lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20220214110609.msiwlm457ngoic6w@ws.net.home>
Date:   Mon, 14 Feb 2022 12:06:09 +0100
From:   Karel Zak <kzak@...hat.com>
To:     linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        util-linux@...r.kernel.org
Subject: [ANNOUNCE] util-linux v2.37.4


The util-linux release v2.37.4 is available at
            
  http://www.kernel.org/pub/linux/utils/util-linux/v2.37/
 
Feedback and bug reports, as always, are welcomed.


This release fixes security issue in chsh(1) and chfn(8) when
util-linux compiled with libreadline.

CVE-2022-0563

  The readline library uses INPUTRC= environment variable to get a path
  to the library config file. When the library cannot parse the
  specified file, it prints an error message containing data from the
  file.

  Unfortunately, the library does not use secure_getenv() (or a similar
  concept), or sanitize the config file path to avoid vulnerabilities that
  could occur if set-user-ID or set-group-ID programs.


Note, this vulnerability has been reproduced on chfn(8), but this command
requires enabled CHFN_RESTRICT setting in /etc/login.defs. This setting 
may be disabled by default.


-- 
 Karel Zak  <kzak@...hat.com>
 http://karelzak.blogspot.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