Nom du paquet
util-linux
Date
2013-04-29
Advisory ID
MDVSA-2013:154
Affected versions
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problem description

A vulnerability has been found and corrected in util-linux:

An information disclosure flaw was found in the way the mount command
reported errors. A local attacker could use this flaw to determine
the existence of files and directories they do not have access to
(CVE-2013-0157).

Additionally for Mandriva Enterprise Server 5 a patch was added to
support a new --no-canonicalize switch for mount to support the fix
for CVE-2010-3879 in fuse.

The updated packages have been patched to correct these issues.

Updated packages

MES5 i586

 564d206bc3fbe205b513215114bf00b8  mes5/i586/util-linux-ng-2.14.1-4.5mdvmes5.2.i586.rpm 
 f6419cfdb234ef90bb55383bf794075b  mes5/SRPMS/util-linux-ng-2.14.1-4.5mdvmes5.2.src.rpm

MBS1 x86_64

 021cf6fa62c0ed819ed207f92ed98e15  mbs1/x86_64/lib64blkid1-2.21.1-2.1.mbs1.x86_64.rpm
 b6045e31d00919d285513eac4089afaf  mbs1/x86_64/lib64blkid-devel-2.21.1-2.1.mbs1.x86_64.rpm
 e1b3aedae059e29a78f4a17a4b06bca6  mbs1/x86_64/lib64mount1-2.21.1-2.1.mbs1.x86_64.rpm
 7b80e099385e85cdb34671433f4a27a1  mbs1/x86_64/lib64mount-devel-2.21.1-2.1.mbs1.x86_64.rpm
 9822cd41d625a3f14f91194453993589  mbs1/x86_64/lib64uuid1-2.21.1-2.1.mbs1.x86_64.rpm
 2a4331643cc7d622b99ced61fef1599a  mbs1/x86_64/lib64uuid-devel-2.21.1-2.1.mbs1.x86_64.rpm
 e6a33fee978e7fa5340ae8c45b084e69  mbs1/x86_64/util-linux-2.21.1-2.1.mbs1.x86_64.rpm
 4c13d168b7923163c7dcd2ede53d8c11  mbs1/x86_64/uuidd-2.21.1-2.1.mbs1.x86_64.rpm 
 db4999c92ef86204f57700e4b8d75a36  mbs1/SRPMS/util-linux-2.21.1-2.1.mbs1.src.rpm

MES5 x86_64

 04ee13c6ade3dc2db9f082a6967605b1  mes5/x86_64/util-linux-ng-2.14.1-4.5mdvmes5.2.x86_64.rpm 
 f6419cfdb234ef90bb55383bf794075b  mes5/SRPMS/util-linux-ng-2.14.1-4.5mdvmes5.2.src.rpm

References