util-linux - Debian Package Tracker

general

source: util-linux (main)
version: 2.42.1-6
maintainer: Chris Hofstaedtler (DMD)
arch: all any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.36.1-8+deb11u2
o-o-sec: 2.36.1-8+deb11u2
oldstable: 2.38.1-5+deb12u3
old-sec: 2.38.1-5+deb12u1
stable: 2.41-5
testing: 2.42.1-3
unstable: 2.42.1-6

versioned links

2.36.1-8+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.38.1-5+deb12u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.38.1-5+deb12u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.41-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.42.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.42.1-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.42.1-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

bsdextrautils (7 bugs: 0, 5, 2, 0)
bsdutils (4 bugs: 0, 4, 0, 0)
eject
eject-udeb
fdisk (6 bugs: 0, 5, 1, 0)
fdisk-udeb
lastlog2
libblkid-dev (1 bugs: 0, 0, 1, 0)
libblkid1 (2 bugs: 0, 2, 0, 0)
libblkid1-udeb
libfdisk-dev (1 bugs: 0, 0, 1, 0)
libfdisk1 (1 bugs: 0, 1, 0, 0)
libfdisk1-udeb
liblastlog2-2
liblastlog2-dev
libmount-dev
libmount1
libmount1-udeb
libpam-lastlog2 (2 bugs: 0, 2, 0, 0)
libsmartcols-dev
libsmartcols1
libsmartcols1-udeb
libuuid1
libuuid1-udeb
login (5 bugs: 1, 4, 0, 0)
mount (10 bugs: 0, 5, 5, 0)
rfkill
util-linux (43 bugs: 0, 25, 18, 0)
util-linux-extra (1 bugs: 0, 1, 0, 0)
util-linux-locales (1 bugs: 0, 1, 0, 0)
util-linux-udeb
uuid-dev
uuid-runtime

action needed

6 security issues in trixie high

There are 6 open security issues in trixie.

4 important issues:

CVE-2026-53612:
CVE-2026-53613:
CVE-2026-53614:
CVE-2026-53615:

2 issues left for the package maintainer to handle:

CVE-2026-3184: (needs triaging) A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.
CVE-2026-27456: (needs triaging) util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via fork() + setuid() + realpath(), but subsequently re-canonicalizes and opens it with root privileges (euid=0) without verifying that the path has not been replaced between both operations. Neither O_NOFOLLOW, nor inode comparison, nor post-open fstat() are employed. This allows a local unprivileged user to replace the source file with a symlink pointing to any root-owned file or device during the race window, causing the SUID binary to open and mount it as root. Exploitation requires an /etc/fstab entry with user,loop options whose path points to a directory where the attacker has write permission, and that /usr/bin/mount has the SUID bit set (the default configuration on virtually all Linux distributions). The impact is unauthorized read access to root-protected files and block devices, including backup images, disk volumes, and any file containing a valid filesystem. This issue has been patched in version 2.41.4.

You can find information about how to handle these issues in the security team's documentation.

Created: 2025-12-06 Last update: 2026-06-17 09:30

5 security issues in sid high

There are 5 open security issues in sid.

5 important issues:

CVE-2026-3184: A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.
CVE-2026-53612:
CVE-2026-53613:
CVE-2026-53614:
CVE-2026-53615:

Created: 2026-02-26 Last update: 2026-06-17 09:30

5 security issues in forky high

There are 5 open security issues in forky.

5 important issues:

CVE-2026-3184: A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.
CVE-2026-53612:
CVE-2026-53613:
CVE-2026-53614:
CVE-2026-53615:

Created: 2026-02-26 Last update: 2026-06-17 09:30

4 security issues in bookworm high

There are 4 open security issues in bookworm.

2 important issues:

CVE-2026-53613:
CVE-2026-53615:

1 issue left for the package maintainer to handle:

CVE-2026-27456: (needs triaging) util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via fork() + setuid() + realpath(), but subsequently re-canonicalizes and opens it with root privileges (euid=0) without verifying that the path has not been replaced between both operations. Neither O_NOFOLLOW, nor inode comparison, nor post-open fstat() are employed. This allows a local unprivileged user to replace the source file with a symlink pointing to any root-owned file or device during the race window, causing the SUID binary to open and mount it as root. Exploitation requires an /etc/fstab entry with user,loop options whose path points to a directory where the attacker has write permission, and that /usr/bin/mount has the SUID bit set (the default configuration on virtually all Linux distributions). The impact is unauthorized read access to root-protected files and block devices, including backup images, disk volumes, and any file containing a valid filesystem. This issue has been patched in version 2.41.4.

