[ubuntu/kinetic-proposed] util-linux 2.38-4ubuntu1 (Accepted)

Michael Hudson-Doyle michael.hudson at ubuntu.com
Tue May 3 22:46:16 UTC 2022 

util-linux (2.38-4ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Build hwclock with audit support.
    - Drop debian/hwclock.rules and debian/util-linux.hwclock.default, recent
      kernels sync the RTC automatically.
    - Add sulogin-fallback-static-sh.patch: Add support for /bin/static-sh as
      fallback if the regular shell fails to execute. Patch ported from
      sysvinit. (see LP #505887)
    - Add sulogin-lockedpwd.patch: Make sure file systems can be fixed on
      machines with locked root accounts (as Ubuntu does by default). Don't
      require --force for sulogin.
  * Dropped changes, included upstream:
    - Revert the change to libsmartcols that outputs shell parsable column
      names when -P / --pairs is used in lsblk. The change breaks older
      MAAS and curtin versions, such that they cannot deploy Jammy.
      (LP: #1961542)
      - d/p/ubuntu/lp-1961542-Revert-libsmartcols-sanitize-variable-names-on-ex.patch
    - SECURITY UPDATE: Unauthorized unmount of FUSE filesystems belonging to
      users with similar uid
      - debian/patches/upstream/CVE-2021-3995-1.patch: make sure mem2strcpy()
        buffer is zeroized in include/strutils.h.
      - debian/patches/upstream/CVE-2021-3995-2.patch: fix UID check for FUSE
        umount in libmount/src/context_umount.c, libmount/src/mountP.h,
        libmount/src/optstr.c.
      - CVE-2021-3995
    - SECURITY UPDATE: Unauthorized unmount in util-linux's libmount
      - debian/patches/upstream/CVE-2021-3996-1.patch: remove support for
        deleted mount table entries in libmount/src/tab_parse.c.
      - debian/patches/upstream/CVE-2021-3996-2.patch: update mountinfo files
        in tests/*.
      - CVE-2021-3996
    - Update translations after changes to HiFive partition names
  * Stop cleaning up weekly fstrim cron file as it has been gone since
    Bionic.

Date: Wed, 04 May 2022 10:30:45 +1200
Changed-By: Michael Hudson-Doyle <michael.hudson at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/util-linux/2.38-4ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 04 May 2022 10:30:45 +1200
Source: util-linux
Built-For-Profiles: noudeb
Architecture: source
Version: 2.38-4ubuntu1
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Michael Hudson-Doyle <michael.hudson at ubuntu.com>
Launchpad-Bugs-Fixed: 1961542
Changes:
 util-linux (2.38-4ubuntu1) kinetic; urgency=medium
 .
   * Merge from Debian unstable. Remaining changes:
     - Build hwclock with audit support.
     - Drop debian/hwclock.rules and debian/util-linux.hwclock.default, recent
       kernels sync the RTC automatically.
     - Add sulogin-fallback-static-sh.patch: Add support for /bin/static-sh as
       fallback if the regular shell fails to execute. Patch ported from
       sysvinit. (see LP #505887)
     - Add sulogin-lockedpwd.patch: Make sure file systems can be fixed on
       machines with locked root accounts (as Ubuntu does by default). Don't
       require --force for sulogin.
   * Dropped changes, included upstream:
     - Revert the change to libsmartcols that outputs shell parsable column
       names when -P / --pairs is used in lsblk. The change breaks older
       MAAS and curtin versions, such that they cannot deploy Jammy.
       (LP: #1961542)
       - d/p/ubuntu/lp-1961542-Revert-libsmartcols-sanitize-variable-names-on-ex.patch
     - SECURITY UPDATE: Unauthorized unmount of FUSE filesystems belonging to
       users with similar uid
       - debian/patches/upstream/CVE-2021-3995-1.patch: make sure mem2strcpy()
         buffer is zeroized in include/strutils.h.
       - debian/patches/upstream/CVE-2021-3995-2.patch: fix UID check for FUSE
         umount in libmount/src/context_umount.c, libmount/src/mountP.h,
         libmount/src/optstr.c.
       - CVE-2021-3995
     - SECURITY UPDATE: Unauthorized unmount in util-linux's libmount
       - debian/patches/upstream/CVE-2021-3996-1.patch: remove support for
         deleted mount table entries in libmount/src/tab_parse.c.
       - debian/patches/upstream/CVE-2021-3996-2.patch: update mountinfo files
         in tests/*.
       - CVE-2021-3996
     - Update translations after changes to HiFive partition names
   * Stop cleaning up weekly fstrim cron file as it has been gone since
     Bionic.
Checksums-Sha1:
 72934b765ceaed39e9f6e161b692052727bf0bb0 4608 util-linux_2.38-4ubuntu1.dsc
 e918e490cee229a0dddafd569b477fe0bcc567f6 100876 util-linux_2.38-4ubuntu1.debian.tar.xz
 f2d2bdba5a77ca54926ea4e9ddab2caabdc01fcd 8880 util-linux_2.38-4ubuntu1_source.buildinfo
Checksums-Sha256:
 f3b412eff88fbd755f86e540920f19833ec8e2dfd5f62aa31b8585cc554a7cda 4608 util-linux_2.38-4ubuntu1.dsc
 5c96992f7db352e1e288fd9062965ce5831842247394318648965ac4072a5eb6 100876 util-linux_2.38-4ubuntu1.debian.tar.xz
 a510e8d7b28ee1f2967e30ca8e742e3b16117d949bdeeb715c6ec2072323845e 8880 util-linux_2.38-4ubuntu1_source.buildinfo
Files:
 a41100674d6233b940a5e279a54da4b7 4608 base required util-linux_2.38-4ubuntu1.dsc
 6151405c3b0fabbac1e077e43d0c95a2 100876 base required util-linux_2.38-4ubuntu1.debian.tar.xz
 75c5d88dd00e974c79f9c58a1d279b6a 8880 base required util-linux_2.38-4ubuntu1_source.buildinfo
Original-Maintainer: util-linux packagers <util-linux at packages.debian.org>
Vcs-Git: https://git.launchpad.net/~mwhudson/ubuntu/+source/util-linux
Vcs-Git-Ref: refs/heads/merge
Vcs-Git-Commit: 38c15c1b7dea3652b836529d4dbe1256987262c2

More information about the kinetic-changes mailing list