Commit 5cc2e479 for xz

commit 5cc2e479eb447a444f5ab005fc36b7f275c75eb5
Author: Guillaume Outters <guillaume-installs@outters.eu>
Date:   Fri Apr 25 02:55:08 2025 +0200

    xz, xzdec: Capsicum sandbox: Fix incorrect use of cap_rights_clear()

    cap_rights_clear() with no additional arguments acts as a no-op, so
    instead of removing all capability rights from STDIN_FILENO, the same
    rights were allowed for STDIN_FILENO as were allowed for src_fd.

    Fixes: a0eecc235d3b ("xz: Make Capsicum sandbox more strict with stdin and stdout.")
    (The commit message says "stdout". It should have said "stderr".)

diff --git a/src/xz/sandbox.c b/src/xz/sandbox.c
index f5576960..1f040e4a 100644
--- a/src/xz/sandbox.c
+++ b/src/xz/sandbox.c
@@ -274,7 +274,7 @@ sandbox_enable_strict_if_allowed(

 	// If not reading from stdin, remove all capabilities from it.
 	if (src_fd != STDIN_FILENO && cap_rights_limit(
-			STDIN_FILENO, cap_rights_clear(&rights)))
+			STDIN_FILENO, cap_rights_init(&rights)))
 		goto error;

 	if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,
diff --git a/src/xzdec/xzdec.c b/src/xzdec/xzdec.c
index 96e24444..e1e27449 100644
--- a/src/xzdec/xzdec.c
+++ b/src/xzdec/xzdec.c
@@ -321,7 +321,7 @@ sandbox_enter(int src_fd)

 	// If not reading from stdin, remove all capabilities from it.
 	if (src_fd != STDIN_FILENO && cap_rights_limit(
-			STDIN_FILENO, cap_rights_clear(&rights)))
+			STDIN_FILENO, cap_rights_init(&rights)))
 		goto error;

 	if (cap_rights_limit(STDOUT_FILENO, cap_rights_init(&rights,