You can find information about how to handle this issue in the security team's documentation.

1 ignored issue:

CVE-2026-3184: A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.

Created: 2025-12-06 Last update: 2026-06-17 09:30

4 security issues in bullseye high

There are 4 open security issues in bullseye.

2 important issues:

CVE-2026-53613:
CVE-2026-53615:

1 issue postponed or untriaged:

CVE-2026-27456: (postponed; to be fixed through a stable update) util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU (Time-of-Check-Time-of-Use) vulnerability has been identified in the SUID binary /usr/bin/mount from util-linux. The mount binary, when setting up loop devices, validates the source file path with user privileges via fork() + setuid() + realpath(), but subsequently re-canonicalizes and opens it with root privileges (euid=0) without verifying that the path has not been replaced between both operations. Neither O_NOFOLLOW, nor inode comparison, nor post-open fstat() are employed. This allows a local unprivileged user to replace the source file with a symlink pointing to any root-owned file or device during the race window, causing the SUID binary to open and mount it as root. Exploitation requires an /etc/fstab entry with user,loop options whose path points to a directory where the attacker has write permission, and that /usr/bin/mount has the SUID bit set (the default configuration on virtually all Linux distributions). The impact is unauthorized read access to root-protected files and block devices, including backup images, disk volumes, and any file containing a valid filesystem. This issue has been patched in version 2.41.4.

1 ignored issue:

CVE-2026-3184: A flaw was found in util-linux. Improper hostname canonicalization in the `login(1)` utility, when invoked with the `-h` option, can modify the supplied remote hostname before setting `PAM_RHOST`. A remote attacker could exploit this by providing a specially crafted hostname, potentially bypassing host-based Pluggable Authentication Modules (PAM) access control rules that rely on fully qualified domain names. This could lead to unauthorized access.

Created: 2026-06-17 Last update: 2026-06-17 09:30

A new upstream version is available: 2.42.2 high

A new upstream version 2.42.2 is available, you should consider packaging it.

Created: 2026-06-17 Last update: 2026-06-17 09:03

debian/patches: 1 patch with invalid metadata, 10 patches to forward upstream high

Among the 11 debian patches available in version 2.42.1-6 of the package, we noticed the following issues:

1 patch with invalid metadata that ought to be fixed.
10 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2026-06-17 06:02

9 bugs tagged help in the BTS normal

The BTS contains 9 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2019-03-21 Last update: 2026-06-17 12:00

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2026-06-02 Last update: 2026-06-17 12:00

35 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit ae5a4658b7e8e237f5271b8a03b2f54fc8df2a96
Author: Chris Hofstaedtler <zeha@debian.org>
Date:   Wed Jun 17 11:23:14 2026 +0200

    Drop upstream applied patch

commit e85a60bb4a9d0c735c98890fcc987abc4aa11abc
Merge: 939d3ee28 44dabe221
Author: Chris Hofstaedtler <zeha@debian.org>
Date:   Wed Jun 17 11:19:39 2026 +0200

    Update upstream source from tag 'upstream/2.42.2'
    
    Update to upstream version '2.42.2'
    with Debian dir 19be3523e457e52cf62d9746b6d88a6de86d33a3

commit 44dabe221298d3dd6103851c5b6e9bf8357b2157
Merge: 40e4f750b f44509230
Author: Chris Hofstaedtler <zeha@debian.org>
Date:   Wed Jun 17 11:19:18 2026 +0200

    New upstream version 2.42.2

commit f44509230b9f8224993b8c6157f85888359a64e1
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Jun 16 14:01:17 2026 +0200

    build-sys: update release dates
    
    Signed-off-by: Karel Zak <kzak@redhat.com>

commit a2cd19b30a22c0f03e9294cd75a6e8430eb0972e
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Jun 16 13:59:15 2026 +0200

    po: merge changes

commit 7a38d24be9ac3c4336672bc3c686f443e5a366d7
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Jun 16 13:59:00 2026 +0200

    po-man: merge changes

commit 35d05e1e7f656dfb7e71b53a0f70ca2012828907
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Jun 16 13:46:33 2026 +0200

    docs: update v2.42.2-ReleaseNotes

commit 646fb66603d10a7ac337e14f566f1af48e3107c9
Author: Karel Zak <kzak@redhat.com>
Date:   Wed May 27 12:38:16 2026 +0200

    libmount: add mount ID verification and man page TOCTOU note
    
    Verify mount ID after re-opening the target fd to ensure the mount
    landed on the expected target.  The expected ID is set from fd_tree
    in hook_create_mount() (new mount API only).
    
