[Pkg-utopia-maintainers] Bug#1107968: unblock: libblockdev/3.3.0-2.1
Salvatore Bonaccorso
carnil at debian.org
Wed Jun 18 08:02:44 BST 2025
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: libblockdev at packages.debian.org, Utopia Maintenance Team <pkg-utopia-maintainers at lists.alioth.debian.org>, Michael Biebl <biebl at debian.org>, carnil at debian.org
Control: affects -1 + src:libblockdev
User: release.debian.org at packages.debian.org
Usertags: unblock
Hi Release Team,
Please unblock package libblockdev
libblockdev is affected by CVE-2025-6019, a local privilege escalation
to root which can be exploited via the udisks2 deamon. We have
released DSA 5943-1 yesterday for it.
unblock libblockdev/3.3.0-2.1
and if possible let it migrate rather soon into testing.
Regards,
Salvatore
-------------- next part --------------
diff -Nru libblockdev-3.3.0/debian/changelog libblockdev-3.3.0/debian/changelog
--- libblockdev-3.3.0/debian/changelog 2025-02-27 22:12:11.000000000 +0100
+++ libblockdev-3.3.0/debian/changelog 2025-06-09 15:06:46.000000000 +0200
@@ -1,3 +1,10 @@
+libblockdev (3.3.0-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * dont allow suid and dev set on fs resize (CVE-2025-6019)
+
+ -- Salvatore Bonaccorso <carnil at debian.org> Mon, 09 Jun 2025 15:06:46 +0200
+
libblockdev (3.3.0-2) unstable; urgency=medium
* autopkgtest: Add dependency on vdo.
diff -Nru libblockdev-3.3.0/debian/patches/dont-allow-suid-and-dev-set-on-fs-resize.patch libblockdev-3.3.0/debian/patches/dont-allow-suid-and-dev-set-on-fs-resize.patch
--- libblockdev-3.3.0/debian/patches/dont-allow-suid-and-dev-set-on-fs-resize.patch 1970-01-01 01:00:00.000000000 +0100
+++ libblockdev-3.3.0/debian/patches/dont-allow-suid-and-dev-set-on-fs-resize.patch 2025-06-09 15:06:46.000000000 +0200
@@ -0,0 +1,27 @@
+From 8e072f794744bd17c57cceabb3884d3f0f6a1602 Mon Sep 17 00:00:00 2001
+From: Thomas Blume <Thomas.Blume at suse.com>
+Date: Fri, 16 May 2025 14:27:10 +0200
+Subject: [PATCH] dont allow suid and dev set on fs resize
+
+---
+ src/plugins/fs/generic.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/plugins/fs/generic.c b/src/plugins/fs/generic.c
+index 69333944..1a6dd960 100644
+--- a/src/plugins/fs/generic.c
++++ b/src/plugins/fs/generic.c
+@@ -683,7 +683,9 @@ static gchar* fs_mount (const gchar *device, gchar *fstype, gboolean read_only,
+ "Failed to create temporary directory for mounting '%s'.", device);
+ return NULL;
+ }
+- ret = bd_fs_mount (device, mountpoint, fstype, read_only ? "ro" : NULL, NULL, &l_error);
++
++ ret = bd_fs_mount (device, mountpoint, fstype, read_only ? "nosuid,nodev,ro" : "nosuid,nodev", NULL, &l_error);
++
+ if (!ret) {
+ g_propagate_prefixed_error (error, l_error, "Failed to mount '%s': ", device);
+ g_rmdir (mountpoint);
+--
+2.48.1
+
diff -Nru libblockdev-3.3.0/debian/patches/series libblockdev-3.3.0/debian/patches/series
--- libblockdev-3.3.0/debian/patches/series 2025-02-27 22:12:11.000000000 +0100
+++ libblockdev-3.3.0/debian/patches/series 2025-06-09 15:06:46.000000000 +0200
@@ -1 +1,2 @@
Skip-smartmontools-integration-test.patch
+dont-allow-suid-and-dev-set-on-fs-resize.patch
More information about the Pkg-utopia-maintainers
mailing list