Debian Patches

Status for util-linux/2.38.1-5+deb12u1

Patch Description Author Forwarded Bugs Origin Last update
debian/man-getopt-examples.patch util-linux: getopt(1) should point to where examples are on a Debian system

Debian BTS #913049
Matthew Vernon <matthew@debian.org> no 2018-11-06
debian/verbose-tests.patch verbose-tests
Enable verbose tests and print content of failing tests output file.
Andreas Henriksson <andreas@fatal.se> no 2014-07-30
debian/chown-non-deprecated.patch Use non-deprecated chown syntax Chris Hofstaedtler <zeha@debian.org> no 2022-04-12
debian/hardlink-tests-known-failed.patch hardlink tests: set known failed
sha256 cannot be initialized on some archs / buildds.
Chris Hofstaedtler <zeha@debian.org> no 2022-04-12
debian/lsfd-usrbin.patch Install lsfd into /usr/bin Chris Hofstaedtler <zeha@debian.org> no 2022-04-14
debian/sensible-pager.patch Use sensible-pager Chris Hofstaedtler <zeha@debian.org> no 2022-07-14
upstream/0001-lib-path-ul_path_cpuparse-fix-parsing-of-empty-sysfs.patch [PATCH 01/24] lib/path: ul_path_cpuparse: fix parsing of empty sysfs files

Kernel 5.15 returns empty content for topology/thread_siblings on
aarch64 platform, which in conjunction of uninitialized `buf` memory
buffer results in the garbage:

(gdb) p buf
$14 = " @\377\367\177\000\000\000\275\000\347j\032\236"

This garbage is then being later consumed by underlying helper functions
like for example cpumask_parse() and this leads to the following crash
later:

in __libc_free (p=0x7ff7f67c00) at src/malloc/mallocng/free.c:105
in free (p=<optimized out>) at src/malloc/free.c:5
in add_cpuset_to_array (setsize=<optimized out>, set=<optimized out>, items=<optimized out>, ary=<optimized out>) at ../sys-utils/lscpu-topology.c:29
in cputype_read_topology (cxt=cxt@entry=0x7ff7fffe70, ct=0x4298a0) at ../sys-utils/lscpu-topology.c:153
in lscpu_read_topology (cxt=cxt@entry=0x7ff7fffe70) at ../sys-utils/lscpu-topology.c:629
in main (argc=1, argv=0x7ffffffdb8) at ../sys-utils/lscpu.c:1341

It looks like the problem is that current logic expects fgets() to set
errno on failure, but fgets() is not documented to do so and and neither
glibc nor musl set errno. So if errno was set to 0 before fgets() call,
the failure from fgets() is ignored and then invalid buffer is being
parsed.
=?utf-8?q?Petr_=C5=A0tetiar?= <ynezz@true.cz> no 2022-09-22
upstream/0002-libuuid-Implement-continuous-clock-handling-for-time.patch [PATCH 02/24] libuuid: Implement continuous clock handling for time based UUIDs

In a uuidd setup, the daemon is a singleton and can maintain it's own
resources for time based UUID generation. This requires a dedicated
'clock sequence range' but does not need any further lock/update of
the LIBUUID_CLOCK_FILE from uuidd. The range of available clock values
is extended by a continuous handling of the clock updates - instead of
updating the value to the current timestamp, it is incremented by
the number of requested UUIDs.
Michael Trapp <michael.trapp@sap.com> no 2022-06-20
upstream/0003-uuidd-fix-random-UUIDs.patch [PATCH 03/24] uuidd: fix random UUIDs
Commit f27876f introduces copy & past bug and replaces
__uuid_generate_random() with __uuid_generate_time().
Karel Zak <kzak@redhat.com> no 2022-10-10
upstream/0004-libuuid-check-clock-value-from-LIBUUID_CLOCK_FILE.patch [PATCH 04/24] libuuid: check clock value from LIBUUID_CLOCK_FILE
The clock value from the LIBUUID_CLOCK_FILE must be checked in
case of an update of libuuid. If clock==CLOCK_SEQ_CONT it must
be set to a new value.
Michael Trapp <michael.trapp@sap.com> no 2022-08-02
upstream/0005-lsblk-fix-endless-loop-if-device-specified-more-than.patch [PATCH 05/24] lsblk: fix endless loop if device specified more than once Karel Zak <kzak@redhat.com> no 2022-09-19
upstream/0006-lib-procfs-add-function-to-parse-proc-stat.patch [PATCH 06/24] lib/procfs: add function to parse /proc/#/stat Karel Zak <kzak@redhat.com> no 2022-08-11
upstream/0007-kill-Support-mandating-the-presence-of-a-userspace-s.patch [PATCH 07/24] kill: Support mandating the presence of a userspace signal handler

