Accepting request 948494 from home:dirkmueller:Factory
- update to 2.37.3 (bsc#1194976): This release fixes two security mount(8) and umount(8) issues: * CVE-2021-3996 Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID. * CVE-2021-3995 This issue is related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory. OBS-URL: https://build.opensuse.org/request/show/948494 OBS-URL: https://build.opensuse.org/package/show/Base:System/util-linux?expand=0&rev=460
This commit is contained in:
parent
2e15cdd619
commit
cab3427859
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package python3-libmount
|
||||
#
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -125,7 +125,7 @@ BuildRequires: libmount-devel
|
||||
%endif
|
||||
%endif
|
||||
#END SECOND STAGE DEPENDENCIES
|
||||
Version: 2.37.2
|
||||
Version: 2.37.3
|
||||
Release: 0
|
||||
URL: https://www.kernel.org/pub/linux/utils/util-linux/
|
||||
Source: https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-%{version}.tar.xz
|
||||
|
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEsMZNFDAcxu+u32Dk5LcdXuw5woQFAmEaadwACgkQ5LcdXuw5
|
||||
woTRVg//bg/LYBhHKj9o8YfF3EIrQcySrL9hkZ0DnRT2tDEhuGSBZ0SrDI+8KSFn
|
||||
iAxpGSOwVOlPk9M6E5LGb2BrVwtELtug+DymrNXRgx9TPZvch1Ti5qKDSPj9xPqF
|
||||
OdRv1+gL6aeaEz+d0FJUUkYtWMXsc/PeZe11BokEfj6To+7D7poZnUL2QiKnl+w4
|
||||
omyJMpjUrWW+zwWEdDnWWhM9VdxkU/10QOFdb2NibV6kzpdhf80IDfj/PAKXcpNA
|
||||
CqNKUlMmC2qADWurl1DlY9279z8dRPD/u7CtUpdr4MN/lk/5uRNIwBmVId5axySJ
|
||||
jWtgYjtsaarELgRGBIYzFR6tsTfuaLn5/ElefSwzdnQh/4jfarEKHTYo/QULFx8/
|
||||
pXvJVEetQ7GzCduWiEJfQhUcoPY8GmeQcZAj0QyyAvArUc7LwTVDWeh2pNgf6XBR
|
||||
y3zKUQv6PURFEcvz9625I9iXwtouXRuhz8bx6+ON7eNHE0g7PpZVIGkH3cH4/sCy
|
||||
XW36piWAi3W6wbaHnI3EMErGtg9IIT2gQS4HKgB05pq7qHdByPDVRqbXUrgZQj5x
|
||||
umZqCU28/EEtVvO8oJlysycn7nfx1k1S7mvqidmZhndwZrvkKznfq1as+z/bvVwJ
|
||||
Qi7QUyNlbgwLHKv37vEmOQESRLZ4k3qCPjRe7mj+6TuS2bWUXvM=
|
||||
=nxA9
|
||||
-----END PGP SIGNATURE-----
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:6a0764c1aae7fb607ef8a6dd2c0f6c47d5e5fd27aa08820abaad9ec14e28e9d9
|
||||
size 5621624
|
16
util-linux-2.37.3.tar.sign
Normal file
16
util-linux-2.37.3.tar.sign
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEsMZNFDAcxu+u32Dk5LcdXuw5woQFAmHucl0ACgkQ5LcdXuw5
|
||||
woRUIA//fUFuiVwvbCMlkHOUo7ebLozYdnfeqky/t7yxUWwdqttPJiQVO3gfkNWr
|
||||
FI6y2EFun3ToyYdTi4YueDHPyYecPzLMsTot2F0eA+I1blsnHuvspchGd0V5pw8j
|
||||
KWtbD4XUjY5DMS6FyLrkvz6nleDlm1xcNDxvhom5gKwhWOdYkcf21j1M1zqPjyaa
|
||||
DI4CZn5gMvKBfsNFRqQh4+gQMyJ2qNoWpQo7VfHqWPWkC/uzNjifKd2ATlaCeEGF
|
||||
N1Ykm2bM/NZ6vl/MY4DLNJdD8m3xnYoF6zqhFblUMZ0oZVp02D/sfZJGmrLrSmpY
|
||||
UD1bql1JRgrchh1kCboU+PiA6CFk5DWN2ex8O4qnjrc9oab2YQ3vuvrIzT/v0IpG
|
||||
DqIwloW1PL8R5mxOiRC6rUhYAdyLvpVs3ZJrqGtlceB/YpB7vDrIDc3CC45mno2f
|
||||
S9sUc6J+Kq1s5Cd1PEAghMeeoAvnudNuCnXGh0gfF4CNCQ/89sOZMR4YQaCL8xZZ
|
||||
Vp5uDmwtR4YdN0xk5A7BwrGQ18fwymGN9TSP0LkNT8MHRafjGhHRurfDH7MPVUtP
|
||||
IWK+mansvJvbP8OuajsX6w/8umB+8kiGVAV0uh4Cm/Lq1p/HE2g4ZJs1wgHO238a
|
||||
zLo52tiuIN3Kc8nBlYhKOVi30YrcbRWppRbxxVQRHohoHOdrgEg=
|
||||
=Dk1+
|
||||
-----END PGP SIGNATURE-----
|
3
util-linux-2.37.3.tar.xz
Normal file
3
util-linux-2.37.3.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:590c592e58cd6bf38519cb467af05ce6a1ab18040e3e3418f24bcfb2f55f9776
|
||||
size 6126260
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package util-linux-systemd
|
||||
#
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -125,7 +125,7 @@ BuildRequires: libmount-devel
|
||||
%endif
|
||||
%endif
|
||||
#END SECOND STAGE DEPENDENCIES
|
||||
Version: 2.37.2
|
||||
Version: 2.37.3
|
||||
Release: 0
|
||||
URL: https://www.kernel.org/pub/linux/utils/util-linux/
|
||||
Source: https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-%{version}.tar.xz
|
||||
|
@ -1,3 +1,16 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 24 21:57:01 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 2.37.3 (bsc#1194976):
|
||||
This release fixes two security mount(8) and umount(8) issues:
|
||||
* CVE-2021-3996
|
||||
Improper UID check in libmount allows an unprivileged user to unmount FUSE
|
||||
filesystems of users with similar UID.
|
||||
* CVE-2021-3995
|
||||
This issue is related to parsing the /proc/self/mountinfo file allows an
|
||||
unprivileged user to unmount other user's filesystems that are either
|
||||
world-writable themselves or mounted in a world-writable directory.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 14 14:17:41 UTC 2021 - Stanislav Brabec <sbrabec@suse.com>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package util-linux
|
||||
#
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -125,7 +125,7 @@ BuildRequires: libmount-devel
|
||||
%endif
|
||||
%endif
|
||||
#END SECOND STAGE DEPENDENCIES
|
||||
Version: 2.37.2
|
||||
Version: 2.37.3
|
||||
Release: 0
|
||||
URL: https://www.kernel.org/pub/linux/utils/util-linux/
|
||||
Source: https://www.kernel.org/pub/linux/utils/util-linux/v2.37/util-linux-%{version}.tar.xz
|
||||
|
Loading…
Reference in New Issue
Block a user