Accepting request 225422 from home:pwieczorkiewicz:branches:Base:System

Update to latest upstream version 2.1.3. Security fix: Bug 865854, CVE-2014-0004. OBS-URL: https://build.opensuse.org/request/show/225422 OBS-URL: https://build.opensuse.org/package/show/Base:System/udisks2?expand=0&rev=41
2014-03-14 13:44:59 +00:00
parent 593c08bb30
commit 58cf70ba63
4 changed files with 23 additions and 4 deletions
--- a/udisks2.changes
+++ b/udisks2.changes
@@ -1,3 +1,22 @@
+-------------------------------------------------------------------
+Mon Mar 10 10:03:31 UTC 2014 - pwieczorkiewicz@suse.com
+
+- Update to version 2.1.3:
+  + Identify SD Card Reader in ChromeBook Pixel
+  + Send SCSI START STOP UNIT when powering down a drive
+  + udisksctl: add power-off verb to power off drives
+  + udisksctl: fix grammar
+  + Prefer /dev/VG/LV for LVM2 volumes.
+  + Fix buffer overflow in mount path parsing. If users have 
+    the possibility to create very long mount points, such as
+    with FUSE, they could cause udisksd to crash, or even to
+    run arbitrary code as root with specially crafted mount paths.
+    (bnc#865854, CVE-2014-0004)
+  + Use SECTOR_COUNT=1 when issuing ATA IDENTIFY COMMAND
+  + Use reentrant version of getpwuid() for thread safety
+  + udisks_daemon_util_get_caller_uid_sync(): Add missing goto
+  + Fix crash when loop-deleting non-loop device
+
 -------------------------------------------------------------------
 Sun Feb 16 22:27:14 UTC 2014 - zaitor@opensuse.org