    Add WARNING to mount.8 about the inherent TOCTOU limitation of the
    legacy mount(2) syscall for non-superuser mounts.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 39fef62bf3226abb6bb018fa8750afa0327e84b4)

commit bc43adb278d45be46964abc4e7bb06e0de210426
Author: Karel Zak <kzak@redhat.com>
Date:   Wed May 27 12:21:02 2026 +0200

    libmount: use fd_target in hook_idmap for move_mount()
    
    Use the pinned fd_target with MOVE_MOUNT_T_EMPTY_PATH for restricted
    users instead of string-based move_mount().  Re-open the target fd
    after mount to point to the mounted filesystem root.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 8aa3af65b2b2a57bd40ecc47467d58d27cc9d3a7)

commit 8bbd56b396ebb8449e5a39391c784df35919827b
Author: Karel Zak <kzak@redhat.com>
Date:   Wed May 27 12:20:06 2026 +0200

    libmount: restrict X-mount.subdir for non-root to Linux >= 6.15
    
    The old-kernel subdir path uses namespace unsharing and string-based
    move_mount() which is unsafe for restricted users (TOCTOU).  The safe
    detached subdir open requires Linux >= 6.15.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit bde660dd7e3bab40771bffd5ff654b3e0a71cd16)

commit d0c5adaeb3a3d823aba1377794de8f009b8152cc
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Jun 16 11:15:19 2026 +0200

    libmount: use fd-based fchownat/chmod in hook_owner
    
    Replace path-based lchown()/chmod() with fd-based operations in the
    X-mount.{owner,group,mode} post-mount hook.
    
    For restricted users the fd_target is pinned in prepare_target() and
    re-opened after mount in hook_attach_target() to point to the mounted
    filesystem root.  For root a local O_PATH fd is opened.  Ownership is
    changed via fchownat(fd, "", ..., AT_EMPTY_PATH), mode via
    /proc/self/fd/N.
    
    This prevents TOCTOU attacks where an ancestor directory is swapped
    between mount and the chmod/chown operations.
    
    CVE-2026-53612
    
    Reported-by: Xinyao Hu <ctf_0x01@foxmail.com>
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 24da33905c7115c4cbccd0afb2a469804e96467a)

commit b3879c50b36c58c4296ee219a7d3d290131d4c8d
Author: Karel Zak <kzak@redhat.com>
Date:   Wed May 27 11:12:17 2026 +0200

    libmount: ignore X-mount.nocanonicalize for restricted users
    
    Paths must always be canonicalized in restricted (non-root) mode to
    ensure safe target resolution before fd pinning.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit d07aad41e323fd36a1504809d1f9b89c0504f76c)

commit 0d3d55975aa3492c62fd345eac38f41cd166c0b0
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Jun 16 11:13:54 2026 +0200

    libmount: add fd_target to context for TOCTOU prevention
    
    Add a pinned O_PATH target fd to libmnt_context with lazy-open getter
    mnt_context_get_target_fd() and mnt_context_close_target_fd().
    
    The fd is opened via ul_open_no_symlinks() (RESOLVE_NO_SYMLINKS) to
    reject symlinks at any path component.  The fd is closed on context
    reset.
    
    CVE-2026-53613
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 78a860982e036f38fe9c0b3344998df5ac2c2ff5)

commit 31e37c1c7dcf25b76ccf41391fe934a75644c661
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Jun 16 10:58:32 2026 +0200

    libmount: fix SUID bypass via LIBMOUNT_FORCE_MOUNT2 and legacy mount path
    
    Use safe_getenv() for LIBMOUNT_FORCE_MOUNT2 to ignore the variable
    in SUID context, consistent with LIBMOUNT_FSTAB and other sensitive
    environment variables.
    
    Additionally, refuse multi-step mount(2) sequences (bind+remount and
    propagation) for restricted (non-root) users in the legacy mount path.
    The two-step approach has a window between syscalls where security
    flags (nosuid, noexec, ...) are not yet applied.  The new mount API
    handles this atomically.
    
    CVE-2026-53614
    
    Reported-by: Xinyao Hu <ctf_0x01@foxmail.com>
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 9cbfb823500f510b34767edabd3ffd5b436987b4)

commit 60ca8616ac1a223bfb5a713047a37136dd9481ef
Author: Karel Zak <kzak@redhat.com>
Date:   Thu May 7 12:50:48 2026 +0200

    libblkid: fix use-after-free in nested partition probing
    
    The partitions list stores partitions in a contiguous array grown by
    reallocarray(). When the array is reallocated to a new address, all
    existing blkid_partition pointers (tab->parent, ls->next_parent, local
    parent variables in nested probers) become dangling.
    
    Fix this by changing the storage from an array of structs to an array
    of pointers, where each partition is individually allocated via
    calloc(). This makes all blkid_partition pointers stable across
    reallocations -- only the pointer array itself may move, which is
    harmless since no code caches pointers into the pointer array.
    
    This eliminates the need for callers to re-fetch parent pointers after
    every blkid_partlist_add_partition() call.
    
    Reported-by: Thai Duong <thaidn@gmail.com>
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit c0186f14fbdb02f64c8e0ba701ce727ea764ff4c)

commit 7943f5766761402c14f811409cf4ce4252fdf6a1
Author: Karel Zak <kzak@redhat.com>
Date:   Wed Jun 10 13:06:26 2026 +0200

    asciidoctor: fix encoding error for non-ASCII translations
    
    File.read without an explicit encoding uses Ruby's default external
    encoding, which depends on the system locale. On systems where it
    resolves to US-ASCII (e.g. some Debian configurations), reading
    translated man page files with non-ASCII content (such as Arabic)
    fails with "source is either binary or contains invalid Unicode data".
    
    Specify encoding: 'UTF-8' explicitly so the string is correctly
    tagged regardless of locale.
    
    Fixes: https://github.com/util-linux/util-linux/issues/4409
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit d826c15252d3c6b5041d88839bbe6ae4bcf2bd18)

commit ce0a0e0166106a9d0a0e891fa0a0d86f92ee577d
Author: Karel Zak <kzak@redhat.com>
Date:   Mon Jun 15 13:15:01 2026 +0200

    libmount: detect fanotify queue overflow in monitor
    
    When the fanotify event queue overflows under sustained mount churn,
    the kernel sends a FAN_Q_OVERFLOW event. The fanotify_next_fs() function
    did not check for this, causing it to access invalid memory (the
    overflow event carries no fanotify_event_info_mnt payload) and silently
    drop the overflow notification. The consumer never learned that events
    were lost, so its mount-unit view could permanently diverge from the
    kernel.
    
    Detect FAN_Q_OVERFLOW, discard the remaining buffered events (they are
    unreliable after an overflow), and return -EOVERFLOW so the caller can
    perform a full rescan.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit a9ce458c65aacdf1676987f6fc15371643907976)

commit d12822b7945ba887f17a985c3eb9c02fc0e7c2d4
Author: Karel Zak <kzak@redhat.com>
Date:   Mon Jun 15 11:54:11 2026 +0200

    docs: setpriv: improve EXAMPLES section
    
    Clarify that setpriv is not a 1:1 replacement for su/runuser/sudo,
    add --inh-caps=-all to the basic example, and provide additional
    examples for environment reset and restrictive privilege dropping.
    
    Fixes: https://github.com/util-linux/util-linux/issues/4402
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 111a4ed1d89ee0f33d6d61417f689d4dc1f163f6)

commit 03c605bc3191fee32bb898306c06062837becb44
Author: aizu-m <aizumusheer2@gmail.com>
Date:   Sun Jun 14 13:13:26 2026 +0530

    lslogins: bound lastlog2 tty/host copy to destination size
    
    get_lastlog2() copies the TTY and host strings read from the lastlog2
    database into heap buffers of sizeof(ut_line)+1 and sizeof(ut_host)+1
    bytes, but passed strlen(value)+1 as the mem2strcpy() limit. mem2strcpy()
    zero-fills and copies that many bytes regardless of the destination, so a
    database value longer than the field overflows the buffer. Cap the limit
    to the destination field size, matching the wtmp and plain-lastlog paths
    in the same function.
    
    Signed-off-by: aizu-m <aizumusheer2@gmail.com>
    (cherry picked from commit 1af6ea888a98eb79d9e86a3238b8f8ed4db96521)

commit 5c9a92e504f7deafb1990d0ccf6b4bde8d29e5be
Author: Zephyr Li <fritchleybohrer@gmail.com>
Date:   Thu Jun 11 20:48:46 2026 +0800

    lscpu: free cputype ISA string
    
    Signed-off-by: Zephyr Li <fritchleybohrer@gmail.com>
    (cherry picked from commit aefd67cc5e73f82ad2b8ba4f9835165df2ec1caa)

commit 7aeb072d07dacf49578400e4b6e30345767c7679
Author: aizu-m <aizumusheer2@gmail.com>
Date:   Wed Jun 10 18:14:30 2026 +0530

    fsck.minix: bound namelen guessed in get_dirsize
    
    get_dirsize() guesses the directory name length from the on-disk root
    directory: it doubles a candidate size from 16 up to 512 looking for the
    ".." entry and sets namelen = size - 2. A crafted image whose first ".."
    match lands at offset 514 yields namelen 510, well past MINIX_NAME_MAX
    (255). check_file() then does xstrncpy(name_list[name_depth], name,
    namelen) into rows of only MINIX_NAME_MAX + 1 bytes, writing out of
    bounds past name_list.
    
    Stop the scan once size - 2 would exceed MINIX_NAME_MAX so the guessed
    namelen stays within the buffers, falling back to the magic-derived
    default.
    
    Signed-off-by: aizu-m <aizumusheer2@gmail.com>
    (cherry picked from commit acb0682a57ac11bed37b0c24a5f11c8854ba726f)

commit 8cd879e417e589caca12e3e6e8a2a8511b9af111
Author: Vladimir Riabchun <vladimir.riabchun@virtuozzo.com>
Date:   Wed Jun 10 15:28:48 2026 +0200

    nsenter: Fix invalid fd check in enter_namespaces
    
    When nsenter is executed with closed stdin, one pid_fd will be 0,
    which is a valid file descriptor. But with current code namespace switch
    is skipped, leading to incorrect results.
    
    Fixes: f18be0ca5aa7 ("nsenter: use pidfd to enter target namespaces")
    Signed-off-by: Vladimir Riabchun <vladimir.riabchun@virtuozzo.com>
    (cherry picked from commit 40449fc62d803917bdee0908eab2f174065c5cf9)

commit b5e07425bf11184b88c6d229495bd1de6610e8b9
Author: aizu-m <aizumusheer2@gmail.com>
Date:   Tue Jun 9 12:32:50 2026 +0530

    libmount: fix subvolid buffer overflow in get_btrfs_fs_root
    
    (cherry picked from commit 091e08c07c5444fd9179d43fb6c1db377a6ca7e4)

commit 0902f9e05a9485262cff45ba29fea227f52e69ad
Author: Karel Zak <kzak@redhat.com>
Date:   Mon Jun 1 13:52:33 2026 +0200

    tests: (hexdump) use arrays for OPTS and ADDRFMT
    
    Convert OPTS and ADDRFMT from plain strings to bash arrays and use
    proper "${…[@]}" expansion to fix shellcheck SC2090/SC2086 warnings
    about unquoted variables containing quotes/backslashes.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 8fdd389142c521ca4512815b5187d99dbc0e11ed)

commit 573a870438d15625fcb75fc6afb2829d6cdfae40
Author: Karel Zak <kzak@redhat.com>
Date:   Thu May 28 16:09:20 2026 +0200

    hexdump: fix buffer overflow in color_cond()
    
    Widen the color condition value from int (4 bytes) to int64_t (8 bytes)
    to accommodate format strings with 8-byte conversion units (e.g.,
    1/8 "%016x"). The memcpy() in color_cond() copies clr->range bytes
    into a local variable, and for 8-byte units this overflows a 4-byte
    int.
    
    Also switch strtoul() to strtoll() in the color format parser to
    correctly parse 64-bit values into the widened int64_t field.
    
    Change hexdump_clr.range from int to size_t (a byte count should never
    be negative), add a defensive guard against memcpy overflow in
    color_cond(), and add an 8-byte color condition regression test.
    
    Reported-by: Michał Majchrowicz (AFINE Team)
    Reported-by: Marcin Wyczechowski (AFINE Team)
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 9dbbd28223d6e5e2e1e4a949d1db6492e742be5d)

commit 7ff02ad9bf93ebab0991f9cf8454e1387c478b76
Author: Karel Zak <kzak@redhat.com>
Date:   Mon Jun 1 11:23:57 2026 +0200

    readprofile: replace popen() with fork/exec for .gz map files
    
    Security scanners repeatedly flag the popen("zcat %s", name) pattern
    as a command injection vulnerability (CWE-78). While this is a false
    positive -- readprofile is not installed with elevated privileges and
    the filename comes from the user's own command line -- the reports are
    a recurring nuisance.
    
