diff options
| author | William Hubbs <w.d.hubbs@gmail.com> | 2020-11-20 10:00:34 -0600 |
|---|---|---|
| committer | William Hubbs <w.d.hubbs@gmail.com> | 2020-11-20 10:00:34 -0600 |
| commit | 3ed4126a31406124ae8042fc3d4c0bf963d6961e (patch) | |
| tree | 28e1a3d578b43011371e84255758a30f94bfd400 | |
| parent | aa0fdf6d08b987dfcabebf5b8d05beff015ad8f4 (diff) | |
update news for 0.43 with info on checkpath fix
| -rw-r--r-- | NEWS.md | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -4,6 +4,16 @@ OpenRC NEWS This file will contain a list of notable changes for each release. Note the information in this file is in reverse order. +## OpenRC 0.43 + +This version changes the behavior of the checkpath helper to address +CVE-2018-21269. on Linux systems, We require non-terminal symbolic links +to be owned by root. Since we can't do this on non-linux xystems, we do +not dereference non-terminal symbolic links by default. If you need them +dereferenced, you should add the "-s" switch to the appropriate +checkpath calls. +For more information, see http://github.com/openrc/openrc/issues/201. + ## OpenRC 0.42 openrc-shutdown now has the ability to shut down sysvinit-based systems. |