util-linux (2.37.2-4ubuntu3.5) jammy-security; urgency=medium
* d/p/ubuntu/su-pty-drop-caps.patch: harden 'su --pty' to temporarily lower
capabilities while proxying between stdin/stdout and the pty master. This
is to avoid su from being used to exploit kernel vulnerabilities.
-- Luci Stanescu <luci.stanescu@canonical.com> Fri, 06 Mar 2026 18:10:04 +0200
util-linux (2.37.2-4ubuntu3.4) jammy-security; urgency=medium
* SECURITY UPDATE: Improper neutralization of escape sequences in wall
- debian/rules: build with --disable-use-tty-group to properly remove
setgid bit from both wall and write.
- CVE-2024-28085
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Tue, 09 Apr 2024 11:32:56 -0400
util-linux (2.37.2-4ubuntu3.3) jammy-security; urgency=medium
* SECURITY UPDATE: Improper neutralization of escape sequences in wall
- debian/patches/upstream/CVE-2024-28085-pre1.patch: correctly handle
wide characters in include/carefulputc.h, login-utils/last.c,
term-utils/write.c.
- debian/patches/upstream/CVE-2024-28085-pre2.patch: convert homebrew
buffering to open_memstream() in term-utils/wall.c.
- debian/patches/upstream/CVE-2024-28085-pre3.patch: use
fputs_careful() in include/carefulputc.h, login-utils/last.c,
term-utils/wall.c, term-utils/write.c.
- debian/patches/upstream/CVE-2024-28085.patch: consolidate output on
the terminal in term-utils/wall.c.
- CVE-2024-28085
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 22 Mar 2024 08:25:19 -0400
util-linux (2.37.2-4ubuntu3.2) jammy; urgency=medium
* debian/patches/upstream/CVE-2022-0563.patch: Remove readline support
from chsh and chfn. Ubuntu does not ship these binaries, so this
only impacts parties building them from Ubuntu source. (CVE-2022-0563)
(LP: #2048092)
-- dann frazier <dann.frazier@canonical.com> Thu, 04 Jan 2024 11:41:57 -0700
util-linux (2.37.2-4ubuntu3.1) jammy; urgency=low
* Add ARM core support for Grace systems (LP: #2019856)
- /d/p/ubuntu/lp-2019856-add-missing-arm-cores.patch
-- Heather Lemon <heather.lemon@canonical.com> Fri, 19 May 2023 15:37:24 +0000
util-linux (2.37.2-4ubuntu3) jammy; urgency=medium
* Revert the change to libsmartcols that outputs shell parsable column
names when -P / --pairs is used in lsblk. The change breaks older
MAAS and curtin versions, such that they cannot deploy Jammy.
(LP: #1961542)
- d/p/ubuntu/lp-1961542-Revert-libsmartcols-sanitize-variable-names-on-ex.patch
-- Matthew Ruffell <matthew.ruffell@canonical.com> Mon, 21 Feb 2022 14:49:57 +1300
util-linux (2.37.2-4ubuntu2) jammy; urgency=medium
* SECURITY UPDATE: Unauthorized unmount of FUSE filesystems belonging to
users with similar uid
- debian/patches/upstream/CVE-2021-3995-1.patch: make sure mem2strcpy()
buffer is zeroized in include/strutils.h.
- debian/patches/upstream/CVE-2021-3995-2.patch: fix UID check for FUSE
umount in libmount/src/context_umount.c, libmount/src/mountP.h,
libmount/src/optstr.c.
- CVE-2021-3995
* SECURITY UPDATE: Unauthorized unmount in util-linux's libmount
- debian/patches/upstream/CVE-2021-3996-1.patch: remove support for
deleted mount table entries in libmount/src/tab_parse.c.
- debian/patches/upstream/CVE-2021-3996-2.patch: update mountinfo files
in tests/*.
- CVE-2021-3996
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 Feb 2022 07:21:37 -0500
util-linux (2.37.2-4ubuntu1) jammy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build hwclock with audit support.
- Drop debian/hwclock.rules and debian/util-linux.hwclock.default, recent
kernels sync the RTC automatically.
- Add sulogin-fallback-static-sh.patch: Add support for /bin/static-sh as
fallback if the regular shell fails to execute. Patch ported from
sysvinit. (see LP #505887)
- Add sulogin-lockedpwd.patch: Make sure file systems can be fixed on
machines with locked root accounts (as Ubuntu does by default). Don't
require --force for sulogin.
- Clean up weekly fstrim cron file, now a systemd timer unit.
- Allow to build without udeb packages.
- Update translations after changes to HiFive partition names
-- Mario Limonciello <superm1@gmail.com> Wed, 27 Oct 2021 00:35:24 -0500
util-linux (2.37.2-4) unstable; urgency=medium
[ Debian Janitor ]
* Use secure URI in Homepage field.
* Remove 1 obsolete maintscript entry.
* Re-export upstream signing key without extra signatures.
[ Chris Hofstaedtler ]
* Add upstream-applied patches for requested features
* Use more passive wording in hardlink.1
* fallocate: Let user choose larger buffers for IO reading
* Update HiFive partition names
Thanks to Alexandre Ghiti, Eduard Bloch (Closes: #994941)
* more: add upstream patch for "Erase line before writing the filename"
Thanks to Vincent Smeets (Closes: #992516)
* Apply upstream patch to remove accidental nbsp from blockdev output
(Closes: #996751)
* Apply upstreamed patch to fix FTBFS with mkswap on ext3 in cowbuilder.
Thanks to Mark Hindley <mark@hindley.org.uk> (Closes: #996764)
-- Chris Hofstaedtler <zeha@debian.org> Tue, 19 Oct 2021 14:02:14 +0000
util-linux (2.37.2-3) unstable; urgency=medium
* Disable --enable-raw (Closes: #994798)
-- Chris Hofstaedtler <zeha@debian.org> Tue, 21 Sep 2021 12:58:03 +0000
# For older changelog entries, run 'apt-get changelog libblkid1'
Generated by dwww version 1.14 on Sat Jun 13 11:26:28 CEST 2026.