...r.kernel.org,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Ariel Otilibili <ariel.otilibili-anieli@...ecom.fr>,
	"Andrew G. Morgan" <morgan@...nel.org>,
	Paul Moore <paul@...l-moore.com>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Max Kellermann <max.kellermann@...os.com>,
	Jann Horn <jannh@...gle.com>, Kees Cook <kees@...nel.org>
Subject: [GIT PULL] capabilities update for v6.17-rc1

The following changes since commit 19272b37aa4f83ca52bdf9c16d5d81bdd1354494:

  Linux 6.16-rc1 (2025-06-08 13:44:43 -0700)

are available in the Git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux.git tags/caps-pr-20250729

for you to fetch changes up to cdd73b1666079a73d061396f361df55d59fe96e6:

  uapi: fix broken link in linux/capability.h (2025-07-04 19:21:53 -0500)

----------------------------------------------------------------
Capabilities update for 6.17

This branch contains two patches:

  cdd73b1666079a73d061396f361df55d59fe96e6 uapi: fix broken link in linux/capability.h

This updates documentation in capability.h.

  337490f0007f910968f828e46501db3091b1a4f8 exec: Correct the permission check for unsafe exec

This is not a trivial patch, but fixes a real problem where during
exec, different effective and real credentials were assumed to mean
changed credentials, making it impossible in the no-new-privs case
to keep different uid and euid.

These are available at:

   git://git.kernel.org/pub/scm/linux/kernel/git/sergeh/linux.git #caps-pr-20250729

on top of commit 19272b37aa4f83ca52bdf9c16d5d81bdd1354494 (tag: v6.16-rc1)


----------------------------------------------------------------
Ariel Otilibili (1):
      uapi: fix broken link in linux/capability.h

Eric W. Biederman (1):
      exec: Correct the permission check for unsafe exec

 include/uapi/linux/capability.h |  5 +++--
 security/commoncap.c            | 20 ++++++++------------
 2 files changed, 11 insertions(+), 14 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