Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 23 Feb 2017 07:56:51 -0500
From: Assaf Gordon <assafgordon@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: util-linux 2.29.2 fixes CVE-2017-2616

Hello,

> On Feb 23, 2017, at 05:01, Marcus Meissner <meissner@...e.de> wrote:
> 
> On Thu, Feb 23, 2017 at 10:40:54AM +0100, Hanno Böck wrote:
>> 
>>> util-linux 2.29.2 fixes CVE-2017-2616, a race condition which allowed
>>> local users to kill other processes.
> 
> coreutils uses the same su.c codebase, so it is also affected.
> 

GNU Coreutils stopped installing 'su' by default in 2007,
and completely removed 'su' (including the 'su.c' source file)
in 2012.

See:
https://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=928dd737

regards,
 - assaf

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