[Buildroot] [git commit] util-linux: security bump to version 2.29.2
Carlos Santos
casantos at datacom.ind.br
Thu Feb 23 15:42:54 UTC 2017
> From: "Peter Korsgaard" <peter at korsgaard.com>
> To: buildroot at buildroot.org
> Sent: Thursday, February 23, 2017 5:55:57 AM
> Subject: [Buildroot] [git commit] util-linux: security bump to version 2.29.2
> commit:
> https://git.buildroot.net/buildroot/commit/?id=a5015f1025a1aee173c2c2ab39ccac5ce38f30c3
> branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
>
> From
> https://www.kernel.org/pub/linux/utils/util-linux/v2.29/v2.29.2-ReleaseNotes
>
> This release fixes su(1) security issue CVE-2017-2616:
>
> It is possible for any local user to send SIGKILL to other processes with root
> privileges. To exploit this, the user must be able to perform su with a
> successful login. SIGKILL can only be sent to processes which were executed
> after the su process. It is not possible to send SIGKILL to processes which
> were already running.
Should not this go to next too, since it is a security fix?
--
Carlos Santos (Casantos) - DATACOM, P&D
“The greatest triumph that modern PR can offer is the transcendent
success of having your words and actions judged by your reputation,
rather than the other way about.” — Christopher Hitchens
More information about the buildroot
mailing list