Release date:
2026-05-12 15:28:46 UTC
Description:
* SECURITY UPDATE: TOCTOU race condition in cap_set_file()
- debian/patches/CVE-2026-4878.patch: open the target file and operate
on /proc/self/fd/N so the inode is locked between the regular-file
check and the xattr update
- CVE-2026-4878
Updated packages:
-
libcap-dev_2.25-1.2+tuxcare.els2_amd64.deb
sha:8505de63870fa874b4637aa16d523d788d74848b
-
libcap2_2.25-1.2+tuxcare.els2_amd64.deb
sha:ea58e59c7d3098459f3f8507f4da2cc84e9d4199
-
libcap2-bin_2.25-1.2+tuxcare.els2_amd64.deb
sha:8f312f43f45651e55638573968597a2c17a276fb
-
libpam-cap_2.25-1.2+tuxcare.els2_amd64.deb
sha:43848ddf673fddf87056ff5d9cce4d944c41a93e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
