[ubuntu/focal-security] util-linux 2.34-0.1ubuntu9.3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Feb 9 13:21:37 UTC 2022
util-linux (2.34-0.1ubuntu9.3) focal-security; urgency=medium
* SECURITY UPDATE: Unauthorized unmount of FUSE filesystems belonging to
users with similar uid
- debian/patches/CVE-2021-3995-1.patch: make sure mem2strcpy() buffer
is zeroized in include/strutils.h.
- debian/patches/CVE-2021-3995-2.patch: fix UID check for FUSE umount
in libmount/src/context_umount.c, libmount/src/mountP.h,
libmount/src/optstr.c.
- CVE-2021-3995
* SECURITY UPDATE: Unauthorized unmount in util-linux's libmount
- debian/patches/CVE-2021-3996-1.patch: remove support for deleted
mount table entries in libmount/src/tab_parse.c.
- debian/patches/CVE-2021-3996-2.patch: update mountinfo files
in tests/*.
- CVE-2021-3996
Date: 2022-02-08 13:45:09.591412+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/util-linux/2.34-0.1ubuntu9.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list