diff --git a/python-libmount.changes b/python-libmount.changes index aefa97f..50f9cc0 100644 --- a/python-libmount.changes +++ b/python-libmount.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Fri Feb 6 17:01:02 UTC 2015 - dimstar@opensuse.org + +- Do not try to unregister an info file (ipc.info.gz) which we do + not own. Already in May 2011, we stopped registering it: "do not + register ipc.info.gz (not provided by this package)". + +------------------------------------------------------------------- +Wed Feb 4 19:08:43 CET 2015 - sbrabec@suse.cz + +- libblkid: care about unsafe chars and possible buffer overflow + in cache (CVE-2014-9114, util-linux-libblkid-unsafe-chars.patch, + util-linux-libblkid-overflow.patch, bsc#907434) + +------------------------------------------------------------------- +Thu Jan 29 14:13:41 UTC 2015 - sweet_f_a@gmx.de + +- Update to version 2.25.2: mostly minor fixes + (including boo#908742) +- re-enable utmpdump and ipcs tests for all archs + +------------------------------------------------------------------- +Thu Jan 15 17:15:47 UTC 2015 - schwab@linux-m68k.org + +- Use util-linux:/bin/logger as split-provide, + /usr/lib/systemd/system/fstrim.service didn't exist in 13.1 + ------------------------------------------------------------------- Sat Jan 10 02:24:25 UTC 2015 - jengelh@inai.de diff --git a/python-libmount.spec b/python-libmount.spec index 08b1d77..f98583f 100644 --- a/python-libmount.spec +++ b/python-libmount.spec @@ -1,7 +1,7 @@ # # spec file for package python-libmount # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -120,7 +120,7 @@ BuildRequires: libmount-devel %endif %endif #END SECOND STAGE DEPENDENCIES -Version: 2.25.1 +Version: 2.25.2 Release: 0 # util-linux is a base package and uuidd pre-requiring pwdutils pulls # that into the core build cycle. pwdutils also pulls in the whole @@ -160,6 +160,10 @@ Source51: blkid.conf Patch4: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff # PATCH-FEATURE-SUSE -- Report about disabled encryption to stderr. Patch12: util-linux-noenc-suse.patch +# PATCH-FIX-SECURITY util-linux-libblkid-unsafe-chars.patch bsc907434 CVE-2014-9114 sbrabec@suse.cz -- libblkid: care about unsafe chars in cache +Patch13: util-linux-libblkid-unsafe-chars.patch +# PATCH-FIX-SECURITY util-linux-libblkid-overflow.patch bsc907434 CVE-2014-9114 sbrabec@suse.cz -- libblkid: fix possible buffer overflow +Patch14: util-linux-libblkid-overflow.patch ## ## klogconsole ## @@ -215,7 +219,7 @@ Recommends: which %if %build_util_linux_systemd Supplements: packageand(util-linux:systemd) # Split-provides for upgrade from SLE < 12 and openSUSE <= 13.1 -Provides: util-linux:/usr/lib/systemd/system/fstrim.service +Provides: util-linux:/bin/logger # Service files are being migrated during the update from SLE < 12 and openSUSE <= 13.1 Conflicts: util-linux < 2.25 %systemd_requires @@ -384,6 +388,8 @@ xzcat %{S:0} | %gpg_verify -p %{_name} %{S:12} - %setup -q -n %{_name}-%{version} -b 40 %patch4 -p1 %patch12 -p1 +%patch13 -p1 +%patch14 -p1 # # setctsid cp -p %{S:22} %{S:23} . @@ -610,13 +616,8 @@ export TS_OPT_kill_name_to_number_known_fail="yes" export TS_OPT_kill_print_pid_known_fail="yes" export TS_OPT_kill_queue_known_fail="yes" %endif -%ifarch aarch64 s390 s390x -export TS_OPT_utmpdump_known_fail="yes" -%endif # FIXME: These sometimes fails: export TS_OPT_libmount_lock_known_fail="yes" -# FIXME: It still fails with 3a9ec12: -export TS_OPT_ipcs_limits2_known_fail="yes" # # hacks export PATH="$PATH:/sbin:/usr/sbin" @@ -826,7 +827,6 @@ if [ -f etc/fstab ]; then fi %postun -%install_info_delete --info-dir=%{_infodir} %{_infodir}/ipc.info.gz %{insserv_cleanup} %verifyscript @@ -902,14 +902,12 @@ fi %doc Documentation/cal.txt %doc Documentation/col.txt %doc Documentation/deprecated.txt -%doc Documentation/fdisk.txt %doc Documentation/getopt.txt %doc Documentation/howto-debug.txt %doc Documentation/hwclock.txt %doc Documentation/modems-with-agetty.txt %doc Documentation/mount.txt %doc Documentation/pg.txt -%doc Documentation/sfdisk.txt %config %attr(744,root,root) %{_sysconfdir}/init.d/raw %config(noreplace) %attr(644,root,root) %{_sysconfdir}/raw %config(noreplace) %{_sysconfdir}/filesystems diff --git a/util-linux-2.25.1.tar.sign b/util-linux-2.25.1.tar.sign deleted file mode 100644 index 75ede4f..0000000 --- a/util-linux-2.25.1.tar.sign +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1 - -iQIcBAABAgAGBQJUBu2tAAoJEOS3HV7sOcKEkGoP/18DDxNf35S8AQeXlI8fxGNL -+3udU3DWmYLHepRx3fF4swiQiyVE44YdOyTQsqVNr87dPmh2HeO8ewy1dRqaalJi -+FdU7BXYLz9pKOZpiSdD3DmzqTAMeBUC0m1zkCdO0aYHExMckVFRkDot26n4geEQ -vb0zN67bNK8J0Pif5XDmA0xMlwuvBSe2Epmjhf5snNXOqjArRmwbSEwhk77TfH0F -NrBoyQryKwhUio8P4z1U4Gu1SaNBolemgItDV9VqpNl38rY4U7EejGcEUQGseImt -q49SBYBZ3jSxO0urfT8Nlw9gbrVOd8fHQkaHfJrROJePGckDo+sDDCKTGZGqx45q -+Q6L7Uik+UNFVeBhhe22ctfi3oytNheNjPMx2hYs/jslqluMxmggm39Y8PBS/ZwT -zp951T0XMx/kwBizD8NSvGHkALNcbFP1HCUVb5IsgOtZba3LusKi23W4mplCnmfD -0RiwBoPkcFWwJb3Ih5mK0ahZLEDjMpyt/GLVdAh6SFdEDvdIcfjDUNRuXTDtg28/ -80XyBFe+hqGtutHRLF0K1lOqt5pNyXsnKiS6UdH/Detl8g7F/BUmBFRnxfpNqLab -AvKW+TLryi1Ilrtpj1Va6KzdmFzK84KIxrmPmWpcyt16HDVnlcqrvdhLjD/Wx2Wt -VGUYi2GOUXFBCIJrZ50d -=tkds ------END PGP SIGNATURE----- diff --git a/util-linux-2.25.1.tar.xz b/util-linux-2.25.1.tar.xz deleted file mode 100644 index 9f1af75..0000000 --- a/util-linux-2.25.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4701305ae22790c3a92ce48e50794fa05b7ee01f4227f419a171c100d08986e8 -size 3695172 diff --git a/util-linux-2.25.2.tar.sign b/util-linux-2.25.2.tar.sign new file mode 100644 index 0000000..f5cdfad --- /dev/null +++ b/util-linux-2.25.2.tar.sign @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQIcBAABAgAGBQJUSk3GAAoJEOS3HV7sOcKEsrcQAIRmU5klSM7Q+JWzvvvdoKhb +wVqB5VbYCZEH8L5NMRQwzWbZcMtIsFAD6T7tH6hX/jjYxMB5FdJfWrCdaYsevY6k +hpUkEAK6FWzGGJE/s5sq90zgoDQHCBG2VRxLiKj4WfO8zKfBiJTrA43NQPCSj6pN +fT/t1fzpTQj5BRrhjH/e3ghz+CvSw9LH5RZqB8gURBly+1zuTxDw3zfVEqA44/Y7 +Dl+G+r6DzuiUTjGhXlEeG+NfImGhWAiw+r7ScTBEYmF5lQ1VUWlNCg3cX8/JIU/o +U9TQL3mBdcLc0kVBsQ0XcroCpEyYBNDbyjGUEQ8PIVMCdqg114Jphdp7j+9tecSs +ofBo/P99U43jFtozow+ECHYX6j9LiTyynPZAmMnD+bvtIL/tBDaP4/x0qeqtmJyF ++I+V7fARGqMmyt+3xRD3euN16X15HAOW7tchAfhj7T35WfXfV5jHTiz9RA58EgJ5 +7MKAkezEpMbeWUXkVe2nm9Lcki2pU+iuGC36L6hi1Jlxe58gdF1bE2UXW3eXb6mc +1E3uC3jCJ+5gG8mJBYpf4nt+sXA7Elv9QahTsXABbUyNxR43E47rQgsmPqTZgU8O +TxRUz/ZI1ytVFTeledsWb35mItxiP9g8HgCZF7idcZkqx1p41DMkjj7GCkSHxDju +H19vNbkWYnuK8AoqPAQy +=RONJ +-----END PGP SIGNATURE----- diff --git a/util-linux-2.25.2.tar.xz b/util-linux-2.25.2.tar.xz new file mode 100644 index 0000000..044440d --- /dev/null +++ b/util-linux-2.25.