[ANNOUNCE] util-linux v2.37.4

From: Karel Zak
Date: Mon Feb 14 2022 - 06:28:35 EST

Next message: Daniel Bristot de Oliveira: "[RFC V2 06/21] tools/rv: Add dot2c"
Previous message: Helge Deller: "Re: [PATCH] fat: Use pointer to d_name[0] in put_user() for compat case"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The util-linux release v2.37.4 is available at

http://www.kernel.org/pub/linux/utils/util-linux/v2.37/

Feedback and bug reports, as always, are welcomed.

This release fixes security issue in chsh(1) and chfn(8) when
util-linux compiled with libreadline.

CVE-2022-0563

The readline library uses INPUTRC= environment variable to get a path
to the library config file. When the library cannot parse the
specified file, it prints an error message containing data from the
file.

Unfortunately, the library does not use secure_getenv() (or a similar
concept), or sanitize the config file path to avoid vulnerabilities that
could occur if set-user-ID or set-group-ID programs.

Note, this vulnerability has been reproduced on chfn(8), but this command
requires enabled CHFN_RESTRICT setting in /etc/login.defs. This setting
may be disabled by default.

--
Karel Zak <kzak@xxxxxxxxxx>
http://karelzak.blogspot.com

Next message: Daniel Bristot de Oliveira: "[RFC V2 06/21] tools/rv: Add dot2c"
Previous message: Helge Deller: "Re: [PATCH] fat: Use pointer to d_name[0] in put_user() for compat case"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]