In production we've had several incidents over the years where a process
has a signal handler registered for SIGHUP or one of the SIGUSR signals
which can be used to signal a request to reload configs, rotate log
files, and the like. While this may seem harmless enough, what we've
seen happen repeatedly is something like the following:

1. A process is using SIGHUP/SIGUSR[12] to request some
application-handled state change -- reloading configs, rotating a log
file, etc;
2. This kind of request is deprecated and removed, so the signal handler
is removed. However, a site where the signal might be sent from is
missed (often logrotate or a service manager);
3. Because the default disposition of these signals is terminal, sooner
or later these applications are going to be sent SIGHUP or similar
and end up unexpectedly killed.

I know for a fact that we're not the only organistion experiencing this:
in general, signal use is pretty tricky to reason about and safely
remove because of the fairly aggressive SIG_DFL behaviour for some
common signals, especially for SIGHUP which has a particularly ambiguous
meaning. Especially in a large, highly interconnected codebase,
reasoning about signal interactions between system configuration and
applications can be highly complex, and it's inevitable that on occasion
a callsite will be missed.

In some cases the right call to avoid this will be to migrate services
towards other forms of IPC for this purpose, but inevitably there will
be some services which must continue using signals, so we need a safe
way to support them.

This patch adds support for the -r/--require-handler flag, which checks
if a userspace handler is present for the signal being sent. If it is
not, the process will be skipped.

