Overview

File _patchinfo of Package patchinfo.3448

<patchinfo incident="3448">
  <issue id="987176" tracker="bnc">L3-Question: cifs: on subfolders mount error(16): Device or resource busy</issue>
  <issue id="990531" tracker="bnc">API incompatibility introduced</issue>
  <issue id="947494" tracker="bnc">L3-Question: mount -a fails to recognize btrfs already mounted</issue>
  <issue id="994399" tracker="bnc">util-linux: Conflicts:  sysvinit-tools &lt; 2.88+-87</issue>
  <issue id="966891" tracker="bnc">conflict in meaning of loop.h lo_flags bit 4 between SLE12 SP1 and linux-4.4</issue>
  <issue id="982331" tracker="bnc">nfs: user, exec options are not set - therefore umount as normal user failing</issue>
  <issue id="988361" tracker="bnc">VUL-1: CVE-2016-5011: util-linux: extended partition loop in MBR partition table leads to DoS</issue>
  <issue id="2016-5011" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>sbrabec</packager>
  <description>
This update for util-linux fixes the following issues:

- Consider redundant slashes when comparing paths (bsc#982331,
  util-linux-libmount-ignore-redundant-slashes.patch, affects
  backport of util-linux-libmount-cifs-is_mounted.patch).

- Use upstream compatibility patches for --show-pt-geometry with
  obsolescence and deprecation warning (bsc#990531)

- Replace cifs mount detection patch with upstream one that covers
  all cases (bsc#987176).

- Reuse existing loop device to prevent possible data corruption
  when multiple -o loop are used to mount a single file
  (bsc#947494)

- Safe loop re-use in libmount, mount and losetup (bsc#947494)

- UPSTREAM DIVERGENCE!!!
  losetup -L continues to use SLE12 SP1 and SP2 specific meaning
  --logical-blocksize instead of upstream --nooverlap (bsc#966891).

- Make release-dependent conflict with old sysvinit-tools SLE
  specific, as it is required only for SLE 11 upgrade,
  and breaks openSUSE staging builds (bsc#994399).

- Extended partition loop in MBR partition table leads to DoS
  (bsc#988361, CVE-2016-5011)

</description>
  <summary>Security update for util-linux</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places