Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

openSUSE Leap 42.3 Security Update: 2018:2203-1 Moderate Util-linux Fixes

opensuse
Calendar Grey August 6, 2018
Dist Opensuse Esm H88
In response to a significant security risk, this release provides critical patches for Fedora 34 users.
An update that solves one vulnerability and has three fixes is now available.

Description

This update for util-linux fixes the following issues:

This non-security issue was fixed:

- CVE-2018-7738: bash-completion/umount allowed local users to gain

privileges by embedding shell commands in a mountpoint name, which was

mishandled during a umount command by a different user (bsc#1084300).

These non-security issues were fixed:

- Fixed crash loop in lscpu (bsc#1072947).

- Fixed possible segfault of umount -a

- Fixed mount -a on NFS bind mounts (bsc#1080740).

- Fixed lsblk on NVMe (bsc#1078662).

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Topics%20covered

Topics Covered

security advisory moderate update patch util-linux system fix openSUSE Leap

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-805=1

Package List

- openSUSE Leap 42.3 (i586 x86_64):

libblkid-devel-2.29.2-8.1

libblkid-devel-static-2.29.2-8.1

libblkid1-2.29.2-8.1

libblkid1-debuginfo-2.29.2-8.1

libfdisk-devel-2.29.2-8.1

libfdisk-devel-static-2.29.2-8.1

libfdisk1-2.29.2-8.1

libfdisk1-debuginfo-2.29.2-8.1

libmount-devel-2.29.2-8.1

libmount-devel-static-2.29.2-8.1

libmount1-2.29.2-8.1

libmount1-debuginfo-2.29.2-8.1

libsmartcols-devel-2.29.2-8.1

libsmartcols-devel-static-2.29.2-8.1

libsmartcols1-2.29.2-8.1

libsmartcols1-debuginfo-2.29.2-8.1

libuuid-devel-2.29.2-8.1

libuuid-devel-static-2.29.2-8.1

libuuid1-2.29.2-8.1

libuuid1-debuginfo-2.29.2-8.1

python-libmount-2.29.2-8.1

python-libmount-debuginfo-2.29.2-8.1

python-libmount-debugsource-2.29.2-8.1

util-linux-2.29.2-8.1

util-linux-debuginfo-2.29.2-8.1

util-linux-debugsource-2.29.2-8.1

util-linux-systemd-2.29.2-8.1

util-linux-systemd-debuginfo-2.29.2-8.1

util-linux-systemd-debugsource-2.29.2-8.1

uuidd-2.29.2-8.1

uuidd-debuginfo-2.29.2-8.1

- openSUSE Leap 42.3 (x86_64):

libblkid-devel-32bit-2.29.2-8.1

libblkid1-32bit-2.29....

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2018-7738.html

https://bugzilla.suse.com/1072947

https://bugzilla.suse.com/1078662

https://bugzilla.suse.com/1080740

https://bugzilla.suse.com/1084300

--

Announcement ID: openSUSE-SU-2018:2203-1
Rating: moderate
Affected Products: openSUSE Leap 42.3 le.

Topics%20covered

Topics Covered

security advisory moderate update patch util-linux system fix openSUSE Leap

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here