Accepting request 1087355 from home:msmeissn:branches:Base:System

- updated to 2.69
  - An audit was performed on libcap and friends by https://x41-dsec.de/ (blog) . The audit (final report, 2023-05-10) was sponsored by the the Open Source Technology Improvement Fund, https://ostif.org/ (blog). Five issues were found. Four of them are addressed in this release. Each issue was labeled in the audit results as follows:
    - LCAP-CR-23-01 (SEVERITY) LOW (CVE-2023-2602) - found by David Gstir (bsc#1211418)
    - LCAP-CR-23-02 (SEVERITY) MEDIUM (CVE-2023-2603) - found by Richard Weinberger (bsc#1211419)
    - LCAP-CR-23-100 (SEVERITY) NONE
    - LCAP-CR-23-101 (SEVERITY) NONE
    - LCAP-CR-23-102 (SEVERITY) NONE
  - Man page style improvement from Emanuele Torre

OBS-URL: https://build.opensuse.org/request/show/1087355
OBS-URL: https://build.opensuse.org/package/show/Base:System/libcap?expand=0&rev=83

libcap-2.68.tar.sign

@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEOKZEaYxpeHNE6VTOKe6EiuLM8/QFAmQfuqcACgkQKe6EiuLM
-8/TNNQ/8DsRCDPACfixsSHRkv7MDEsc6NtAJuXO4hAl+mxUvrXpzxuV1WowUJkR/
-SRhhFOug0Q5kVz7fpoum1e3c4fai2Tp8LsSFCcHAiOmrRe3jEN63stpl6rNBqUDw
-zoW9iaPX4OaACsNPsmBy3Jo8i/JFMFG8LrZ8Yu7jAJtS9+4/hncvibPCqY7MoP3o
-fibAAbokfug9FznmI+OPQoxmL777FJFZjCgPJ0JHvYaF7Lt0Xth490KrHov/y5Hm
-VnX8lRwICK4qUU+Q/H8H3AM9FwSDnDtQcA4rQ5jr0ttBCSe8Jb9IIkJdRDCM9ksr
-Fw5tazi66BF1cfwpN75DWSYk8fDMwrhFqeEwHeqiLsfIt430ihLgUne+EwhpENeH
-/WTgprvt/Z8WN/ONBBc+qhFG9SvBfi8vQFVE8rmudVgbWsny0HejmREtiou/70H9
-y3lprVSRkUSqRyWU9EVWroJQF2QwAtFPYmLdZiu4DZFvaSt5sizPfRmfAAdvOISl
-Ycjca6nvlFsxRFXI/fjePy9MRb0DjCQTX7T4Zi7NLcckYUP0RWi5LGIXZ1bXfJHf
-FvjI4IPrw7vLpoyWWt4IrRF4ZgAq1NdElNsksI4mZJiy+5SbdMeXCaqtc/3JCV90
-GzTZq1BZIEOu+qefmvlgMXqW+D+RGHXR0uDCv7vBmknjQC3ov3Y=
-=UPkp
------END PGP SIGNATURE-----

libcap-2.68.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:90be3b6d41be5f81ae4b03ec76012b0d27c829293684f6c05b65d5f9cce724b2
-size 188824

libcap-2.69.tar.sign

@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEOKZEaYxpeHNE6VTOKe6EiuLM8/QFAmRhl6YACgkQKe6EiuLM
+8/Q0gg/8DrMJ0FugNk6jE4YprJHq1kNjrXgNJ1v2aAKchghnUn0S6po3f0YVeB9q
+UDSoRxBWmz/BwJ8PMRwiX2DWpoD0+F3UjSP37rfTqp3Y7//xP0WkYuKBCBiXwtKG
+MBGw3QGoUmWy77JVBLvlqvgjk8pwLsbVLRGAc0p78CKKE8A02f9U3WCEmFwoP3Ko
+rAiPTWzu1bz1G6nbmEdIqIDffzCt90Ygyop/NVpMQS2QLMvcF2pu/J5AQV8rcEGi
+1G7bvAl/2EtUf4JDrWA+SZXp8uJ0Wx6B+K06D8JYf1NTocVbef+4FQCVtD1KDYXQ
+j4NgyCMBuhKMZ98rqWMQmJ6nWyksTA/IFzOTOY0ywCDtFvxq3W2JS2f0dvty2ea9
+hkWo+S/CQNCbH7X7JvfRUen0844y488uFCoIbnPTcNH0C1N5KBBymT85vXOsDDra
+3OF9us/EyOPBnItmOLB8+ot+v2bpx3JdjEalWkmwkrIbaFLpR6LhNPQRo6LI2lw4
+eLRGA5Oigpxnwz5VYhNFkl7AK1Ni2lfVGsk2mbaz2aq1+6+II2WM6jgC/mt73pv0
+3822hBI76qJIoThTvAdtrWWRd7jCNs57lfONUKdETAbs0XOxcyHrNComtbWb1kyN
+zclCere20HUtYxtdixx30V9DFSmrBLAYgusu6oJp1oEolRugoA4=
+=Qw3r
+-----END PGP SIGNATURE-----

libcap.changes

@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue May 16 08:13:00 UTC 2023 - Marcus Meissner <meissner@suse.com>
+
+- updated to 2.69
+  - An audit was performed on libcap and friends by https://x41-dsec.de/ (blog) . The audit (final report, 2023-05-10) was sponsored by the the Open Source Technology Improvement Fund, https://ostif.org/ (blog). Five issues were found. Four of them are addressed in this release. Each issue was labeled in the audit results as follows:
+    - LCAP-CR-23-01 (SEVERITY) LOW (CVE-2023-2602) - found by David Gstir (bsc#1211418)
+    - LCAP-CR-23-02 (SEVERITY) MEDIUM (CVE-2023-2603) - found by Richard Weinberger (bsc#1211419)
+    - LCAP-CR-23-100 (SEVERITY) NONE
+    - LCAP-CR-23-101 (SEVERITY) NONE
+    - LCAP-CR-23-102 (SEVERITY) NONE
+  - Man page style improvement from Emanuele Torre
+
 -------------------------------------------------------------------
 Thu Mar 30 07:55:07 UTC 2023 - Dirk Müller <dmueller@suse.com>
 

libcap.spec

@@ -17,7 +17,7 @@
 
 
 Name:           libcap
-Version:        2.68
+Version:        2.69
 Release:        0
 Summary:        Library for Capabilities (linux-privs) Support
 License:        BSD-3-Clause OR GPL-2.0-only