a5015f1025
From https://www.kernel.org/pub/linux/utils/util-linux/v2.29/v2.29.2-ReleaseNotes This release fixes su(1) security issue CVE-2017-2616: It is possible for any local user to send SIGKILL to other processes with root privileges. To exploit this, the user must be able to perform su with a successful login. SIGKILL can only be sent to processes which were executed after the su process. It is not possible to send SIGKILL to processes which were already running. Drop upstream patches and autoreconf since it's no longer required. [Peter: extend commit message with CVE info / description] Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
---|---|---|
.. | ||
0001-build-sys-use-lm-for-scriptreplay-if-necessary.patch | ||
Config.in | ||
Config.in.host | ||
su.pam | ||
util-linux.hash | ||
util-linux.mk |