    The root cause is that popen() passes the command through /bin/sh,
    which makes scanners flag it regardless of whether the input is
    actually untrusted. Replace popen() with fork()/execlp() to invoke
    zcat directly without shell interpretation. This eliminates the
    shell from the execution path and silences the scanners without
    adding any new dependencies.
    
    Also use ul_endswith() for the .gz suffix check, and handle fdopen()
    failure after fork to avoid fd leak and zombie process.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit a252e90a878f1c3afc2b6f2c1378094cb6af66a5)

commit 57dab03caf941bf01544cc4548e36cc0c3357d2c
Author: Shubham Chakraborty <chakrabortyshubham66@gmail.com>
Date:   Sat May 30 11:49:32 2026 +0200

    include/mountutils.h: fix LSMT_ROOT definition
    
    Commit
    ded434a63f3eee7fd7805b18d6c9bb912016c3c8 ("include/mount-api-utils:
    add statmount and listmount") introduce a fallback definition for the
    LSMT_ROOT defined, but a small typo makes this fallback definition
    ineffective:
    
     #ifdef LSMT_ROOT
     # define LSMT_ROOT ...
     #endif
    
    Should obviously have been:
    
     #ifndef LSMT_ROOT
     # define LSMT_ROOT ...
     #endif
    
    Signed-off-by: Shubham Chakraborty <chakrabortyshubham66@gmail.com>
    [Thomas: improve commit message]
    Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
    (cherry picked from commit 4caa4707285580f003de44a8caf0d0c9852e9be5)

commit a54611ed934d2399ef5f2823b2c027bbec9d01a3
Author: Leefancy <lijian01@kylinos.cn>
Date:   Wed May 27 15:45:41 2026 +0800

    fdisk-list: fix memory leak when partition returns empty string
    
    Signed-off-by: Leefancy <lijian01@kylinos.cn>
    (cherry picked from commit 05ea3b7d99a2c01545bedd9fea9c96cdd0d6c6d9)

commit a1c1c9b19779a6278293f79cb6fb2d32d1b75b0e
Author: Leefancy <lijian01@kylinos.cn>
Date:   Wed May 27 11:28:25 2026 +0800

    fdisk-list: fix memory leak in partition listing
    
    Signed-off-by: Leefancy <lijian01@kylinos.cn>
    (cherry picked from commit 1e3863ef2c07d8ee554aeaff9f28c7193156c4e9)

commit 2573decf0b63df41900fac75f2a8019c499d1fc5
Author: Karel Zak <kzak@redhat.com>
Date:   Tue May 26 16:16:03 2026 +0200

    libfdisk: fix use of on-disk sizeof_partition_entry in GPT
    
    The GPT code hardcodes sizeof(struct gpt_entry) (128 bytes) in
    several places instead of using the on-disk sizeof_partition_entry
    field from the GPT header. The UEFI specification allows entry sizes
    larger than 128 bytes.
    
     - reject GPT headers where sizeof_partition_entry is smaller than
       sizeof(struct gpt_entry) to prevent out-of-bounds reads when
       accessing entry array elements
    
     - use the on-disk entry size as the qsort element stride in
       gpt_reorder() to avoid corrupting entries when sizeof_partition_entry
       differs from 128
    
     - use the on-disk entry size in gpt_copy_header() when calculating
       the backup partition entry array LBA
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit efb0dbd34cd439e94288933948af394397ac6dc7)

commit 8eda6a43262a0e98cd1caa07a8da78523e178575
Author: Karel Zak <kzak@redhat.com>
Date:   Wed May 27 15:15:22 2026 +0200

    loopdev: use openat2(RESOLVE_NO_SYMLINKS) for backing file
    
    Use ul_open_no_symlinks() instead of open(O_NOFOLLOW) when
    LOOPDEV_FL_NOFOLLOW is set.  O_NOFOLLOW only rejects symlinks at the
    last path component, but TOCTOU attacks swap intermediate components.
    openat2(RESOLVE_NO_SYMLINKS) rejects symlinks at any component.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 119d23f1e3f55cf10e3c66dab80fc308c9f26456)

commit f0118f97075d583df457734c111fc04c91e4aa42
Author: Karel Zak <kzak@redhat.com>
Date:   Wed May 27 10:35:39 2026 +0200

    lib/fileutils: add ul_open_no_symlinks()
    
    Add a helper that opens a path rejecting symlinks at any component,
    not just the last one.  Uses openat2(RESOLVE_NO_SYMLINKS) when
    available (Linux >= 5.6), falls back to open(O_NOFOLLOW).
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit e01e38b24346a21f1d01498c265486a12c009e61)

commit 16958cb74bf18b109ea8a25d1763e0893b968cef
Author: Karel Zak <kzak@redhat.com>
Date:   Tue Apr 7 17:33:57 2026 +0200

    tests: mkswap file-existing subtest add explicit page size
    
    The file-existing subtest fails on platforms with large native page
    sizes (e.g. 64 KiB on aarch64) because the 40 KiB swap image is
    too small. Add -p 4096 to match the other subtests.
    
