Security fixes: CVE-2026-53613 - mount(8) TOCTOU race on target path. CVE-2026-53612 - mount(8) TOCTOU race on post-mount owner/mode change. CVE-2026-53614 - mount(8) SUID bypass via LIBMOUNT_FORCE_MOUNT2. CVE-2026-27456 - mount(8) TOCTOU symlink attack via loop device (follow-up). libblkid: use-after-free in nested partition probing.
Link: https://www.kernel.org/pub/linux/utils/util-linux/v2.42/v2.42.2-ReleaseNotes Signed-off-by: Alexander Dahl <[email protected]> --- rules/util-linux.make | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rules/util-linux.make b/rules/util-linux.make index bf6817c2a..33e525820 100644 --- a/rules/util-linux.make +++ b/rules/util-linux.make @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_UTIL_LINUX) += util-linux # # Paths and names # -UTIL_LINUX_VERSION := 2.42.1 -UTIL_LINUX_SHA256 := 82e9158eb12a9b0b569d84e1687fed9dd18fe89ccd8ef5ac3427218a7c0d7f7f +UTIL_LINUX_VERSION := 2.42.2 +UTIL_LINUX_SHA256 := 03a05d3adf9602ef128f2da05b84b3205ce60c351e5737c0370f74000679ce8a UTIL_LINUX := util-linux-$(UTIL_LINUX_VERSION) UTIL_LINUX_SUFFIX := tar.xz UTIL_LINUX_BASENAME := v$(if $(filter 2,$(basename $(UTIL_LINUX_VERSION))),$(UTIL_LINUX_VERSION),$(basename $(UTIL_LINUX_VERSION))) -- 2.47.3
