diff options
| author | Hauke Mehrtens <hauke@hauke-m.de> | 2022-01-29 12:01:19 +0100 |
|---|---|---|
| committer | Hauke Mehrtens <hauke@hauke-m.de> | 2022-02-01 21:25:02 +0100 |
| commit | 18c6b99666acc98238013b081b9cdaf2ab4d06d9 (patch) | |
| tree | 5c7886288cab6d6b82634520f2df34279bdfaf03 /package/utils | |
| parent | 693d7c12e8fcdf553cd46fb561c63786b45a585a (diff) | |
| download | upstream-18c6b99666acc98238013b081b9cdaf2ab4d06d9.tar.gz upstream-18c6b99666acc98238013b081b9cdaf2ab4d06d9.tar.bz2 upstream-18c6b99666acc98238013b081b9cdaf2ab4d06d9.zip | |
util-linux: Update to version 2.37.3
This release fixes two security mount(8) and umount(8) issues:
CVE-2021-3996
Improper UID check in libmount allows an unprivileged user to unmount FUSE
filesystems of users with similar UID.
CVE-2021-3995
This issue is related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Diffstat (limited to 'package/utils')
| -rw-r--r-- | package/utils/util-linux/Makefile | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/package/utils/util-linux/Makefile b/package/utils/util-linux/Makefile index a532aaf769..f2d58b413f 100644 --- a/package/utils/util-linux/Makefile +++ b/package/utils/util-linux/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=util-linux -PKG_VERSION:=2.37 +PKG_VERSION:=2.37.3 PKG_RELEASE:=$(AUTORELEASE) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@KERNEL/linux/utils/$(PKG_NAME)/v2.37 -PKG_HASH:=bd07b7e98839e0359842110525a3032fdb8eaf3a90bedde3dd1652d32d15cce5 +PKG_HASH:=590c592e58cd6bf38519cb467af05ce6a1ab18040e3e3418f24bcfb2f55f9776 PKG_CPE_ID:=cpe:/a:kernel:util-linux PKG_LICENSE:=GPL-2.0-only |