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit c5da6dcfecaa4f81be1fdcea3b3981af0ec194e0)

commit 0e3274777be95704d5edd32c0bf847d2f36fd72a
Author: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
Date:   Sat Apr 4 22:15:04 2026 -0400

    lib: (pidutils.c) allow zero and negative numbers for PIDs
    
    kill(1) and kill(2) man pages clearly state that 0 and negative
    numbers can be used. Therefore let us adapt the internal helper
    function ul_parse_pid_str() to permit this value range, as the
    previous behavior regressed the kill(1) PID parsing behavior.
    
    The uncommon value range can be controlled with two new flags
    UL_PID_ZERO and UL_PID_NEGATIVE, ORed together they will allow
    0 and negative values down to INT_MIN. Otherwise they can be
    passed individually to only allow either. If 0 is passed only
    1 upto INT_MAX values are allowed.
    
    Closes: #4194
    Closes: #4195
    Signed-off-by: Christian Goeschel Ndjomouo <cgoesc2@wgu.edu>
    (cherry picked from commit 938b0668fff01daf299713e29a9ecc1cc99875f4)

commit 5549462c4d10e7b9c67d2cf4e99a7735770e816d
Author: Karel Zak <kzak@redhat.com>
Date:   Tue May 19 10:54:57 2026 +0200

    pam_lastlog2: fix libpam linking in autotools build
    
    Move -lpam from LDFLAGS to LIBADD. When -lpam is in LDFLAGS it
    appears on the linker command line before object files, so the
    --as-needed linker flag (default on Fedora) discards it before
    seeing any undefined PAM symbols. This results in pam_lastlog2.so
    missing libpam.so in its ELF NEEDED entries.
    
    The module then fails to load with dlopen() if the calling process
    does not itself link against libpam (e.g., systemd in Fedora 44+):
    
      PAM unable to dlopen(pam_lastlog2.so): undefined symbol: pam_syslog
    
    Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2453457
    Signed-off-by: Karel Zak <kzak@redhat.com>
    (cherry picked from commit 5683ed6320e00205146cbb3d0c76462733530eca)

Created: 2026-06-17 Last update: 2026-06-17 10:32

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2026-04-17 Last update: 2026-06-17 10:32

lintian reports 33 warnings normal

Lintian reports 33 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2026-06-15 Last update: 2026-06-16 12:30

1 open merge request in Salsa normal

There is 1 open merge request for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2026-04-12 Last update: 2026-04-12 00:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.0).