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e0457f715b73f4a349e1acb08cb410bf0edc9a74a3f75c357070f31f70e33cd6 +size 3703644 diff --git a/util-linux-libblkid-overflow.patch b/util-linux-libblkid-overflow.patch new file mode 100644 index 0000000..0f8e763 --- /dev/null +++ b/util-linux-libblkid-overflow.patch @@ -0,0 +1,101 @@ +From 109df14fad4e9570e26950913ebace6c79289400 Mon Sep 17 00:00:00 2001 +From: Sebastian Krahmer +Date: Fri, 5 Dec 2014 10:06:42 +0100 +Subject: [PATCH] libblkid: fix potential bufer overflows + +While digging deeper into libblk probing, I found that some +computations might wrap and allocate too few buffer space which then +overflows. In particular on 32bit systems (chromebook) where size_t is +32bit, this is problematic (for 64bit the result fits into the calloc +size_t). + +Signed-off-by: Karel Zak +--- + libblkid/src/partitions/gpt.c | 12 ++++++++---- + libblkid/src/probe.c | 7 +++++++ + libblkid/src/superblocks/zfs.c | 3 +++ + 3 files changed, 18 insertions(+), 4 deletions(-) + +diff --git a/libblkid/src/partitions/gpt.c b/libblkid/src/partitions/gpt.c +index 6ab4f71..665577f 100644 +--- a/libblkid/src/partitions/gpt.c ++++ b/libblkid/src/partitions/gpt.c +@@ -17,6 +17,7 @@ + #include + #include + #include ++#include + + #include "partitions.h" + #include "crc32.h" +@@ -263,14 +264,17 @@ static struct gpt_header *get_gpt_header( + return NULL; + } + +- /* Size of blocks with GPT entries */ +- esz = le32_to_cpu(h->num_partition_entries) * +- le32_to_cpu(h->sizeof_partition_entry); +- if (!esz) { ++ if (le32_to_cpu(h->num_partition_entries) == 0 || ++ le32_to_cpu(h->sizeof_partition_entry) == 0 || ++ ULONG_MAX / le32_to_cpu(h->num_partition_entries) < le32_to_cpu(h->sizeof_partition_entry)) { + DBG(LOWPROBE, ul_debug("GPT entries undefined")); + return NULL; + } + ++ /* Size of blocks with GPT entries */ ++ esz = le32_to_cpu(h->num_partition_entries) * ++ le32_to_cpu(h->sizeof_partition_entry); ++ + /* The header seems valid, save it + * (we don't care about zeros in hdr->reserved2 area) */ + memcpy(hdr, h, sizeof(*h)); +diff --git a/libblkid/src/probe.c b/libblkid/src/probe.c +index 3f7e43b..70e882a 100644 +--- a/libblkid/src/probe.c ++++ b/libblkid/src/probe.c +@@ -103,6 +103,7 @@ + #include + #include + #include ++#include + + #ifdef HAVE_LIBUUID + # include +@@ -578,6 +579,12 @@ unsigned char *blkid_probe_get_buffer(blkid_probe pr, + return NULL; + } + ++ /* someone trying to overflow some buffers? */ ++ if (len > ULONG_MAX - sizeof(struct blkid_bufinfo)) { ++ errno = ENOMEM; ++ return NULL; ++ } ++ + /* allocate info and space for data by why call */ + bf = calloc(1, sizeof(struct blkid_bufinfo) + len); + if (!bf) { +diff --git a/libblkid/src/superblocks/zfs.c b/libblkid/src/superblocks/zfs.c +index 6ffa24d..86da59d 100644 +--- a/libblkid/src/superblocks/zfs.c ++++ b/libblkid/src/superblocks/zfs.c +@@ -12,6 +12,7 @@ + #include + #include + #include ++#include + + #include "superblocks.h" + +@@ -108,6 +109,8 @@ static void zfs_extract_guid_name(blkid_probe pr, loff_t offset) + + nvs->nvs_type = be32_to_cpu(nvs->nvs_type); + nvs->nvs_strlen = be32_to_cpu(nvs->nvs_strlen); ++ if (nvs->nvs_strlen > UINT_MAX - sizeof(*nvs)) ++ break; + avail -= nvs->nvs_strlen + sizeof(*nvs); + nvdebug("nvstring: type %u string %*s\n", nvs->nvs_type, + nvs->nvs_strlen, nvs->nvs_string); +-- +2.2.2 + diff --git a/util-linux-libblkid-unsafe-chars.patch b/util-linux-libblkid-unsafe-chars.patch new file mode 100644 index 0000000..833f603 --- /dev/null +++ b/util-linux-libblkid-unsafe-chars.patch @@ -0,0 +1,167 @@ +From 89e90ae7b2826110ea28c1c0eb8e7c56c3907bdc Mon Sep 17 00:00:00 2001 +From: Karel Zak +Date: Thu, 27 Nov 2014 13:39:35 +0100 +Subject: [PATCH] libblkid: care about unsafe chars in cache + +The high-level libblkid API uses /run/blkid/blkid.tab cache to +store probing results. The cache format is + + devname + +and unfortunately the cache code does not escape quotation marks: + + # mkfs.ext4 -L 'AAA"BBB' + + # cat /run/blkid/blkid.tab + ... + /dev/sdb1 + +such string is later incorrectly parsed and blkid(8) returns +nonsenses. And for use-cases like + + # eval $(blkid -o export /dev/sdb1) + +it's also insecure. + +Note that mount, udevd and blkid -p are based on low-level libblkid +API, it bypass the cache and directly read data from the devices. + +The current udevd upstream does not depend on blkid(8) output at all, +it's directly linked with the library and all unsafe chars are encoded by +\x notation. + + # mkfs.ext4 -L 'X"`/tmp/foo` "' /dev/sdb1 + # udevadm info --export-db | grep LABEL + ... + E: ID_FS_LABEL=X__/tmp/foo___ + E: ID_FS_LABEL_ENC=X\x22\x60\x2ftmp\x2ffoo\x60\x20\x22 + +Signed-off-by: Karel Zak +--- + libblkid/src/read.c | 21 ++++++++++++++++++--- + libblkid/src/save.c | 22 +++++++++++++++++++++- + misc-utils/blkid.8 | 5 ++++- + misc-utils/blkid.c | 4 ++-- + 4 files changed, 45 insertions(+), 7 deletions(-) + +diff --git a/libblkid/src/read.c b/libblkid/src/read.c +index 0e91c9c..81ab0df 100644 +--- a/libblkid/src/read.c ++++ b/libblkid/src/read.c +@@ -252,15 +252,30 @@ static int parse_token(char **name, char **value, char **cp) + *value = skip_over_blank(*value + 1); + + if (**value == '"') { +- end = strchr(*value + 1, '"'); +- if (!end) { ++ char *p = end = *value + 1; ++ ++ /* convert 'foo\"bar' to 'foo"bar' */ ++ while (*p) { ++ if (*p == '\\') { ++ p++; ++ *end = *p; ++ } else { ++ *end = *p; ++ if (*p == '"') ++ break; ++ } ++ p++; ++ end++; ++ } ++ ++ if (*end != '"') { + DBG(READ, ul_debug("unbalanced quotes at: %s", *value)); + *cp = *value; + return -BLKID_ERR_CACHE; + } + (*value)++; + *end = '\0'; +- end++; ++ end = ++p; + } else { + end = skip_over_word(*value); + if (*end) { +diff --git a/libblkid/src/save.c b/libblkid/src/save.c +index 8216f09..5e8bbee 100644 +--- a/libblkid/src/save.c ++++ b/libblkid/src/save.c +@@ -26,6 +26,21 @@ + + #include "blkidP.h" + ++ ++static void save_quoted(const char *data, FILE *file) ++{ ++ const char *p; ++ ++ fputc('"', file); ++ for (p = data; p && *p; p++) { ++ if ((unsigned char) *p == 0x22 || /* " */ ++ (unsigned char) *p == 0x5c) /* \ */ ++ fputc('\\', file); ++ ++ fputc(*p, file); ++ } ++ fputc('"', file); ++} + static int save_dev(blkid_dev dev, FILE *file) + { + struct list_head *p; +@@ -43,9 +58,14 @@ static int save_dev(blkid_dev dev, FILE *file) + + if (dev->bid_pri) + fprintf(file, " PRI=\"%d\"", dev->bid_pri); ++ + list_for_each(p, &dev->bid_tags) { + blkid_tag tag = list_entry(p, struct blkid_struct_tag, bit_tags); +- fprintf(file, " %s=\"%s\"", tag->bit_name,tag->bit_val); ++ ++ fputc(' ', file); /* space