Your message dated Sun, 28 Jun 2026 22:17:11 +0200
with message-id <[email protected]>
and subject line (fwd) Accepted linuxcnc 1:2.9.9-1 (source) into unstable
has caused the Debian Bug report #1140943,
regarding LinuxCNC: Security issue in suid RTAPI component
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1140943: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1140943
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: linuxcnc-uspace
Severity: important
Version: 1:2.9.0
 
According to the release announcement for version 2.9.9, there is a
security issue that need to be fixed in LinuxCNC:

  To address the last part first, it has been noted by two separate
  people that a weakness in the RTAPI allows for privilege escalation as
  it runs as setuid root (to give direct access to hardware). Given the
  use-case for most LinuxCNC machines this is unlilely to be a problem
  in most cases; most hobby users will have root access anyway. The
  issue has been patched in both 2.9 and in the development branch.


I am not sure which version the problem appeared, but list is as
existing in oldstable to get a fairly solid baseline.

-- 
Happy hacking
Petter Reinholdtsen

--- End Message ---
--- Begin Message ---
Source: linuxcnc
Version: 1:2.9.9-1

This security issue was fixed in version 2.9.9.

-------------------- Start of forwarded message --------------------
From: Debian FTP Masters <[email protected]>
To: [email protected]
Subject: Accepted linuxcnc 1:2.9.9-1 (source) into unstable
Date: Sat, 27 Jun 2026 21:40:58 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 27 Jun 2026 22:15:17 +0200
Source: linuxcnc
Architecture: source
Version: 1:2.9.9-1
Distribution: unstable
Urgency: medium
Maintainer: LinuxCNC Developers <[email protected]>
Changed-By: Petter Reinholdtsen <[email protected]>
Closes: 1098844
Changes:
 linuxcnc (1:2.9.9-1) unstable; urgency=medium
 .
   * New upstream version 2.9.9.
     - Now includes hal_gpio (Closes: #1098844).
   * Reintroduce gbp.conf to enforce pristine-tar and gbp branches.
Checksums-Sha1:
 80b89ee701b253aebbbca4225e2a3875682352a5 3368 linuxcnc_2.9.9-1.dsc
 3daaf7eaa29e15ea65ffba4bbfee257b3ed21409 93560285 linuxcnc_2.9.9.orig.tar.gz
 1c237f368c7c25bc6520af8ea0bb039d722e3780 155444 linuxcnc_2.9.9-1.debian.tar.xz
 2aa1861909ef589586a04477c6fcdf0f161543c7 24620 
linuxcnc_2.9.9-1_source.buildinfo
Checksums-Sha256:
 b5eb7087cc1352baf76b1ed8de65a38e7befac322d1cc0528163501a2e2305e1 3368 
linuxcnc_2.9.9-1.dsc
 2b20883ba16e0d1f0d40260579ebf5818e258bb3f3926569c385f00ce4faa643 93560285 
linuxcnc_2.9.9.orig.tar.gz
 093e90e6c78afefb6baebe0256f2c55f4b2479971fd9dc1337372df9eee8565a 155444 
linuxcnc_2.9.9-1.debian.tar.xz
 60496bfed2225e4827bbec821855868ff533f4a80276534ffb2cea7e07780a27 24620 
linuxcnc_2.9.9-1_source.buildinfo
Files:
 30ad1884224605d5e6c7ede1347a6ac7 3368 misc optional linuxcnc_2.9.9-1.dsc
 a3b37f6f7951a091316dad904b8d6dd8 93560285 misc optional 
linuxcnc_2.9.9.orig.tar.gz
 7e927ca9e8fb2a63eed16d7a2ca7c612 155444 misc optional 
linuxcnc_2.9.9-1.debian.tar.xz
 5bdedf9df604e5d35e4fe7ec5c9b4f5f 24620 misc optional 
linuxcnc_2.9.9-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERqLf4owIeylOb9kkgSgKoIe6+w4FAmpANlMACgkQgSgKoIe6
+w5wRA/9ET/81FP50f6c3wSOVmTq/sdLLbiGbGPh4ZgInOjiBIVnEESyftDLZupT
3MZBl13YNUgkD5T2OmMk1f2eTWVz/8aWbB+/6bAnRW8k0FvAyj2UUfJnslGHuoyB
WUjvPB+8wYDxHzhEJ/+LEcy0cXdciCZwRFesr+8fy74FPhUVH9iByd8baJFqjRgc
QnOsOfvwDMYga+Zp9e6IQnFOq/f2tJm9aFtYGJTCb7d2gsQuK5RZjkoTS3jxKSae
JV0zKvftNxqklfMkNOOpxDWinlUMwBUR/l0ft1bTDrt0fh9zVUIXxtF/x1wiGTFO
Z/DG3yD601TujMXeLyoow41H3UbksnqgFEjAjAQn+bxLMia5qhl6kSTZw/th4kqP
epVBSdquDyjR5UquFyrHVYtFqc5cg2VYDRB3lLguSnd+msqK7F/MAkghAw8jS+CQ
V2aFeCVYZk2hcLRnYb7ImoqjR6sSqxXc+HKiplYNwGamLiDMZUNrTlLq6BdJxlRM
KGJr4oq70E71p5KA1w/t0quCEs6EDZ70YxBNL6NpniQMhd4Xmc7SmRfgKblfD6Go
yIqVSOw3UJw4fBZ39Tp8LFE9Wogf8skuhxmEpvCOnxPTIqgVXZFwOB9EvhaPX89A
wsD8Eyz5iwtatgb1oFGG7kzGWjlrDqBaQ4ZDA7GYFAKVUx8HVCQ=
=ff2H
-----END PGP SIGNATURE-----

Attachment: pgpkF23drwZNk.pgp
Description: PGP signature

-------------------- End of forwarded message --------------------

--- End Message ---

Reply via email to