diff options
| author | Archaic <archaic@linuxfromscratch.org> | 2005-09-16 01:50:50 +0000 |
|---|---|---|
| committer | Archaic <archaic@linuxfromscratch.org> | 2005-09-16 01:50:50 +0000 |
| commit | be9755e592c2b42cafd03248e5c2d178790c9e81 (patch) | |
| tree | 34cff5196bb0fcdb593631187c620a6458541e35 | |
| parent | 447c9fa7b2ee7d6833ac7abd773f78ff9154d03c (diff) | |
Added a patch for util-linux to prevent a umount vulnerability.
git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@6856 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
| -rw-r--r-- | chapter01/changelog.xml | 4 | ||||
| -rw-r--r-- | chapter03/patches.xml | 6 | ||||
| -rw-r--r-- | chapter06/util-linux.xml | 5 | ||||
| -rw-r--r-- | patches.ent | 1 |
4 files changed, 16 insertions, 0 deletions
diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml index e5a93dfae..86771c90e 100644 --- a/chapter01/changelog.xml +++ b/chapter01/changelog.xml @@ -102,6 +102,7 @@ First a summary, then a detailed log.</para> <listitem><para>&perl-libc-patch;</para></listitem> <listitem><para>&tar-gcc4_fix-patch;</para></listitem> <listitem><para>&util-linux-reiser_crash-patch;</para></listitem> +<listitem><para>&util-linux-umount-patch;</para></listitem> <listitem><para>&vim-security_fix-patch;</para></listitem> </itemizedlist> </listitem> @@ -121,6 +122,9 @@ First a summary, then a detailed log.</para> </itemizedlist> </listitem> +<listitem><para>September 15, 2005 [archaic]: Added patch for util-linux to +prevent a umount vulnerability.</para></listitem> + <listitem><para>September 8, 2005 [jhuntwork]: Upgrade to groff-1.19.2</para> </listitem> diff --git a/chapter03/patches.xml b/chapter03/patches.xml index e155c227b..fa6e8c68e 100644 --- a/chapter03/patches.xml +++ b/chapter03/patches.xml @@ -198,6 +198,12 @@ needed to build an LFS system:</para> </varlistentry> <varlistentry> +<term>Util-linux Umount Fix Patch - 1 KB:</term> <listitem> +<para><ulink url="&patches-root;&util-linux-umount-patch;"/></para> +</listitem> +</varlistentry> + +<varlistentry> <term>Util-linux Reiser Crash Patch - 2 KB:</term> <listitem> <para><ulink url="&patches-root;&util-linux-reiser_crash-patch;"/></para> </listitem> diff --git a/chapter06/util-linux.xml b/chapter06/util-linux.xml index 37b8be852..b74eaadff 100644 --- a/chapter06/util-linux.xml +++ b/chapter06/util-linux.xml @@ -62,6 +62,11 @@ following patch to fix the problem:</para> <screen><userinput>patch -Np1 -i ../&util-linux-reiser_crash-patch;</userinput></screen> +<para>Util-linux has a security vulnerability that could allow a user to remount +a volume without the nosuid option. The following patch fixes this issue:</para> + +<screen><userinput>patch -Np1 -i ../&util-linux-umount-patch;</userinput></screen> + <para>Prepare Util-linux for compilation:</para> <screen><userinput>./configure</userinput></screen> diff --git a/patches.ent b/patches.ent index 2e75c5e42..6455ac2d5 100644 --- a/patches.ent +++ b/patches.ent @@ -42,6 +42,7 @@ <!ENTITY tar-gcc4_fix-patch "tar-&tar-version;-gcc4_fix_tests-1.patch"> <!ENTITY util-linux-cramfs-patch "util-linux-&util-linux-version;-cramfs-1.patch"> +<!ENTITY util-linux-umount-patch "util-linux-&util-linux-version;-umount_fix-1.patch"> <!ENTITY util-linux-reiser_crash-patch "util-linux-&util-linux-version;-reiser_crash-2.patch"> |