Security update for util-linux
SUSE Patch
security@suse.de
SUSE Security Team
SUSE-SU-2016:2954-1
Final
1
1
2016-11-30T12:56:19Z
current
2016-11-30T12:56:19Z
2016-11-30T12:56:19Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for util-linux
This update for util-linux fixes the following issues:
- Consider redundant slashes when comparing paths (bsc#982331,
util-linux-libmount-ignore-redundant-slashes.patch, affects
backport of util-linux-libmount-cifs-is_mounted.patch).
- Use upstream compatibility patches for --show-pt-geometry with
obsolescence and deprecation warning (bsc#990531)
- Replace cifs mount detection patch with upstream one that covers
all cases (bsc#987176).
- Reuse existing loop device to prevent possible data corruption
when multiple -o loop are used to mount a single file
(bsc#947494)
- Safe loop re-use in libmount, mount and losetup (bsc#947494)
- UPSTREAM DIVERGENCE!!!
losetup -L continues to use SLE12 SP1 and SP2 specific meaning
--logical-blocksize instead of upstream --nooverlap (bsc#966891).
- Make release-dependent conflict with old sysvinit-tools SLE
specific, as it is required only for SLE 11 upgrade,
and breaks openSUSE staging builds (bsc#994399).
- Extended partition loop in MBR partition table leads to DoS
(bsc#988361, CVE-2016-5011)
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
SUSE-SLE-DESKTOP-12-SP2-2016-1729,SUSE-SLE-RPI-12-SP2-2016-1729,SUSE-SLE-SDK-12-SP2-2016-1729,SUSE-SLE-SERVER-12-SP2-2016-1729,SUSE-SLE-WE-12-SP2-2016-1729
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://www.suse.com/support/update/announcement/2016/suse-su-20162954-1/
Link for SUSE-SU-2016:2954-1
https://lists.suse.com/pipermail/sle-security-updates/2016-November/002432.html
E-Mail link for SUSE-SU-2016:2954-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/947494
SUSE Bug 947494
https://bugzilla.suse.com/966891
SUSE Bug 966891
https://bugzilla.suse.com/982331
SUSE Bug 982331
https://bugzilla.suse.com/987176
SUSE Bug 987176
https://bugzilla.suse.com/988361
SUSE Bug 988361
https://bugzilla.suse.com/990531
SUSE Bug 990531
https://bugzilla.suse.com/994399
SUSE Bug 994399
https://www.suse.com/security/cve/CVE-2016-5011/
SUSE CVE CVE-2016-5011 page
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP2
libblkid1-2.28-42.1
libblkid1-32bit-2.28-42.1
libfdisk1-2.28-42.1
libmount1-2.28-42.1
libmount1-32bit-2.28-42.1
libsmartcols1-2.28-42.1
libuuid-devel-2.28-42.1
libuuid1-2.28-42.1
libuuid1-32bit-2.28-42.1
python-libmount-2.28-42.4
util-linux-2.28-42.1
util-linux-lang-2.28-42.1
util-linux-systemd-2.28-42.3
uuidd-2.28-42.3
libblkid-devel-2.28-42.1
libmount-devel-2.28-42.1
libsmartcols-devel-2.28-42.1
libblkid1-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libblkid1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libfdisk1-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libmount1-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libmount1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libsmartcols1-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libuuid-devel-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libuuid1-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
libuuid1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
python-libmount-2.28-42.4 as a component of SUSE Linux Enterprise Desktop 12 SP2
util-linux-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
util-linux-lang-2.28-42.1 as a component of SUSE Linux Enterprise Desktop 12 SP2
util-linux-systemd-2.28-42.3 as a component of SUSE Linux Enterprise Desktop 12 SP2
uuidd-2.28-42.3 as a component of SUSE Linux Enterprise Desktop 12 SP2
libblkid1-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
libblkid1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
libfdisk1-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
libmount1-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
libmount1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
libsmartcols1-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
libuuid1-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
libuuid1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
python-libmount-2.28-42.4 as a component of SUSE Linux Enterprise Server 12 SP2
util-linux-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
util-linux-lang-2.28-42.1 as a component of SUSE Linux Enterprise Server 12 SP2
util-linux-systemd-2.28-42.3 as a component of SUSE Linux Enterprise Server 12 SP2
uuidd-2.28-42.3 as a component of SUSE Linux Enterprise Server 12 SP2
libblkid1-2.28-42.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libfdisk1-2.28-42.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libmount1-2.28-42.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libsmartcols1-2.28-42.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libuuid1-2.28-42.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
python-libmount-2.28-42.4 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
util-linux-2.28-42.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
util-linux-lang-2.28-42.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
util-linux-systemd-2.28-42.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
uuidd-2.28-42.3 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