With this flag we can enforce that all SIGHUP reload cases and SIGUSR
equivalents use --require-handler. This effectively mitigates the case
we've seen time and time again where SIGHUP is used to rotate log files
or reload configs, but the sending site is mistakenly left present after
the removal of signal handler, resulting in unintended termination of
the process.
Chris Down <chris@chrisdown.name> no 2022-10-26
upstream/0008-fdisk-fix-output-option-parsing.patch [PATCH 08/24] fdisk: fix --output option parsing Karel Zak <kzak@redhat.com> no 2022-10-24
upstream/0009-fdisk-make-it-more-obvious-that-DOS-means-MBR.patch [PATCH 09/24] fdisk: make it more obvious that DOS means MBR Karel Zak <kzak@redhat.com> no 2022-11-10
upstream/0010-libfdisk-make-scripts-portable-between-different-sec.patch [PATCH 10/24] libfdisk: make scripts portable between different sector sizes Karel Zak <kzak@redhat.com> no 2022-07-11
upstream/0011-sfdisk-improve-code-readability-for-coverity-scan.patch [PATCH 11/24] sfdisk: improve code readability for coverity scan Karel Zak <kzak@redhat.com> no 2022-08-11
upstream/0012-libfdisk-gpt-don-t-ignore-fsync-errors.patch [PATCH 12/24] libfdisk: (gpt) don't ignore fsync() errors Karel Zak <kzak@redhat.com> no 2022-08-11
upstream/0013-sfdisk-inform-about-failed-fsync-coverity-scan.patch [PATCH 13/24] sfdisk: inform about failed fsync() [coverity scan] Karel Zak <kzak@redhat.com> no 2022-08-11
upstream/0014-lscpu-Add-Snapdragon-parts.patch [PATCH 14/24] lscpu: Add Snapdragon parts
QC updated the kernel cputype.h to include the Kyro 4xx and 3xx Silver
part numbers's. Lets sync that commit and naming.
Jeremy Linton <jeremy.linton@arm.com> no 2022-05-04
upstream/0015-Add-Makalu-Makalu-ELP-A715-X3.patch [PATCH 15/24] Add Makalu/Makalu-ELP (A715/X3)
Also fix names of A510/A710 cores
ThomasKaiser <ThomasKaiser@users.noreply.github.com> no 2022-06-30
upstream/0016-Adding-Apple-core-names-distinguish-by-SoC-SiP-name.patch [PATCH 16/24] Adding Apple core names, distinguish by SoC/SiP name ThomasKaiser <ThomasKaiser@users.noreply.github.com> no 2022-07-01
upstream/0017-Fix-formatting.patch [PATCH 17/24] Fix formatting. Thomas Kaiser <ThomasKaiser@users.noreply.github.com> no 2022-07-01
upstream/0018-lscpu-make-Apple-part-names-human-friendly.patch [PATCH 18/24] lscpu: make Apple part names human-friendly
The internal Apple model numbers for the SoCs are somewhat
confusing given that they are mostly similar and differ by only
one or two digits. Instead, use the public nomenclature for these
chips to avoid ambiguity and beautify the output.
James Calligeros <jcalligeros99@gmail.com> no 2022-07-09
upstream/0019-lscpu-add-missing-Apple-parts.patch [PATCH 19/24] lscpu: add missing Apple parts James Calligeros <jcalligeros99@gmail.com> no 2022-07-09
upstream/0020-lscpu-arm-don-t-use-space-in-names.patch [PATCH 20/24] lscpu: (arm) don't use space in names
It's seems better to be consistent and use the same convention for all
the names.
Karel Zak <kzak@redhat.com> no 2022-07-18
upstream/0021-Remove-closing-braces-in-Apple-cores-names.patch [PATCH 21/24] Remove closing braces in Apple cores names ThomasKaiser <ThomasKaiser@users.noreply.github.com> no 2022-07-18
upstream/0022-lscpu-Even-more-Arm-part-numbers.patch [PATCH 22/24] lscpu: Even more Arm part numbers
Arm has published further MIDR/part numbers on
https://developer.arm.com/ip-products/processors/cortex-a.
Some of the new ones have already been merged, so lets
fill in the gaps with A34, A65AE and X1C.
Jeremy Linton <jeremy.linton@arm.com> no 2022-09-01
upstream/0023-lscpu-Add-Kryo-3XX-Gold-core.patch [PATCH 23/24] lscpu: Add Kryo 3XX Gold core
[kzak@redhat.com: - update patch to use '-' between words in CPU name]
ThomasKaiser <ThomasKaiser@users.noreply.github.com> no 2022-09-30
upstream/0024-fsck-Processes-may-kill-other-processes.patch [PATCH 24/24] fsck: Processes may kill other processes.
A error in disk-utils/fsck.c, if run the fsck -N command, processes
don't execute, just show what would be done. However, the pid whose
value is -1 is added to the instance_list list in the execute
function,if the kill_all function is called later, kill(-1, signum)
is executed, Signals are sent to all processes except the number one
process and itself. Other processes will be killed if they use the
default signal processing function.
zhanchengbin <zhanchengbin1@huawei.com> no 2022-10-10
upstream/0025-libblkid-ntfs-avoid-UB-in-signed-shift.patch [PATCH 25/26] libblkid: ntfs: avoid UB in signed shift
Fix OSS-Fuzz issue 53142 ( #1886 )
Fix OSS-Fuzz issue 53160 ( #1888 )
=?utf-8?q?Thomas_Wei=C3=9Fschuh?= <thomas@t-8ch.de> no 2022-11-10
upstream/0026-libblkid-iso9660-allocate-enough-space-for-UTF16-dec.patch [PATCH 26/26] libblkid: iso9660: allocate enough space for UTF16 decoding

When merge_utf16be_ascii() encounters high-codepoint surrogate pairs it
emits four bytes of output for one byte of ascii input.
In addition with the remaining ascii characters from the second loop we
need up to 5 * sizeof(input) / 2 bytes as output buffer.

