Publishing details

• Created on 2022-11-23 by Ubuntu Archive Auto-Sync
• Published on 2022-11-23

Changelog

multipath-tools (0.8.8-1ubuntu2) lunar; urgency=medium

  * SECURITY UPDATE: symlink attack
    - debian/patches/CVE-2022-41973.patch: use /run instead of /dev/shm in
      .gitignore, Makefile.inc, libmultipath/defaults.h,
      multipath/Makefile, multipath/multipath.rules.in,
      multipath/tmpfiles.conf.in.
    - debian/multipath-tools.install: install tmpfiles.d/multipath.conf.
    - debian/rules: copy udev rule after build.
    - CVE-2022-41973
  * SECURITY UPDATE: authorization bypass
    - debian/patches/CVE-2022-41974-pre1.patch: fix command completion in
      interactive mode in multipathd/callbacks.c, multipathd/cli.c,
      multipathd/cli_handlers.c, multipathd/main.c.
    - debian/patches/CVE-2022-41974.patch: more robust command parsing in
      multipathd/callbacks.c, multipathd/cli.c, multipathd/cli.h,
      multipathd/cli_handlers.c, multipathd/uxlsnr.c.
    - debian/patches/CVE-2022-41974-2.patch: fix command completion with
      robust parser in multipathd/cli.c, multipathd/cli.h,
      multipathd/uxlsnr.c.
    - debian/patches/CVE-2022-41974-3.patch: add test for command parsing
      in Makefile.inc, tests/Makefile, tests/cli.c, multipathd/cli.h,
      multipathd/cli.c.
    - debian/patches/CVE-2022-41974-4.patch: fix memory leak handling
      invalid commands in multipathd/uxlsnr.c.
    - CVE-2022-41974

 -- Marc Deslauriers <email address hidden>  Fri, 28 Oct 2022 14:43:41 -0400

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• riscv64
• s390x

Built packages

• kpartx create device mappings for partitions

• kpartx-boot Provides kpartx during boot

• kpartx-dbgsym debug symbols for kpartx

• multipath-tools maintain multipath block device access

• multipath-tools-boot Support booting from multipath devices

• multipath-tools-dbgsym debug symbols for multipath-tools

Package files

• kpartx-boot_0.8.8-1ubuntu2_all.deb (6.7 KiB)
• kpartx-dbgsym_0.8.8-1ubuntu2_amd64.ddeb (63.6 KiB)
• kpartx-dbgsym_0.8.8-1ubuntu2_arm64.ddeb (63.3 KiB)
• kpartx-dbgsym_0.8.8-1ubuntu2_armhf.ddeb (66.0 KiB)
• kpartx-dbgsym_0.8.8-1ubuntu2_i386.ddeb (61.5 KiB)
• kpartx-dbgsym_0.8.8-1ubuntu2_ppc64el.ddeb (65.6 KiB)
• kpartx-dbgsym_0.8.8-1ubuntu2_riscv64.ddeb (65.4 KiB)
• kpartx-dbgsym_0.8.8-1ubuntu2_s390x.ddeb (57.0 KiB)
• kpartx_0.8.8-1ubuntu2_amd64.deb (27.4 KiB)
• kpartx_0.8.8-1ubuntu2_arm64.deb (26.9 KiB)
• kpartx_0.8.8-1ubuntu2_armhf.deb (27.5 KiB)
• kpartx_0.8.8-1ubuntu2_i386.deb (31.9 KiB)
• kpartx_0.8.8-1ubuntu2_ppc64el.deb (29.7 KiB)
• kpartx_0.8.8-1ubuntu2_riscv64.deb (28.2 KiB)
• kpartx_0.8.8-1ubuntu2_s390x.deb (27.2 KiB)
• multipath-tools-boot_0.8.8-1ubuntu2_all.deb (7.9 KiB)
• multipath-tools-dbgsym_0.8.8-1ubuntu2_amd64.ddeb (958.4 KiB)
• multipath-tools-dbgsym_0.8.8-1ubuntu2_arm64.ddeb (955.3 KiB)
• multipath-tools-dbgsym_0.8.8-1ubuntu2_armhf.ddeb (915.8 KiB)
• multipath-tools-dbgsym_0.8.8-1ubuntu2_ppc64el.ddeb (986.9 KiB)
• multipath-tools-dbgsym_0.8.8-1ubuntu2_riscv64.ddeb (900.0 KiB)
• multipath-tools-dbgsym_0.8.8-1ubuntu2_s390x.ddeb (964.4 KiB)
• multipath-tools_0.8.8-1ubuntu2.debian.tar.xz (58.5 KiB)
• multipath-tools_0.8.8-1ubuntu2.dsc (2.7 KiB)
• multipath-tools_0.8.8-1ubuntu2_amd64.deb (320.5 KiB)
• multipath-tools_0.8.8-1ubuntu2_arm64.deb (311.6 KiB)
• multipath-tools_0.8.8-1ubuntu2_armhf.deb (291.8 KiB)
• multipath-tools_0.8.8-1ubuntu2_ppc64el.deb (343.9 KiB)
• multipath-tools_0.8.8-1ubuntu2_riscv64.deb (286.5 KiB)
• multipath-tools_0.8.8-1ubuntu2_s390x.deb (307.3 KiB)
• multipath-tools_0.8.8.orig.tar.gz (515.1 KiB)