From: Karel Zak <kzak@redhat.com>
Date: Mon, 24 Jan 2022 09:08:27 +0000 (+0100)
Subject: docs: add v2.37.3-ReleaseNotes
X-Git-Tag: v2.37.3~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d4178c526bb2b3ea17c1a4d8fe9a56f77e3cc033;p=thirdparty%2Futil-linux.git

docs: add v2.37.3-ReleaseNotes

Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/Documentation/releases/v2.37.3-ReleaseNotes b/Documentation/releases/v2.37.3-ReleaseNotes
new file mode 100644
index 0000000000..f0dde289ea
--- /dev/null
+++ b/Documentation/releases/v2.37.3-ReleaseNotes
@@ -0,0 +1,13 @@
+util-linux 2.37.3 Release Notes
+===============================
+
+This release fixes two security mount(8) and umount(8) issues:
+
+CVE-2021-3996
+    Improper UID check in libmount allows an unprivileged user to unmount FUSE
+    filesystems of users with similar UID.
+
+CVE-2021-3995
+    This issue is related to parsing the /proc/self/mountinfo file allows an
+    unprivileged user to unmount other user's filesystems that are either
+    world-writable themselves or mounted in a world-writable directory.