update 2.37.4 to 2.38
release notes:
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.38/v2.38-ReleaseNotes
includes NEW COMMAND: lsfd
lsfd is a NEW COMMAND. lsfd is intended to be a modern replacement for lsof(8)
on Linux systems. Unlike lsof, lsfd is specialized to Linux kernel; it supports
Linux specific features like namespaces with simpler code. lsfd is not a
drop-in replacement for lsof; they are different in the command line interface
and output formats. lsfd uses Libsmartcols for output formatting and filtering.
For example: lsfd -Q 'ASSOC == "exe"' prints all running executables.
(Thanks to Masatake YAMATO)
/usr/bin/lsfd is 107760 bytes on Generic
man page here:
- https://github.com/util-linux/util-linux/blob/master/misc-utils/lsfd.1.adoc
* Downgrade glibc to 2.27 for L4T Builds.
* Downgrade binutils to 2.32 for L4T Builds.
* Update L4T Project Options
* Refactor tegra-bsp package
* Import/Rebase CTC's ffmpeg patches, and switch decoder to nvv4l2 from nvmpi. Fixes decoder issues
* Enable all disabled cores
* Remove hack in busybox package to dump firmware into L4T Builds, we now handle this in tegra-bsp package.
* More L4T project cleanups
* Bring switch-bootloader package.mk inline with upstream formatting
* Fix reboot_payload
* Add proper tegra-bsp:init support
* Bootloader cleanups, seperate bootloader stuff for libreelec builds
* Update init for supporting all distros on Nintendo Switch
* Add proper splash images for libreelec builds.
* Final bootloader fixes
* switch-bootloader-merge-fixes
* Fix uboot merge issues
* fix bmp
* It all builds
* add Basic USB Gadget(Serial console only)
* Properly fix mtp, and finish gadget stuff
util-linux 2.37.4 Release Notes
===============================
This release fixes security issue in chsh(1) and chfn(8):
CVE-2022-0563
The readline library uses INPUTRC= environment variable to get a path
to the library config file. When the library cannot parse the
specified file, it prints an error message containing data from the
file.
Unfortunately, the library does not use secure_getenv() (or a similar
concept), or sanitize the config file path to avoid vulnerabilities that
could occur if set-user-ID or set-group-ID programs.
update 2.37.2 (2021-08-16) to 2.37.3 (2022-01-24)
Changelog:
- https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ChangeLog
util-linux 2.37.3 Release Notes
===============================
This release fixes two security mount(8) and umount(8) issues:
CVE-2021-3996
Improper UID check in libmount allows an unprivileged user to unmount FUSE
filesystems of users with similar UID.
CVE-2021-3995
This issue is related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
1) Python3 needs the util-linux:host dependency otherwise uuid support will
leak over from the build host during a clean build, only to use util-linux:host
for uuid support during a subsequent rebuild (which fails, because of #2)
2) util-linux:host needs -fPIC as this is what Python3 requires (clean builds
work because of #1...)
3) Remove toolchain from util-linux:host to avoid a circular toolchain
reference now that Python3 is also part of toolchain (via meson)
