Описание
Security update for util-linux
This update for util-linux fixes the following issues:
This security issue was fixed:
- CVE-2017-2616: In su with PAM support it was possible for local users to send SIGKILL to selected other processes with root privileges (bsc#1023041).
This non-security issues were fixed:
- lscpu: Implement WSL detection and work around crash (bsc#1019332)
- fstrim: De-duplicate btrfs sub-volumes for 'fstrim -a' and bind mounts (bsc#1020077)
- Fix regressions in safe loop re-use patch set for libmount (bsc#1012504)
- Disable ro checks for mtab (bsc#1012632)
- Ensure that the option 'users,exec,dev,suid' work as expected on NFS mounts (bsc#1008965)
This update was imported from the SUSE:SLE-12-SP1:Update update project.
Список пакетов
openSUSE Leap 42.1
libblkid-devel-2.25-21.1
libblkid-devel-32bit-2.25-21.1
libblkid1-2.25-21.1
libblkid1-32bit-2.25-21.1
libmount-devel-2.25-21.1
libmount-devel-32bit-2.25-21.1
libmount1-2.25-21.1
libmount1-32bit-2.25-21.1
libsmartcols-devel-2.25-21.1
libsmartcols1-2.25-21.1
libuuid-devel-2.25-21.1
libuuid-devel-32bit-2.25-21.1
libuuid1-2.25-21.1
libuuid1-32bit-2.25-21.1
python-libmount-2.25-21.1
util-linux-2.25-21.1
util-linux-lang-2.25-21.1
util-linux-systemd-2.25-21.1
uuidd-2.25-21.1
Ссылки
- E-Mail link for openSUSE-SU-2017:0590-1
- SUSE Security Ratings
Описание
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
Затронутые продукты
openSUSE Leap 42.1:libblkid-devel-2.25-21.1
openSUSE Leap 42.1:libblkid-devel-32bit-2.25-21.1
openSUSE Leap 42.1:libblkid1-2.25-21.1
openSUSE Leap 42.1:libblkid1-32bit-2.25-21.1
Ссылки
- CVE-2017-2616
- SUSE Bug 1023041
- SUSE Bug 1123789