Security update for util-linux

Announcement ID: SUSE-SU-2021:14693-1
Rating: important
References:
Cross-References:
CVSS scores:
Affected Products:
  • SUSE Linux Enterprise Point of Service 11 SP3

An update that solves one vulnerability and has nine security fixes can now be installed.

Description:

This update for util-linux fixes the following issues:

  • CVE-2015-5218: Prevent colcrt buffer overflow. (bsc#949754)

These non-security issues were fixed:

  • Mount crashes when trying to mount shmfs while SELinux is active. (bsc#1040414)
  • Fix lsblk -f on CCISS and other devices with nodes in /dev subdirectory. (bsc#924994)
  • Fix script(1) hang caused by mis-interpreted EOF on big-endian platforms. (bsc#930236)
  • Do not segfault when TERM is not defined or wrong. (bsc#903440)
  • Update and fix mount XFS documentation. (bsc#925705)
  • Fix recognition of /dev/dm-N partitions names. (bsc#931607)
  • Follow SUSE Linux Enterprise 11 device mapper partition names configuration. (bsc#931607)
  • Fix recognition of device mapper partitions. (bsc#923904)
  • Fix fsck -C {fd} parsing. (bsc#923777, bsc#903738)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Point of Service 11 SP3
    zypper in -t patch sleposp3-util-linux-14693=1

Package List:

  • SUSE Linux Enterprise Point of Service 11 SP3 (i586)
    • uuid-runtime-2.19.1-6.62.7.1
    • libblkid1-2.19.1-6.62.7.1
    • libuuid1-2.19.1-6.62.7.1
    • util-linux-2.19.1-6.62.7.1
    • util-linux-lang-2.19.1-6.62.7.1

References: