id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
4145	util-linux v2.31-rc2	bdubbs@…	lfs-book@…	"Hold until stable 2.31 release.

Release Notes

The package build-system follows GNU Coding Standards and uses --runstatedir instead of --localstatedir. The default is /run. Please, review your distribution build scripts (spec files etc.) to be sure that this change does not introduce any regression to your distribution.

Release highlights

rfkill -- NEW COMMAND for enabling and disabling wireless devices. This new
implementation is based upon, and backward compatible with, the original rfkill
from Johannes Berg and Marcel Holtmann.

The command su has been refactored and extended to create pseudo terminal for
the session (new option --pty). This new EXPERIMENTAL feature provides better
isolation between root's terminal and an unprivileged su session.

uuidparse -- NEW COMMAND to provide variant and type details for input UUIDs.

The library libuuid and command uuidgen support hash-based UUIDs v3 (md5) and
v5 (sha1) as specified by RFC-4122. The library also provides UUID templates
for dns, url, oid, or x500.

The library libblkid has been extended to support DM-integrity, HPE (aka
extended-XFS) and UBI superblock. The library also provides a new API to hide
already detected signatures. This allows the gathering of all possible magic
string permutations for a device. For example, the command wipefs will now print
the complete list of all magic strings.

The library libfdisk provides a new API to modify grain (a size used for
partition calculations) and it is also possible to completely disable dialog
driven partitioning.

The library libsmartcols provides a new API to move columns. This new
functionality is available by ""column --table-order"" on the command line.

The command ""column --table-header-repeat"" allows repetition of table headers
according to terminal size.

The libfdisk has been extended to use BLKPG ioctls to inform the kernel about
changes. This means that cfdisk and fdisk will not force the kernel to reread
all of the partition table, but untouched partitions may remain mounted and used
by the system. The typical use-case is resizing the last partition on the system
disk.

The command cfdisk provides a new dialog to resize a partition.

The fdisk menu behavior on !^C and !^D has been improved to stop the current
operation and return to main menu rather than immediately terminating the fdisk
program.

The 'look' command now follows the WORDLIST environment variable (if specified)
to find the word list.

Almost all of the --help and --version outputs have been improved (thanks to
Ruediger Meier and others).

The 'script' command has been improved to follow the usual semantics for
stop/continue signals. It's possible to move a session to the background and
later back to the foreground (e.g. shell command ""fg"", etc.).

The setpriv command now supports ambient capabilities with the new command line
option --ambient-caps (thanks Patrick Steinhardt) and the new command line
option --init-groups allows initialization of supplementary groups (thanks to
Sebastian Schrader).

The hwclock command now significantly reduces system shutdown times by not
reading the RTC before setting it (except when the --update-drift option is
used). This also mitigates other potential shutdown and RTC setting problems
caused by requiring an RTC read.

The hwclock command now logs --systz when using libaudit. Also, for busybox
compatibility -l is now aliased to --localtime.

Security issues
CVE-2016-2779 

 The new experimental ""su --pty"" feature has been implemented to fix this issue.
 The feature is not enabled by default and the new command line option --pty is
 necessary.

 The classic way is to use setsid() to disable the ioctl TIOCSTI. Unfortunately,
 setsid() has well-defined use cases in su(1) and runuser(1) and any changes 
 would introduce regressions. The setsid() also does not fix core of the problem 
 that is terminal file descriptors shared between privileged and unprivileged
 sessions.
"	task	new	normal	8.2	Book	SVN	normal