“util-linux” 2.16-1ubuntu5.1 source package in The Karmic Koala

Publishing history

OBSOLETE: Karmic pocket Updates in component main and section base
OBSOLETE: Karmic pocket Security in component main and section base



util-linux (2.16-1ubuntu5.1) karmic-security; urgency=low

  * SECURITY UPDATE: arbitrary unmount with fuse (LP: #670622)
    - This update adds support for new options required by the fuse
      security update.
    - mount/mount.{c,8},mount/umount.{c,8},mount/sundries.{c,h}: Add
      --no-canonicalize option to avoid unwanted readlink() calls.
      - http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=45fc569a75
      - http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=be9adec40f
      - http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=387ade2a24
    - mount/umount.{c,8}: Add --fake option to umount(8), which omits
      calling the actual umount syscall (and the loop device deletion) but
      modifies /etc/mtab.
      - http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=97a3cef4f1
    - mount/devname.c: "Spec" was still canonicalized despite
      --no-canonicalize.  This resulted in a hang during login with
      pam_encfs. (Debian Bug #593336)
      - http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=1cf4c20b19
    - CVE-2010-3879
 -- Marc Deslauriers <email address hidden>   Thu, 09 Dec 2010 14:07:08 -0500