Revision Date: | 2019-11-12 | Version: | 1 |
Title: | Security update for libseccomp (Moderate) |
Description: |
This update for libseccomp fixes the following issues:
Update to new upstream release 2.4.1:
Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks.
Updated to 2.4.0 (bsc#1128828 CVE-2019-9893):
Update the syscall table for Linux v5.0-rc5 * Added support for the SCMP_ACT_KILL_PROCESS action * Added support for the SCMP_ACT_LOG action and SCMP_FLTATR_CTL_LOG attribute * Added explicit 32-bit (SCMP_AX_32(...)) and 64-bit (SCMP_AX_64(...)) argument comparison macros to help protect against unexpected sign extension * Added support for the parisc and parisc64 architectures * Added the ability to query and set the libseccomp API level via seccomp_api_get(3) and seccomp_api_set(3) * Return -EDOM on an endian mismatch when adding an architecture to a filter * Renumber the pseudo syscall number for subpage_prot() so it no longer conflicts with spu_run() * Fix PFC generation when a syscall is prioritized, but no rule exists * Numerous fixes to the seccomp-bpf filter generation code * Switch our internal hashing function to jhash/Lookup3 to MurmurHash3 * Numerous tests added to the included test suite, coverage now at ~92% * Update our Travis CI configuration to use Ubuntu 16.04 * Numerous documentation fixes and updates
Update to release 2.3.3:
Updated the syscall table for Linux v4.15-rc7
Update to release 2.3.2:
Achieved full compliance with the CII Best Practices program * Added Travis CI builds to the GitHub repository * Added code coverage reporting with the '--enable-code-coverage' configure flag and added Coveralls to the GitHub repository * Updated the syscall tables to match Linux v4.10-rc6+ * Support for building with Python v3.x * Allow rules with the -1 syscall if the SCMP\_FLTATR\_API\_TSKIP attribute is set to true * Several small documentation fixes
- ignore make check error for ppc64/ppc64le, bypass bsc#1142614
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1082318 1128828 1142614 CVE-2019-9893 SUSE-SU-2019:2941-1
|
Platform(s): | SUSE Linux Enterprise Desktop 12 SP4
| Product(s): | |
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information
libseccomp2-2.4.1-11.3.2 is installed
OR libseccomp2-32bit-2.4.1-11.3.2 is installed
|