libblkid1-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libblkid1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libfdisk1-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libmount1-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libmount1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libsmartcols1-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libuuid1-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libuuid1-32bit-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
python-libmount-2.28-42.4 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
util-linux-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
util-linux-lang-2.28-42.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
util-linux-systemd-2.28-42.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
uuidd-2.28-42.3 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2
libblkid-devel-2.28-42.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libmount-devel-2.28-42.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libsmartcols-devel-2.28-42.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libuuid-devel-2.28-42.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2
libuuid-devel-2.28-42.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2
The parse_dos_extended function in partitions/dos.c in the libblkid library in util-linux allows physically proximate attackers to cause a denial of service (memory consumption) via a crafted MSDOS partition table with an extended partition boot record at zero offset.
CVE-2016-5011
SUSE Linux Enterprise Desktop 12 SP2:libblkid1-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libblkid1-32bit-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libfdisk1-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libmount1-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libmount1-32bit-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libsmartcols1-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libuuid-devel-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libuuid1-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:libuuid1-32bit-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:python-libmount-2.28-42.4
SUSE Linux Enterprise Desktop 12 SP2:util-linux-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:util-linux-lang-2.28-42.1
SUSE Linux Enterprise Desktop 12 SP2:util-linux-systemd-2.28-42.3
SUSE Linux Enterprise Desktop 12 SP2:uuidd-2.28-42.3
SUSE Linux Enterprise Server 12 SP2:libblkid1-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:libblkid1-32bit-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:libfdisk1-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:libmount1-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:libmount1-32bit-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:libsmartcols1-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:libuuid1-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:libuuid1-32bit-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:python-libmount-2.28-42.4
SUSE Linux Enterprise Server 12 SP2:util-linux-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:util-linux-lang-2.28-42.1
SUSE Linux Enterprise Server 12 SP2:util-linux-systemd-2.28-42.3
SUSE Linux Enterprise Server 12 SP2:uuidd-2.28-42.3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libblkid1-2.28-42.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libfdisk1-2.28-42.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libmount1-2.28-42.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libsmartcols1-2.28-42.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:libuuid1-2.28-42.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:python-libmount-2.28-42.4
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:util-linux-2.28-42.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:util-linux-lang-2.28-42.1
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:util-linux-systemd-2.28-42.3
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:uuidd-2.28-42.3
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libblkid1-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libblkid1-32bit-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libfdisk1-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmount1-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libmount1-32bit-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libsmartcols1-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libuuid1-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:libuuid1-32bit-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:python-libmount-2.28-42.4
SUSE Linux Enterprise Server for SAP Applications 12 SP2:util-linux-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:util-linux-lang-2.28-42.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2:util-linux-systemd-2.28-42.3
SUSE Linux Enterprise Server for SAP Applications 12 SP2:uuidd-2.28-42.3
SUSE Linux Enterprise Software Development Kit 12 SP2:libblkid-devel-2.28-42.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libmount-devel-2.28-42.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libsmartcols-devel-2.28-42.1
SUSE Linux Enterprise Software Development Kit 12 SP2:libuuid-devel-2.28-42.1
SUSE Linux Enterprise Workstation Extension 12 SP2:libuuid-devel-2.28-42.1
low
2.1
AV:L/AC:L/Au:N/C:N/I:N/A:P
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
https://www.suse.com/support/update/announcement/2016/suse-su-20162954-1/
https://www.suse.com/security/cve/CVE-2016-5011.html
CVE-2016-5011
https://bugzilla.suse.com/988361
SUSE Bug 988361