[openwrt/openwrt] util-linux: Update to version 2.37.3

LEDE Commits lede-commits at lists.infradead.org
Tue Feb 1 12:45:50 PST 2022


hauke pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/18c6b99666acc98238013b081b9cdaf2ab4d06d9

commit 18c6b99666acc98238013b081b9cdaf2ab4d06d9
Author: Hauke Mehrtens <hauke at hauke-m.de>
AuthorDate: Sat Jan 29 12:01:19 2022 +0100

    util-linux: Update to version 2.37.3
    
    This release fixes two security mount(8) and umount(8) issues:
    
    CVE-2021-3996
        Improper UID check in libmount allows an unprivileged user to unmount FUSE
        filesystems of users with similar UID.
    
    CVE-2021-3995
        This issue is related to parsing the /proc/self/mountinfo file allows an
        unprivileged user to unmount other user's filesystems that are either
        world-writable themselves or mounted in a world-writable directory.
    
    Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
---
 package/utils/util-linux/Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/utils/util-linux/Makefile b/package/utils/util-linux/Makefile
index a532aaf769..f2d58b413f 100644
--- a/package/utils/util-linux/Makefile
+++ b/package/utils/util-linux/Makefile
@@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=util-linux
-PKG_VERSION:=2.37
+PKG_VERSION:=2.37.3
 PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=@KERNEL/linux/utils/$(PKG_NAME)/v2.37
-PKG_HASH:=bd07b7e98839e0359842110525a3032fdb8eaf3a90bedde3dd1652d32d15cce5
+PKG_HASH:=590c592e58cd6bf38519cb467af05ce6a1ab18040e3e3418f24bcfb2f55f9776
 PKG_CPE_ID:=cpe:/a:kernel:util-linux
 
 PKG_LICENSE:=GPL-2.0-only



More information about the lede-commits mailing list