between tags */ ++ fputs(tag->bit_name, file); /* tag NAME */ ++ fputc('=', file); /* separator between NAME and VALUE */ ++ save_quoted(tag->bit_val, file); /* tag "VALUE" */ + } + fprintf(file, ">%s\n", dev->bid_name); + +diff --git a/misc-utils/blkid.8 b/misc-utils/blkid.8 +index 156a14b..c95b833 100644 +--- a/misc-utils/blkid.8 ++++ b/misc-utils/blkid.8 +@@ -200,7 +200,10 @@ partitions. This output format is \fBDEPRECATED\fR. + .TP + .B export + print key=value pairs for easy import into the environment; this output format +-is automatically enabled when I/O Limits (\fB-i\fR option) are requested ++is automatically enabled when I/O Limits (\fB-i\fR option) are requested. ++ ++The non-printing characters are encoded by ^ and M- notation and all ++potentially unsafe characters are escaped. + .RE + .TP + .BI \-O " offset" +diff --git a/misc-utils/blkid.c b/misc-utils/blkid.c +index a6ca660..1bd8646 100644 +--- a/misc-utils/blkid.c ++++ b/misc-utils/blkid.c +@@ -306,7 +306,7 @@ static void print_value(int output, int num, const char *devname, + printf("DEVNAME=%s\n", devname); + fputs(name, stdout); + fputs("=", stdout); +- safe_print(value, valsz, NULL); ++ safe_print(value, valsz, " \\\"'$`<>"); + fputs("\n", stdout); + + } else { +@@ -315,7 +315,7 @@ static void print_value(int output, int num, const char *devname, + fputs(" ", stdout); + fputs(name, stdout); + fputs("=\"", stdout); +- safe_print(value, valsz, "\""); ++ safe_print(value, valsz, "\"\\"); + fputs("\"", stdout); + } + } +-- +2.2.2 + diff --git a/util-linux-systemd.changes b/util-linux-systemd.changes index aefa97f..50f9cc0 100644 --- a/util-linux-systemd.changes +++ b/util-linux-systemd.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Fri Feb 6 17:01:02 UTC 2015 - dimstar@opensuse.org + +- Do not try to unregister an info file (ipc.info.gz) which we do + not own. Already in May 2011, we stopped registering it: "do not + register ipc.info.gz (not provided by this package)". + +------------------------------------------------------------------- +Wed Feb 4 19:08:43 CET 2015 - sbrabec@suse.cz + +- libblkid: care about unsafe chars and possible buffer overflow + in cache (CVE-2014-9114, util-linux-libblkid-unsafe-chars.patch, + util-linux-libblkid-overflow.patch, bsc#907434) + +------------------------------------------------------------------- +Thu Jan 29 14:13:41 UTC 2015 - sweet_f_a@gmx.de + +- Update to version 2.25.2: mostly minor fixes + (including boo#908742) +- re-enable utmpdump and ipcs tests for all archs + +------------------------------------------------------------------- +Thu Jan 15 17:15:47 UTC 2015 - schwab@linux-m68k.org + +- Use util-linux:/bin/logger as split-provide, + /usr/lib/systemd/system/fstrim.service didn't exist in 13.1 + ------------------------------------------------------------------- Sat Jan 10 02:24:25 UTC 2015 - jengelh@inai.de diff --git a/util-linux-systemd.spec b/util-linux-systemd.spec index 7fb79f5..9e00e0b 100644 --- a/util-linux-systemd.spec +++ b/util-linux-systemd.spec @@ -1,7 +1,7 @@ # # spec file for package util-linux-systemd # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -120,7 +120,7 @@ BuildRequires: libmount-devel %endif %endif #END SECOND STAGE DEPENDENCIES -Version: 2.25.1 +Version: 2.25.2 Release: 0 # util-linux is a base package