7.261. util-linux-ng

Updated util-linux-ng packages that fix multiple bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links associated with each description below.
The util-linux-ng packages contain a large variety of low-level system utilities that are necessary for a Linux operating system to function.

Security Fix

An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to.

Bug Fixes

Previously, the blkid utility ignored swap area UUIDs if the first byte was zero. As a consequence, the swap areas could not be addressed by UUIDs; for example, from the /etc/fstab file. The libblkd library has been fixed and now swap partitions are labeled with a valid UUID value if the first byte is zero.
Previously, the lsblk utility opened block devices to check if the device was in read-only mode, although the information was available in the /sys file system. This resulted in unexpected SELinux alerts and unnecessary open() calls. Now, the lsblk utility does not perform unnecessary opening operations and no longer reads the information from the /sys file system.
On a non-uniform CPU configuration, for example on a system with two sockets with a different number of cores, the lscpu command failed unexpectedly with a segmentation fault and a core dump was generated. After this update, when executing the lscpu command on such a configuration, the correct result is printed and no core dump is generated.
On a system with a large number of active processors, the lscpu command failed unexpectedly with a segmentation fault and a core dump was generated. This bug is now fixed and the lscpu command now works as expected on this configuration.
Executing the hwclock --systz command to reset the system time based on the current time zone caused the clock to be incorrectly adjusted by one hour. This was because hwclock did not adjust the system time during boot according to the "warp clock" semantic described in the settimeofday(2) man page. With this update, hwclock correctly sets the system time when required.
When SElinux options were specified both in the /etc/fstab file and on the command line, mounting failed and the kernel logged the following error upon running dmesg:
SELinux:  duplicate or incompatible mount options
The handling of SElinux options has been changed so that options on the command line now replace options given in the /etc/fstab file and as a result, devices can be mounted successfully.
Due to a change in the search order of the mount utility, while reading the /etc/fstab file, the mount command returned a device before a directory. With this update, the search order has been modified and mount now works as expected.
Previously, any new login or logout sequence by a telnet client caused the /var/run/utmp file to increase by one record on the telnetd machine. As a consequence, the /var/run/utmp file grew without a limit. As a result of trying to search though a huge /var/run/utmp file, the machine running telnetd could experience more severe side-effects over time. For example, the telnetd process could become unresponsive or the overall system performance could degrade. The telnetd now creates a proper record in /var/run/utmp before starting the logging process. As a result, the /var/run/utmp does not grow without a limit on each new login or logout sequence of a telnet session.
BZ#730891, BZ#783514, BZ#809139, BZ#820183, BZ#839281
Man pages of several utilities included in the package have been updated to fix minor mistakes and add entries for previously undocumented functionalities.


A new --compare option for hwclock to compare the offset between system time and hardware clock has been added due to a discontinued distribution of adjtimex in Red Hat Enterprise Linux 6.0 and later, which had previously provided this option.
The lsblk command now supports a new option, --inverse, used to print dependencies between block devices in reverse order. This feature is required to properly reboot or shut down systems with a configured cluster.
The lscpu utility, which displays detailed information about the available CPUs, has been updated to include numerous new features. Also, a new utility, chcpu, has been added, which allows the user to change the CPU state (online or offline, standby or active, and other states), disable and enable CPUs, and configure specified CPUs. For more information about these utilities, refer to the lscpu(1) and chcpu(8) man pages.
Users of util-linux-ng are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.