As we decode up to 128 ascii characters with merge_utf16be_ascii() we
need 320 bytes of buffer available.

Furthermore adapt merge_utf16be_ascii() to not write paste the output
buffer end.

Fix OSS-Fuzz issue 53149 ( #1887 )
=?utf-8?q?Thomas_Wei=C3=9Fschuh?= <thomas@t-8ch.de> no 2022-11-10
upstream/PATCH-rfkill-man-List-options-for-supported-device-types.patch [PATCH] rfkill: (man) List options for supported device types Karel Zak <kzak@redhat.com> no 2022-09-05
upstream/PATCH-1-2-lib-pty-Put-master-PTY-into-non-blocking-mode-a.patch [PATCH 1/2] lib/pty: Put master PTY into non-blocking mode and buffer its output to avoid deadlock

If we filled the script->child buffer before the child had a chance to read any
input, we'd sleep forever in write_all(pty->master), and the child would sleep
forever in write(1<pty->slave>)

By putting the master PTY in non-blocking mode, we can poll(pty->master,
POLLOUT) and keep supplying more data as the child reads from the buffer

Fixes Debian bug #1003095
=?utf-8?b?0L3QsNCx?= <nabijaczleweli@nabijaczleweli.xyz> no 2022-04-12
upstream/PATCH-2-2-lib-pty-minor-cleanups.patch [PATCH 2/2] lib/pty: minor cleanups Karel Zak <kzak@redhat.com> no 2022-04-19
upstream/PATCH-script-abort-if-unused-arguments-are-given.patch [PATCH] script: abort if unused arguments are given
scripts uses either a free-standing "file" argument, or the value
passed as --log-out "file". Additional filenames are ignored.
They are also ignored if --log-in "file" is given, as it turns off
output logging by default (can still be overriden by adding --log-out).
Avoid surprises when passing multiple filenames by writing usage
message instead.

[kzak@redhat.com: - use errtryhelp() rather than usage()]
Chris Hofstaedtler <zeha@debian.org> no debian 2022-11-18
upstream/logger-always-update-header-when-read-from-stdin.patch logger: always update header when read from stdin
The current code updates the header only when the priority has been
changed. It's incorrect because wanted is a valid header or each entry
(don't forget that logger for stdin use-case is used in pipe to log
long-time running processes).

This patch also fixes the initial timestamp; it was originally generated
on logger startup, it now generates the header on the first message.

$ (sleep 2; date; sleep 2; date; sleep 2; date) | logger --stderr --no-act

old:
<13>Nov 1 10:42:14 kzak: Tue Nov 1 10:42:16 AM CET 2022
<13>Nov 1 10:42:14 kzak: Tue Nov 1 10:42:18 AM CET 2022
<13>Nov 1 10:42:14 kzak: Tue Nov 1 10:42:20 AM CET 2022

new:
<13>Nov 1 10:19:02 kzak: Tue Nov 1 10:19:02 AM CET 2022
<13>Nov 1 10:19:04 kzak: Tue Nov 1 10:19:04 AM CET 2022
<13>Nov 1 10:19:06 kzak: Tue Nov 1 10:19:06 AM CET 2022
Karel Zak <kzak@redhat.com> no 2022-11-01
upstream/write-correctly-handle-wide-characters.patch write: correctly handle wide characters
Do this by replacing fputc_careful() (notice that the description said
it's locale-aware ‒ it very much is /not/), with a fputs_careful() which
does the same thing, but if it were to output a byte in the \123 format,
first it checks whether this byte starts a valid multibyte character.

