| Description: | The libcap packages provide a library and tools for getting and settingPOSIX capabilities.It was found that capsh did not change into the new root when using the"--chroot" option. An application started via the "capsh --chroot" commandcould use this flaw to escape the chroot restrictions. (CVE-2011-4099)This update also fixes the following bug:* Previously, the libcap packages did not contain the capsh(1) manual page.With this update, the capsh(1) manual page is included. (BZ#730957)All libcap users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. |