update 2.37.4 to 2.38
release notes:
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38-ReleaseNotes
includes NEW COMMAND: lsfd
lsfd is a NEW COMMAND. lsfd is intended to be a modern replacement for lsof(8)
on Linux systems. Unlike lsof, lsfd is specialized to Linux kernel; it supports
Linux specific features like namespaces with simpler code. lsfd is not a
drop-in replacement for lsof; they are different in the command line interface
and output formats. lsfd uses Libsmartcols for output formatting and filtering.
For example: lsfd -Q 'ASSOC == "exe"' prints all running executables.
(Thanks to Masatake YAMATO)
/usr/bin/lsfd is 107760 bytes on Generic
man page here:
- https://github.com/util-linux/util-linux/blob/master/misc-utils/lsfd.1.adoc
util-linux 2.37.4 Release Notes
===============================
This release fixes security issue in chsh(1) and chfn(8):
CVE-2022-0563
The readline library uses INPUTRC= environment variable to get a path
to the library config file. When the library cannot parse the
specified file, it prints an error message containing data from the
file.
Unfortunately, the library does not use secure_getenv() (or a similar
concept), or sanitize the config file path to avoid vulnerabilities that
could occur if set-user-ID or set-group-ID programs.
update 2.37.2 (2021-08-16) to 2.37.3 (2022-01-24)
Changelog:
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ChangeLog
util-linux 2.37.3 Release Notes
===============================
This release fixes two security mount(8) and umount(8) issues:
CVE-2021-3996
Improper UID check in libmount allows an unprivileged user to unmount FUSE
filesystems of users with similar UID.
CVE-2021-3995
This issue is related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
