Accepting request 948494 from home:dirkmueller:Factory

- update to 2.37.3 (bsc#1194976): This release fixes two security mount(8) and umount(8) issues: * CVE-2021-3996 Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID. * CVE-2021-3995 This issue is related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory. OBS-URL: https://build.opensuse.org/request/show/948494 OBS-URL: https://build.opensuse.org/package/show/Base:System/util-linux?expand=0&rev=460
2022-01-24 22:38:41 +00:00
parent 2e15cdd619
commit cab3427859
8 changed files with 38 additions and 25 deletions
--- a/util-linux.changes
+++ b/util-linux.changes
@@ -1,3 +1,16 @@
+-------------------------------------------------------------------
+Mon Jan 24 21:57:01 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 2.37.3 (bsc#1194976):
+  This release fixes two security mount(8) and umount(8) issues: 
+  * CVE-2021-3996
+    Improper UID check in libmount allows an unprivileged user to unmount FUSE
+    filesystems of users with similar UID.
+  * CVE-2021-3995
+    This issue is related to parsing the /proc/self/mountinfo file allows an
+    unprivileged user to unmount other user's filesystems that are either
+    world-writable themselves or mounted in a world-writable directory.
+
 -------------------------------------------------------------------
 Tue Dec 14 14:17:41 UTC 2021 - Stanislav Brabec <sbrabec@suse.com>