From d21e0cd8fa92ed896ad4eed9a200ca8740657686 Mon Sep 17 00:00:00 2001 From: heitbaum Date: Tue, 25 Jan 2022 20:58:26 +0000 Subject: [PATCH] util-linux: update to 2.37.3 update 2.37.2 (2021-08-16) to 2.37.3 (2022-01-24) Changelog: - https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ChangeLog util-linux 2.37.3 Release Notes =============================== This release fixes two security mount(8) and umount(8) issues: CVE-2021-3996 Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID. CVE-2021-3995 This issue is related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory. --- packages/sysutils/util-linux/package.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/sysutils/util-linux/package.mk b/packages/sysutils/util-linux/package.mk index ce9075df66..6a585e6a74 100644 --- a/packages/sysutils/util-linux/package.mk +++ b/packages/sysutils/util-linux/package.mk @@ -3,8 +3,8 @@ # Copyright (C) 2018-present Team LibreELEC (https://libreelec.tv) PKG_NAME="util-linux" -PKG_VERSION="2.37.2" -PKG_SHA256="6a0764c1aae7fb607ef8a6dd2c0f6c47d5e5fd27aa08820abaad9ec14e28e9d9" +PKG_VERSION="2.37.3" +PKG_SHA256="590c592e58cd6bf38519cb467af05ce6a1ab18040e3e3418f24bcfb2f55f9776" PKG_LICENSE="GPL" PKG_URL="https://www.kernel.org/pub/linux/utils/util-linux/v$(get_pkg_version_maj_min)/${PKG_NAME}-${PKG_VERSION}.tar.xz" PKG_DEPENDS_HOST="ccache:host autoconf:host automake:host intltool:host libtool:host pkg-config:host"