openSUSE Security Update : util-linux (openSUSE-2016-1317)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for util-linux fixes a number of bugs and one minor
security issue.

The following minor vulnerability was fixed :

- CVE-2016-5011: Infinite loop DoS in libblkid while
parsing DOS partition (bsc#988361)

The following bugs were fixed :

- bsc#987176: When mounting a subfolder of a CIFS share,
mount -a would show the mount as busy

- bsc#947494: mount -a would fail to recognize btrfs
already mounted, address loop re-use in libmount

- bsc#966891: Conflict in meaning of losetup -L. This
switch in SLE12 SP1 and SP2 continues to carry the
meaning of --logical-blocksize instead of upstream
--nooverlap

- bsc#994399: Package would trigger conflicts with
sysvinit-tools

- bsc#983164: mount uid= and gid= would reject valid non
UID/GID values

- bsc#978993: cfdisk would mangle some text output

- bsc#982331: libmount: ignore redundant slashes

This update was imported from the SUSE:SLE-12-SP1:Update update
project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=947494
https://bugzilla.opensuse.org/show_bug.cgi?id=966891
https://bugzilla.opensuse.org/show_bug.cgi?id=978993
https://bugzilla.opensuse.org/show_bug.cgi?id=982331
https://bugzilla.opensuse.org/show_bug.cgi?id=983164
https://bugzilla.opensuse.org/show_bug.cgi?id=987176
https://bugzilla.opensuse.org/show_bug.cgi?id=988361
https://bugzilla.opensuse.org/show_bug.cgi?id=994399

Solution :

Update the affected util-linux packages.

Risk factor :

Medium / CVSS Base Score : 4.7
(CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C)

Family: SuSE Local Security Checks

Nessus Plugin ID: 94951 ()

Bugtraq ID:

CVE ID: CVE-2016-5011

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now