and uuidd pre-requiring pwdutils pulls # that into the core build cycle. pwdutils also pulls in the whole @@ -160,6 +160,10 @@ Source51: blkid.conf Patch4: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff # PATCH-FEATURE-SUSE -- Report about disabled encryption to stderr. Patch12: util-linux-noenc-suse.patch +# PATCH-FIX-SECURITY util-linux-libblkid-unsafe-chars.patch bsc907434 CVE-2014-9114 sbrabec@suse.cz -- libblkid: care about unsafe chars in cache +Patch13: util-linux-libblkid-unsafe-chars.patch +# PATCH-FIX-SECURITY util-linux-libblkid-overflow.patch bsc907434 CVE-2014-9114 sbrabec@suse.cz -- libblkid: fix possible buffer overflow +Patch14: util-linux-libblkid-overflow.patch ## ## klogconsole ## @@ -215,7 +219,7 @@ Recommends: which %if %build_util_linux_systemd Supplements: packageand(util-linux:systemd) # Split-provides for upgrade from SLE < 12 and openSUSE <= 13.1 -Provides: util-linux:/usr/lib/systemd/system/fstrim.service +Provides: util-linux:/bin/logger # Service files are being migrated during the update from SLE < 12 and openSUSE <= 13.1 Conflicts: util-linux < 2.25 %systemd_requires @@ -383,6 +387,8 @@ xzcat %{S:0} | %gpg_verify -p %{_name} %{S:12} - %setup -q -n %{_name}-%{version} -b 40 %patch4 -p1 %patch12 -p1 +%patch13 -p1 +%patch14 -p1 # # setctsid cp -p %{S:22} %{S:23} . @@ -609,13 +615,8 @@ export TS_OPT_kill_name_to_number_known_fail="yes" export TS_OPT_kill_print_pid_known_fail="yes" export TS_OPT_kill_queue_known_fail="yes" %endif -%ifarch aarch64 s390 s390x -export TS_OPT_utmpdump_known_fail="yes" -%endif # FIXME: These sometimes fails: export TS_OPT_libmount_lock_known_fail="yes" -# FIXME: It still fails with 3a9ec12: -export TS_OPT_ipcs_limits2_known_fail="yes" # # hacks export PATH="$PATH:/sbin:/usr/sbin" @@ -825,7 +826,6 @@ if [ -f etc/fstab ]; then fi %postun -%install_info_delete --info-dir=%{_infodir} %{_infodir}/ipc.info.gz %{insserv_cleanup} %verifyscript @@ -901,14 +901,12 @@ fi %doc Documentation/cal.txt %doc Documentation/col.txt %doc Documentation/deprecated.txt -%doc Documentation/fdisk.txt %doc Documentation/getopt.txt %doc Documentation/howto-debug.txt %doc Documentation/hwclock.txt %doc Documentation/modems-with-agetty.txt %doc Documentation/mount.txt %doc Documentation/pg.txt -%doc Documentation/sfdisk.txt %config %attr(744,root,root) %{_sysconfdir}/init.d/raw %config(noreplace) %attr(644,root,root) %{_sysconfdir}/raw %config(noreplace) %{_sysconfdir}/filesystems diff --git a/util-linux.changes b/util-linux.changes index aefa97f..50f9cc0 100644 --- a/util-linux.changes +++ b/util-linux.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Fri Feb 6 17:01:02 UTC 2015 - dimstar@opensuse.org + +- Do not try to unregister an info file (ipc.info.gz) which we do + not own. Already in May 2011, we stopped registering it: "do not + register ipc.info.gz (not provided by this package)". + +------------------------------------------------------------------- +Wed Feb 4 19:08:43 CET 2015 - sbrabec@suse.cz + +- libblkid: care about unsafe chars and possible buffer overflow + in cache (CVE-2014-9114, util-linux-libblkid-unsafe-chars.patch, + util-linux-libblkid-overflow.patch, bsc#907434) + +------------------------------------------------------------------- +Thu Jan 29 14:13:41 UTC 2015 - sweet_f_a@gmx.de + +- Update