summaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-extended/libblockdev/libblockdev_3.2.1.bb
Commit message (Collapse)AuthorAgeFilesLines
* libblockdev: fix CVE-2025-6019Changqing Li2025-07-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | CVE-2025-6019: A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. Refer: https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-openembedded/all: adapt to UNPACKDIR changesAlexander Kanavin2025-06-251-1/+0
| | | | | | | | | | | | | Please see https://git.yoctoproject.org/poky/commit/?id=4dd321f8b83afecd962393101b2a6861275b5265 for what changes are needed, and sed commands that can be used to make them en masse. I've verified that bitbake -c patch world works with these, but did not run a world build; the majority of recipes shouldn't need further fixups, but if there are some that still fall out, they can be fixed in followups. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: Fix variable assignment whitespaceRichard Purdie2025-03-201-1/+1
| | | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libblockdev: upgrade 3.2.0 -> 3.2.1Wang Mingyu2024-11-191-0/+41
Changelog: =========== - crypto: check that IOC_OPAL_GET_STATUS is defined - smart: Clarify use of ID_ATA_SMART_ACCESS udev property - smart: Clarify ID_ATA_SMART_ACCESS udev property values - nvme: Avoid element-type g-i annotations - README: Update supported technologies - dist: Fix source URL in spec - packit: Fix generating spec from template - dist: Sync spec with downstream - misc: Fix installing test dependencies on Debian/Ubuntu - ci: Do not try to install test dependencies for CodeQL analysis - lvm: Clarify the global config functionallity in libblockdev - ci: Install 'python3-libdnf5' for TMT test plans - Makefile: Fix generating RPM log during bumpver Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-23 06:33:07 +0000