Mandriva Linux Security Advisory : libcap-ng (MDVSA-2015:156)
Medium Nessus Plugin ID 82409
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated libcap-ng packages fix security vulnerability :
capng_lock() in libcap-ng before 0.7.4 sets securebits in an attempt to prevent regaining capabilities using setuid-root programs. This allows a user to run setuid programs, such as seunshare from policycoreutils, as uid 0 but without capabilities, which is potentially dangerous (CVE-2014-3215).
SolutionUpdate the affected packages.