to version 2.25.2: mostly minor fixes + (including boo#908742) +- re-enable utmpdump and ipcs tests for all archs + +------------------------------------------------------------------- +Thu Jan 15 17:15:47 UTC 2015 - schwab@linux-m68k.org + +- Use util-linux:/bin/logger as split-provide, + /usr/lib/systemd/system/fstrim.service didn't exist in 13.1 + ------------------------------------------------------------------- Sat Jan 10 02:24:25 UTC 2015 - jengelh@inai.de diff --git a/util-linux.spec b/util-linux.spec index 802815b..e36154d 100644 --- a/util-linux.spec +++ b/util-linux.spec @@ -1,7 +1,7 @@ # # spec file for package util-linux # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -120,7 +120,7 @@ BuildRequires: libmount-devel %endif %endif #END SECOND STAGE DEPENDENCIES -Version: 2.25.1 +Version: 2.25.2 Release: 0 # util-linux is a base package and uuidd pre-requiring pwdutils pulls # that into the core build cycle. pwdutils also pulls in the whole @@ -160,6 +160,10 @@ Source51: blkid.conf Patch4: make-sure-sbin-resp-usr-sbin-are-in-PATH.diff # PATCH-FEATURE-SUSE -- Report about disabled encryption to stderr. Patch12: util-linux-noenc-suse.patch +# PATCH-FIX-SECURITY util-linux-libblkid-unsafe-chars.patch bsc907434 CVE-2014-9114 sbrabec@suse.cz -- libblkid: care about unsafe chars in cache +Patch13: util-linux-libblkid-unsafe-chars.patch +# PATCH-FIX-SECURITY util-linux-libblkid-overflow.patch bsc907434 CVE-2014-9114 sbrabec@suse.cz -- libblkid: fix possible buffer overflow +Patch14: util-linux-libblkid-overflow.patch ## ## klogconsole ## @@ -215,7 +219,7 @@ Recommends: which %if %build_util_linux_systemd Supplements: packageand(util-linux:systemd) # Split-provides for upgrade from SLE < 12 and openSUSE <= 13.1 -Provides: util-linux:/usr/lib/systemd/system/fstrim.service +Provides: util-linux:/bin/logger # Service files are being migrated during the update from SLE < 12 and openSUSE <= 13.1 Conflicts: util-linux < 2.25 %systemd_requires @@ -383,6 +387,8 @@ xzcat %{S:0} | %gpg_verify -p %{_name} %{S:12} - %setup -q -n %{_name}-%{version} -b 40 %patch4 -p1 %patch12 -p1 +%patch13 -p1 +%patch14 -p1 # # setctsid cp -p %{S:22} %{S:23} . @@ -609,13 +615,8 @@ export TS_OPT_kill_name_to_number_known_fail="yes" export TS_OPT_kill_print_pid_known_fail="yes" export TS_OPT_kill_queue_known_fail="yes" %endif -%ifarch aarch64 s390 s390x -export TS_OPT_utmpdump_known_fail="yes" -%endif # FIXME: These sometimes fails: export TS_OPT_libmount_lock_known_fail="yes" -# FIXME: It still fails with 3a9ec12: -export TS_OPT_ipcs_limits2_known_fail="yes" # # hacks export PATH="$PATH:/sbin:/usr/sbin" @@ -825,7 +826,6 @@ if [ -f etc/fstab ]; then fi %postun -%install_info_delete --info-dir=%{_infodir} %{_infodir}/ipc.info.gz %{insserv_cleanup} %verifyscript @@ -901,14 +901,12 @@ fi %doc Documentation/cal.txt %doc Documentation/col.txt %doc Documentation/deprecated.txt -%doc Documentation/fdisk.txt %doc Documentation/getopt.txt %doc Documentation/howto-debug.txt %doc Documentation/hwclock.txt %doc Documentation/modems-with-agetty.txt %doc Documentation/mount.txt %doc Documentation/pg.txt -%doc Documentation/sfdisk.txt %config %attr(744,root,root) %{_sysconfdir}/init.d/raw %config(noreplace) %attr(644,root,root) %{_sysconfdir}/raw %config(noreplace) %{_sysconfdir}/filesystems