Created: 2025-02-21 Last update: 2026-06-17 07:32

testing migrations

excuses:
- Migrates after: debhelper
- Migration status for util-linux (2.42.1-3 to 2.42.1-6): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ Updating util-linux would introduce bugs in testing: #1140083
- ∙ ∙ Autopkgtest for cyrus-imapd/3.12.2-1: amd64: Pass, arm64: Test triggered (failure will be ignored), i386: Failed (not a regression) ♻ (reference ♻), loong64: Pass, ppc64el: Pass, s390x: Pass
- ∙ ∙ Autopkgtest for node-mqtt/4.3.7-8: amd64: Pass, arm64: Regression ♻ (reference ♻), i386: Pass, loong64: Pass, ppc64el: Pass, s390x: Pass
- ∙ ∙ Autopkgtest for openjdk-21/21.0.12~5ea-1: amd64: Pass, arm64: Test triggered (failure will be ignored), i386: Pass, loong64: Test triggered (failure will be ignored), ppc64el: Test triggered (failure will be ignored), s390x: Pass
- ∙ ∙ Autopkgtest for openjdk-25/25.0.4~4ea-1: amd64: Pass, arm64: Test triggered (failure will be ignored), i386: Pass, loong64: Test triggered (failure will be ignored), ppc64el: Test triggered (failure will be ignored), s390x: Test triggered (failure will be ignored)
- ∙ ∙ Autopkgtest for openjdk-26/26+35-2: amd64: Pass, arm64: Test triggered (failure will be ignored), i386: Pass, ppc64el: Test triggered (failure will be ignored), s390x: Test triggered (failure will be ignored)
- ∙ ∙ Autopkgtest for openjdk-27/27~24ea-2: amd64: Pass, arm64: Test triggered (failure will be ignored), i386: Pass, loong64: Test triggered (failure will be ignored), ppc64el: Test triggered (failure will be ignored), s390x: Test triggered (failure will be ignored)
- ∙ ∙ Autopkgtest for simpleagenda.app/0.48-2: amd64: Regression ♻ (reference ♻), arm64: Pass, i386: Pass, loong64: Pass, ppc64el: Pass, s390x: Pass
- ∙ ∙ Autopkgtest for util-linux/2.42.1-6: amd64: Pass, arm64: Pass, i386: Pass, loong64: Pass, ppc64el: Pass, s390x: Pass
- ∙ ∙ Autopkgtest for zfs-linux/2.4.2-2: amd64: Pass, arm64: Pass, i386: No tests, superficial or marked flaky ♻ (reference ♻), loong64: Failed (not a regression) ♻ (reference ♻), ppc64el: Pass, s390x: Test triggered
- ∙ ∙ Missing build on riscv64
- ∙ ∙ Autopkgtest deferred on riscv64: missing arch:riscv64 build
- ∙ ∙ Lintian check waiting for test results on riscv64 - info
- ∙ ∙ Reproducibility check waiting for results on arm64 - info
- ∙ ∙ Reproducibility check waiting for results on i386 - info
- ∙ ∙ Too young, only 0 of 5 days old
- ∙ ∙ Build-Depends(-Arch): util-linux debhelper
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/u/util-linux.html
- ∙ ∙ Reproduced on amd64 - info
- ∙ ∙ Reproduced on armhf - info
- Not considered

news

[rss feed]

[2026-06-17] Accepted util-linux 2.42.2-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-06-16] Accepted util-linux 2.42.1-6 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-06-15] Accepted util-linux 2.42.1-5 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-06-14] Accepted util-linux 2.42.1-4 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-06-11] util-linux 2.42.1-3 MIGRATED to testing (Debian testing watch)
[2026-06-09] util-linux 2.42.1-2 MIGRATED to testing (Debian testing watch)
[2026-06-08] Accepted util-linux 2.42.1-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-06-04] Accepted util-linux 2.42.1-2 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-06-03] Accepted util-linux 2.42.1-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-05-30] util-linux 2.42-6 MIGRATED to testing (Debian testing watch)
[2026-05-07] Accepted util-linux 2.42-6 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-05-03] util-linux 2.42-5 MIGRATED to testing (Debian testing watch)
[2026-04-26] Accepted util-linux 2.42-5 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-04-23] util-linux 2.42-4 MIGRATED to testing (Debian testing watch)
[2026-04-19] Accepted util-linux 2.42-4 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-04-17] util-linux 2.42-3 MIGRATED to testing (Debian testing watch)
[2026-04-11] Accepted util-linux 2.42-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-04-08] Accepted util-linux 2.42-2 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-04-02] Accepted util-linux 2.42-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-03-26] Accepted util-linux 2.42~rc2-1 (source) into experimental (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-03-23] Accepted util-linux 2.42~rc1-3 (source) into experimental (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-03-03] Accepted util-linux 2.42~rc1-2 (source) into experimental (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-02-28] Accepted util-linux 2.42~rc1-1 (source) into experimental (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-02-24] util-linux 2.41.3-4 MIGRATED to testing (Debian testing watch)
[2026-02-21] Accepted util-linux 2.41.3-4 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2026-01-25] util-linux 2.41.3-3 MIGRATED to testing (Debian testing watch)
[2025-12-31] Accepted util-linux 2.41.3-3 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2025-12-30] util-linux 2.41.3-2 MIGRATED to testing (Debian testing watch)
[2025-12-18] Accepted util-linux 2.41.3-2 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)
[2025-12-16] Accepted util-linux 2.41.3-1 (source) into unstable (Chris Hofstaedtler) (signed by: Christian Hofstaedtler)

bugs [bug history graph]

all: 90 97
RC: 4
I&N: 55 62
M&W: 31
F&P: 0
patch: 1
help: 9

links

homepage
lintian (0, 33)
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker
screenshots
l10n (100, 60)
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.41.3-3ubuntu2
patches for 2.41.3-3ubuntu2