Fedora Legacy Test Update Notification: util-linux and mount

Marc Deslauriers marcdeslauriers at videotron.ca
Sat Nov 19 16:03:21 UTC 2005 

---------------------------------------------------------------------
Fedora Legacy Test Update Notification
FEDORALEGACY-2005-168326
Bugzilla https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168326
2005-11-19
---------------------------------------------------------------------

Name        : util-linux and mount
Versions    : rh73: util-linux-2.11n-12.7.3.2.legacy
Versions    : rh9: util-linux-2.11y-9.2.legacy
Versions    : fc1: util-linux-2.11y-29.2.legacy
Versions    : fc2: util-linux-2.12-19.1.legacy
Summary     : A collection of basic system utilities.
Description :
The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function. Among
others, Util-linux contains the fdisk configuration tool and the login
program.

---------------------------------------------------------------------
Update Information:

Updated util-linux and mount packages that fix a security issue are
now available.

The util-linux package contains a large variety of low-level system
utilities that are necessary for a Linux system to function.

The mount package contains the mount, umount, swapon and swapoff
programs.

A bug was found in the way the umount command is executed by normal
users. It may be possible for a user to gain elevated privileges if the
user is able to execute the "umount -r" command on a mounted file
system. The file system will be re-mounted only with the "readonly" flag
set, clearing flags such as "nosuid" and "noexec". The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2005-2876 to this issue.

All users of util-linux and mount should upgrade to these updated
packages, which contain a backported patch to correct this issue.

---------------------------------------------------------------------
Changelogs

rh73:
* Thu Nov 17 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
2.11n-12.7.3.2.legacy
- Added missing gettext BuildRequires

* Tue Oct 11 2005 Jeff Sheltren <sheltren at cs.ucsb.edu> 2.11n-12.7.3.1.legacy
- Patch for CAN-2005-2876 (#168326)

rh9:
* Thu Nov 17 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
2.11y-9.2.legacy
- Added missing gettext to BuildRequires

* Tue Oct 11 2005 Jeff Sheltren <sheltren at cs.ucsb.edu> 2.11y-9.1.legacy
- Patch for CAN-2005-2876 (#168326)

fc1:
* Thu Nov 17 2005 Marc Deslauriers <marcdeslauriers at videotron.ca>
2.11y-29.2.legacy
- Added missing gettext to BuildRequires

* Tue Oct 11 2005 Jeff Sheltren <sheltren at cs.ucsb.edu> 2.11y-29.1.legacy
- Patch for CAN-2005-2876 (#168326)

fc2:
* Tue Oct 11 2005 Jeff Sheltren <sheltren at cs.ucsb.edu> 2.12-19.1.legacy
- Patch for CAN-2005-2876 (#168326)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/
(sha1sums)

rh73:
437139c00fbc4109ea3cd66b88a778a023d07298
redhat/7.3/updates-testing/i386/mount-2.11n-12.7.3.2.legacy.i386.rpm
e39b80b435a545f87878cb2d4f6e89d89ec2c88f
redhat/7.3/updates-testing/i386/util-linux-2.11n-12.7.3.2.legacy.i386.rpm
0c671214cb28d21b71917d04e4cdce3240515b45
redhat/7.3/updates-testing/i386/losetup-2.11n-12.7.3.2.legacy.i386.rpm
a35553671d54999b0929f42a1283252b1cab1d18
redhat/7.3/updates-testing/SRPMS/util-linux-2.11n-12.7.3.2.legacy.src.rpm

rh9:
cbe71d4ed7c39c0ed186a548c194c44e3328595b
redhat/9/updates-testing/i386/mount-2.11y-9.2.legacy.i386.rpm
926ae6d1c9f6d5309ab24c712cbe2a3ec97bba1c
redhat/9/updates-testing/i386/util-linux-2.11y-9.2.legacy.i386.rpm
969d19231dc24415f7d761539b59ba772c716a36
redhat/9/updates-testing/i386/losetup-2.11y-9.2.legacy.i386.rpm
9ac87483879c1df0ed9c100081e19b7614af8f79
redhat/9/updates-testing/SRPMS/util-linux-2.11y-9.2.legacy.src.rpm

fc1:
881c066cf8ec3aa25450a7e8db2f43e55faaef40
fedora/1/updates-testing/i386/mount-2.11y-29.2.legacy.i386.rpm
f1b2f60ee7b5fb3149ab3b36133c930c6eecb788
fedora/1/updates-testing/i386/util-linux-2.11y-29.2.legacy.i386.rpm
501380711d59e946f1dab5a40b0906525393d766
fedora/1/updates-testing/i386/losetup-2.11y-29.2.legacy.i386.rpm
65519afd06a882abad31b847ad7053936dfd0ef4
fedora/1/updates-testing/SRPMS/util-linux-2.11y-29.2.legacy.src.rpm

fc2:
72c70f92397f84a3f021c6cef964fa0fb9b8cc57
fedora/2/updates-testing/i386/util-linux-2.12-19.1.legacy.i386.rpm
2c93eefe88d57118fc2ddfee7fd5949e3d58c38f
fedora/2/updates-testing/SRPMS/util-linux-2.12-19.1.legacy.src.rpm

---------------------------------------------------------------------

Please test and comment in bugzilla.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20051119/96c74b79/attachment.sig>

More information about the fedora-legacy-list mailing list