Hi everyone, We have released nilfs-utils-2.0.14.
This release fixed a privilege escalation vulnerability found in mkfs.nilfs2. The problem comes from the fact that a Makefile of the utility package inadequately set suid bit, and it is highly recommended to upgrade to this version if you built tools from the sources on this site. Sorry for inconvenience. Users using a distro package do not suffer the problem because the suid bit is dropped in that case. Other changes are as follows: * fix a reported start-up failure of GC which occurs if nilfs is applied to a root filesystem. * add -p option to cleanerd which overrides protection period * make the invocation of badblocks from mkfs.nilfs2 safer * drop other suid bits for safety * drop suid/sgid in proper order when invoking cleaner * fix code checker warnings reported by Eric Sandeen The updated package is available at http://www.nilfs.org/en/download.html Thanks, Ryusuke Konishi _______________________________________________ users mailing list [email protected] https://www.nilfs.org/mailman/listinfo/users
