--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: prelink clears file capabilities
- From: Dirk Griesbach <spamthis@freenet.de>
- Date: Tue, 28 Jan 2014 18:47:36 +0100
- Message-id: <20140128174736.GA17861@freenet.de>
Package: prelink
Version: 0.0.20090925-8
Severity: normal
Tags: patch
prelink will destroy file capabilities of processed files and prelink -u
does not restore them either. E.g. ping will fail for non-root users
with "icmp open socket: Operation not permitted" because the capability
"cap_net_raw+p" is removed. Please consider applying the patch[1]
mentioned in the Fedora BTS[2].
Regards,
Dirk
[1] https://bugzilla.redhat.com/attachment.cgi?id=462093
[2] https://bugzilla.redhat.com/show_bug.cgi?id=456105
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (101, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.13.0 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages prelink depends on:
pn execstack <none>
prelink recommends no packages.
prelink suggests no packages.
--- End Message ---
--- Begin Message ---
Source: prelink
Source-Version: 0.0.20130503-1
We believe that the bug you reported is fixed in the latest version of
prelink, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 736947@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Geoffrey Thomas <gthomas@mokafive.com> (supplier of updated prelink package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 17 Feb 2014 23:33:57 -0800
Source: prelink
Binary: prelink execstack
Architecture: source amd64
Version: 0.0.20130503-1
Distribution: unstable
Urgency: medium
Maintainer: Geoffrey Thomas <gthomas@mokafive.com>
Changed-By: Geoffrey Thomas <gthomas@mokafive.com>
Description:
execstack - ELF GNU_STACK program header editing utility
prelink - ELF prelinking utility to speed up dynamic linking
Closes: 657967 736947
Changes:
prelink (0.0.20130503-1) unstable; urgency=medium
.
* Against my better judgement, adopt the package (Closes: #657967).
* New upstream release, version 0.5.0 according to Fedora's numbering
(Closes: #736947).
* Bump standards version to 3.9.5.0 (no changes needed).
* In debian/patches:
- prelink.h.patch: Dropped; not needed except for truly ancient libc
versions (2003ish).
- init.patch, timestamp.patch: Refreshed.
- r187.patch, r188.patch, r189.patch, r190.patch: Dropped; part of
new upstream release.
- open-with-mode.patch: Dropped; fixed in upstream r176
"m4/libelf.m4: Resync with version of code in aclocal.m4."
- ts.patch, prelink.8.patch, cache.patch: Dropped; they were
previously commented out in debian/patches. ts skipped some tests
and the other two were fixed upstream.
- dso.c.patch, layout.c.patch, ts2.patch: Deleted; they were
unreferenced in debian/patches and look like old debugging stuff.
* debian/prelink.spec: Sync with Fedora -- this is used in generating
the upstream changelog.
* debian/copyright: Convert to machine-readable format 1.0 (aka DEP-5).
* Add a debian/watch file.
Checksums-Sha1:
ac1bc6f12e7a7bb41c62513ce55dd4dc06a40ece 1190 prelink_0.0.20130503-1.dsc
eff86cb26f0cc174486769527286cc388d5216b0 928040 prelink_0.0.20130503.orig.tar.bz2
5e0694a58fcda303045bdcfa41536266e41c68e7 28328 prelink_0.0.20130503-1.debian.tar.xz
3b1d1b273705cd96c86ffac28f5cfecfbd64936e 947790 prelink_0.0.20130503-1_amd64.deb
3cfc23cb2af59bce1175bcf7f558d4b4c50bb2e6 74712 execstack_0.0.20130503-1_amd64.deb
Checksums-Sha256:
5ada3240c5fe775e5c1b30038bdea1b2c58fca4c4dc44068025ce2700e6535bb 1190 prelink_0.0.20130503-1.dsc
6339c7605e9b6f414d1be32530c9c8011f38820d36431c8a62e8674ca37140f0 928040 prelink_0.0.20130503.orig.tar.bz2
f09826c11cd3cd3301bf19aa131ade0a3d900dcd34f464ebbc857178e728be84 28328 prelink_0.0.20130503-1.debian.tar.xz
2780bdec579fcd45e91125efdca2a7097d204d60da6ea533347cf204a5fea1e3 947790 prelink_0.0.20130503-1_amd64.deb
d5a4afe6174c0f76fd0a5dc682807396e295b8264cf65f10188a3ea55e6942f1 74712 execstack_0.0.20130503-1_amd64.deb
Files:
38bcd9b2dd73c7dd73104925303cc3e7 1190 admin optional prelink_0.0.20130503-1.dsc
4cab1571718a9b25665bd025069a02c7 928040 admin optional prelink_0.0.20130503.orig.tar.bz2
cd457ad4a2a348c82849a90585835dc4 28328 admin optional prelink_0.0.20130503-1.debian.tar.xz
7b9042095e3cf7d6faa8d0062da9f7ab 947790 admin optional prelink_0.0.20130503-1_amd64.deb
437b43bf1c709e4e9bbeefb0ef791f30 74712 admin optional execstack_0.0.20130503-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
iEYEARECAAYFAlMDGXwACgkQN+HBdXAJatF0YgCdGtYQ9xgpoWLXF4AagR6EK461
UWIAoILKsuuDex0v6ALnJWSKrwqBjid5
=r8MH
-----END PGP SIGNATURE-----
--- End Message ---