Thanks, applied as f7c655564f624a8ba4385496a4cbf8252a8b9b09. Michael
[sent from post-receive hook] On Thu, 25 Jun 2026 21:23:32 +0200, Alexander Dahl <[email protected]> wrote: > Security fixes: > > CVE-2026-53613 - mount(8) TOCTOU race on target path. > CVE-2026-53612 - mount(8) TOCTOU race on post-mount owner/mode change. > CVE-2026-53614 - mount(8) SUID bypass via LIBMOUNT_FORCE_MOUNT2. > CVE-2026-27456 - mount(8) TOCTOU symlink attack via loop device (follow-up). > libblkid: use-after-free in nested partition probing. > > Link: > https://www.kernel.org/pub/linux/utils/util-linux/v2.42/v2.42.2-ReleaseNotes > Signed-off-by: Alexander Dahl <[email protected]> > Message-Id: <[email protected]> > Signed-off-by: Michael Olbrich <[email protected]> > > diff --git a/rules/util-linux.make b/rules/util-linux.make > index bf6817c2a565..33e5258209a2 100644 > --- a/rules/util-linux.make > +++ b/rules/util-linux.make > @@ -15,8 +15,8 @@ PACKAGES-$(PTXCONF_UTIL_LINUX) += util-linux > # > # Paths and names > # > -UTIL_LINUX_VERSION := 2.42.1 > -UTIL_LINUX_SHA256 := > 82e9158eb12a9b0b569d84e1687fed9dd18fe89ccd8ef5ac3427218a7c0d7f7f > +UTIL_LINUX_VERSION := 2.42.2 > +UTIL_LINUX_SHA256 := > 03a05d3adf9602ef128f2da05b84b3205ce60c351e5737c0370f74000679ce8a > UTIL_LINUX := util-linux-$(UTIL_LINUX_VERSION) > UTIL_LINUX_SUFFIX := tar.xz > UTIL_LINUX_BASENAME := v$(if $(filter 2,$(basename > $(UTIL_LINUX_VERSION))),$(UTIL_LINUX_VERSION),$(basename > $(UTIL_LINUX_VERSION)))