If it does, and that character is printable, write it verbatim.
This means that
echo 'foo åäö ąęćźżń bar' | write nabijaczleweli pts/4
instead of
foo \303\245\303\244\303\266
\304\205\304\231\304\207\305\272\305\274\305\204 bar
yields
foo åäö ąęćźżń bar
or, more realistically, from a message I got earlier today,
Filip powiedzia\305\202 \305\274e zap\305\202aci jutro
becomes
Filip powiedział że zapłaci jutro

Invalid/non-printable sequences get processed as before.

Line reading in write must become getline() to avoid dealing with
partial characters: for example on input consisting solely of
ąęćźżń, where every {1} is an instance, the output would be
{42}ąęć\305\272żń{84}ąęćź\305\274ń{84}ąęćźż\305\204{39}
with just fixed-512 fgets()
=?utf-8?b?0L3QsNCx?= <nabijaczleweli@nabijaczleweli.xyz> no debian 2023-03-15
upstream/wall-convert-homebrew-buffering-to-open_memstream.patch wall: convert homebrew buffering to open_memstream()
The struct buffer system duplicates a plethora of standard I/O
functions (including a fork of fputc_careful())
and adds a lot of complexity ‒ open_memstream() is standard,
and fits perfectly into this niche
=?utf-8?b?0L3QsNCx?= <nabijaczleweli@nabijaczleweli.xyz> no 2023-03-15
upstream/wall-use-fputs_careful.patch wall: use fputs_careful()
LINE_MAX only applies to teletypes in canonical mode: when stdin is a
file, it could still very much tear; start off at 512 for the sprintf(),
then use getline() like in write.

The line wrapping has one suboptimal edge-case:
$ wall < all

Broadcast message from nabijaczleweli@tarta (pts/4) (Tue Mar 14 22:31:25
2023):

^N^O^P^Q^R^S^T^U^V^W^X^Y^Z^[^\^]^^^_
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJ
KLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~^?\200\201\202\203\204\205\206
\207\210\211\212\213\214\215\216\217\220\221\222\223\224\225\226\227\230\231\232
\233\234\235\236\237\240\241\242\243\244\245\246\247\250\251\252\253\254\255\256
\257\260\261\262\263\264\265\266\267\270\271\272\273\274\275\276\277\300\301\302
\303\304\305\306\307\310\311\312\313\314\315\316\317\320\321\322\323\324\325\326
\327\330\331\332\333\334\335\336\337\340\341\342\343\344\345\346\347\350\351\352
\353\354\355\356\357\360\361\362\363\364\365\366\367\370\371\372\373\374\375\376
\377
but that's a pathological input, and the result is still infinitely
better than it was before, so fixing that is more trouble than it's
worth.
=?utf-8?b?0L3QsNCx?= <nabijaczleweli@nabijaczleweli.xyz> no debian 2023-03-15
upstream/wall-fix-calloc-cal-Werror-calloc-transposed-args.patch wall: fix calloc cal [-Werror=calloc-transposed-args]
term-utils/wall.c:143:37: error: xcalloc sizes specified with sizeof in the earlier argument and not in the later argument [-Werror=calloc-transposed-args]
143 | buf->groups = xcalloc(sizeof(*buf->groups), buf->ngroups);
| ^
term-utils/wall.c:143:37: note: earlier argument should specify number of elements, later size of each element
Karel Zak <kzak@redhat.com> no 2024-01-17
upstream/wall-fix-escape-sequence-Injection-CVE-2024-28085.patch wall: fix escape sequence Injection [CVE-2024-28085]
Let's use for all cases the same output function.
Karel Zak <kzak@redhat.com> no 2024-03-21

All known versions for source package 'util-linux'

Links