Release date:
2026-05-12 15:25:43 UTC
Description:
* SECURITY UPDATE: TOCTOU race condition in cap_set_file()
- debian/patches/CVE-2026-4878.patch: open the target file and operate
on /proc/self/fd/N so the inode is locked between the regular-file
check and the xattr update
- CVE-2026-4878
Updated packages:
-
libcap-dev_2.24-12+tuxcare.els2_amd64.deb
sha:6f95fcf7335791517ad141c770734f2cd88a0e2b
-
libcap2_2.24-12+tuxcare.els2_amd64.deb
sha:ae864ac1d9e1dfd10283d48b76379a5f9141b1f0
-
libcap2-bin_2.24-12+tuxcare.els2_amd64.deb
sha:cf5323151af2c3085879f18741075f7a0cf1cdac
-
libpam-cap_2.24-12+tuxcare.els2_amd64.deb
sha:e969f3781e57d798d499d5c92bbfde68140b79b8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
