Ubuntu
multipath-tools package

multipath-tools 0.8.8-1ubuntu1.22.10.1 source package in Ubuntu

Changelog

multipath-tools (0.8.8-1ubuntu1.22.10.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: symlink attack
    - debian/patches/CVE-2022-41973.patch: use /run instead of /dev/shm in
      .gitignore, Makefile.inc, libmultipath/defaults.h,
      multipath/Makefile, multipath/multipath.rules.in,
      multipath/tmpfiles.conf.in.
    - debian/multipath-tools.install: install tmpfiles.d/multipath.conf.
    - debian/rules: copy udev rule after build.
    - CVE-2022-41973
  * SECURITY UPDATE: authorization bypass
    - debian/patches/CVE-2022-41974-pre1.patch: fix command completion in
      interactive mode in multipathd/callbacks.c, multipathd/cli.c,
      multipathd/cli_handlers.c, multipathd/main.c.
    - debian/patches/CVE-2022-41974.patch: more robust command parsing in
      multipathd/callbacks.c, multipathd/cli.c, multipathd/cli.h,
      multipathd/cli_handlers.c, multipathd/uxlsnr.c.
    - debian/patches/CVE-2022-41974-2.patch: fix command completion with
      robust parser in multipathd/cli.c, multipathd/cli.h,
      multipathd/uxlsnr.c.
    - debian/patches/CVE-2022-41974-3.patch: add test for command parsing
      in Makefile.inc, tests/Makefile, tests/cli.c, multipathd/cli.h,
      multipathd/cli.c.
    - debian/patches/CVE-2022-41974-4.patch: fix memory leak handling
      invalid commands in multipathd/uxlsnr.c.
    - CVE-2022-41974

 -- Marc Deslauriers <email address hidden>  Fri, 28 Oct 2022 14:43:41 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Kinetic
Original maintainer:
Ubuntu Developers
Architectures:
linux-any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
multipath-tools_0.8.8.orig.tar.gz 515.1 KiB ff45ddb18a1effbfbe5712f513dd3b7146c68141091fc1c2489af8d6197026ef
multipath-tools_0.8.8-1ubuntu1.22.10.1.debian.tar.xz 58.6 KiB 901b23e8047ed7f119aa49e3ec3025dd20283d60e8f0ae0e99466d8001ee407e
multipath-tools_0.8.8-1ubuntu1.22.10.1.dsc 2.7 KiB 5ed5804812dbfd660ac781a9b34c71e91a5fe9cd97e7cf3f6f34446b7f0f9bb3

View changes file

Binary packages built by this source

kpartx: No summary available for kpartx in ubuntu kinetic.

No description available for kpartx in ubuntu kinetic.

kpartx-boot: No summary available for kpartx-boot in ubuntu kinetic.

No description available for kpartx-boot in ubuntu kinetic.

kpartx-dbgsym: No summary available for kpartx-dbgsym in ubuntu kinetic.

No description available for kpartx-dbgsym in ubuntu kinetic.

multipath-tools: No summary available for multipath-tools in ubuntu kinetic.

No description available for multipath-tools in ubuntu kinetic.

multipath-tools-boot: No summary available for multipath-tools-boot in ubuntu kinetic.

No description available for multipath-tools-boot in ubuntu kinetic.

multipath-tools-dbgsym: No summary available for multipath-tools-dbgsym in ubuntu kinetic.

No description available for multipath-tools-dbgsym in ubuntu kinetic.