Home Explore Help
Sign In
xry111
/
lfs-book-zh_CN
1
0
Fork 0
Files
Browse Source

Added a patch for util-linux to prevent a umount vulnerability.

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@6856 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
Archaic 20 years ago
parent
447c9fa7b2
commit
be9755e592
4 changed files with 16 additions and 0 deletions
Split View Show Diff Stats
  1. 4 0
      chapter01/changelog.xml
  2. 6 0
      chapter03/patches.xml
  3. 5 0
      chapter06/util-linux.xml
  4. 1 0
      patches.ent

+ 4 - 0
chapter01/changelog.xml
View File 

@@ -102,6 +102,7 @@ First a summary, then a detailed log.</para>
 
 <listitem><para>&perl-libc-patch;</para></listitem>
 
 <listitem><para>&tar-gcc4_fix-patch;</para></listitem>
 
 <listitem><para>&util-linux-reiser_crash-patch;</para></listitem>
 
+<listitem><para>&util-linux-umount-patch;</para></listitem>
 
 <listitem><para>&vim-security_fix-patch;</para></listitem>
 
 </itemizedlist>
 
 </listitem>
 
@@ -121,6 +122,9 @@ First a summary, then a detailed log.</para>
 
 </itemizedlist>
 
 </listitem>
 
 
+<listitem><para>September 15, 2005 [archaic]: Added patch for util-linux to
 
+prevent a umount vulnerability.</para></listitem>
 
+
 
 <listitem><para>September 8, 2005 [jhuntwork]: Upgrade to groff-1.19.2</para>
 
 </listitem>

+ 6 - 0
chapter03/patches.xml
View File 

@@ -197,6 +197,12 @@ needed to build an LFS system:</para>
 
 </listitem>
 
 </varlistentry>
 
 
+<varlistentry>
 
+<term>Util-linux Umount Fix Patch - 1 KB:</term> <listitem>
 
+<para><ulink url="&patches-root;&util-linux-umount-patch;"/></para>
 
+</listitem>
 
+</varlistentry>
 
+
 
 <varlistentry>
 
 <term>Util-linux Reiser Crash Patch - 2 KB:</term> <listitem>
 
 <para><ulink url="&patches-root;&util-linux-reiser_crash-patch;"/></para>

+ 5 - 0
chapter06/util-linux.xml
View File 

@@ -62,6 +62,11 @@ following patch to fix the problem:</para>
 
 
 <screen><userinput>patch -Np1 -i ../&util-linux-reiser_crash-patch;</userinput></screen>
 
 
+<para>Util-linux has a security vulnerability that could allow a user to remount
 
+a volume without the nosuid option. The following patch fixes this issue:</para>
 
+
 
+<screen><userinput>patch -Np1 -i ../&util-linux-umount-patch;</userinput></screen>
 
+
 
 <para>Prepare Util-linux for compilation:</para>
 
 
 <screen><userinput>./configure</userinput></screen>

+ 1 - 0
patches.ent
View File 

@@ -42,6 +42,7 @@
 
 <!ENTITY tar-gcc4_fix-patch "tar-&tar-version;-gcc4_fix_tests-1.patch">
 
 
 <!ENTITY util-linux-cramfs-patch "util-linux-&util-linux-version;-cramfs-1.patch">
 
+<!ENTITY util-linux-umount-patch "util-linux-&util-linux-version;-umount_fix-1.patch">
 
 
 <!ENTITY util-linux-reiser_crash-patch "util-linux-&util-linux-version;-reiser_crash-2.patch">