The remaining autopkgtest failures are due to the following unrelated
bugs:
cmake-extras/armhf: bug 2052360
livecd-rootfs/amd64: bug 2045586
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
I'll also note that the patch actually disables `libreadline` support in
chfn/chsh, so whoever was rebuilding these from source will get this
change in behavior. But that's how upstream decided to handle this going
forward.
** Changed in: util-linux (Ubuntu Jammy)
Status: In Progress =>
@ahasenack - thanks for asking these questions.
I do know of a user rebuilding jammy's util-linux. The build recipe I've
seen installs these binaries. I don't know the risk that they might
become setuid. This CVE I noticed as being fixed in a later version of
util-linux, but not in jammy. I then
> However, some users are known to build their own binaries from this Ubuntu
> source and therefore could be
> impacted.
Do you know of users rebuilding specifically util-linux and enabling
those tools? What was it about this specific CVE and specifically util-
linux that caught your attention
** Also affects: util-linux (Ubuntu Noble)
Importance: Undecided
Status: Fix Released
** Also affects: util-linux (Ubuntu Mantic)
Importance: Undecided
Status: New
** Also affects: util-linux (Ubuntu Lunar)
Importance: Undecided
Status: New
** Changed in:
5 matches
Mail list logo
