Univention Bugzilla – Bug 57214
util-linux: Multiple issues (5.0)
Last modified: 2024-04-11 14:16:08 CEST
New Debian util-linux 2.33.1-0.1+deb10u1 fixes: This update addresses the following issues: 2.33.1-0.1+deb10u1 (Sun, 07 Apr 2024 00:33:55 +0200) * Non-maintainer upload by the LTS Security Team. * Fix CVE-2021-37600: Potential integer overflow in ipcutils.c. * Fix CVE-2024-28085: Escape sequence injection in wall(1). * Prerequisite for the CVE-2024-28085 fix: Backport upstream changes to use fputs_careful() in order to handle UTF-8 characters. * d/rules: Build with --disable-use-tty-group to avoid installing wall(1) setgid tty.
--- mirror/ftp/pool/main/u/util-linux/util-linux_2.33.1-0.1.dsc +++ apt/ucs_5.0-0-errata5.0-7/source/util-linux_2.33.1-0.1+deb10u1.dsc @@ -1,3 +1,15 @@ +2.33.1-0.1+deb10u1 [Sun, 07 Apr 2024 00:33:55 +0200] Guilhem Moulin <guilhem@debian.org>: + + * Non-maintainer upload by the LTS Security Team. + * Fix CVE-2021-37600: Potential integer overflow in ipcutils.c. + (Closes: #991619) + * Fix CVE-2024-28085: Escape sequence injection in wall(1). + (Closes: #1067849) + * Prerequisite for the CVE-2024-28085 fix: Backport upstream changes to use + fputs_careful() in order to handle UTF-8 characters. (Closes: #826596) + * d/rules: Build with --disable-use-tty-group to avoid installing wall(1) + setgid tty. + 2.33.1-0.1 [Thu, 10 Jan 2019 09:30:43 +0100] Andreas Henriksson <andreas@fatal.se>: * Non-maintainer upload. <http://piuparts.knut.univention.de/5.0-7/#2622923258634212965>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-7] be68b8b3d9 Bug #57214: util-linux 2.33.1-0.1+deb10u1 doc/errata/staging/util-linux.yaml | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) [5.0-7] 071d1471a9 Bug #57214: util-linux 2.33.1-0.1+deb10u1 doc/errata/staging/util-linux.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x1023>