!358 revert community patches

From: @hugel 
Reviewed-by: @jiayi0118 
Signed-off-by: @jiayi0118

backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch

@@ -0,0 +1,28 @@
+From 72f801dbcd99bc1dcbfdb0bf8e1f5d2f1ad753c6 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Mon, 24 Jun 2024 09:46:37 +0200
+Subject: [PATCH] cfdisk: fix possible integer overflow [coverity scan]
+
+Signed-off-by: Karel Zak <kzak@redhat.com>
+Reference:https://github.com/util-linux/util-linux/commit/72f801dbcd99bc1dcbfdb0bf8e1f5d2f1ad753c6
+Conflict:NA
+---
+ disk-utils/cfdisk.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/disk-utils/cfdisk.c b/disk-utils/cfdisk.c
+index 7b619296..2e0aada4 100644
+--- a/disk-utils/cfdisk.c
++++ b/disk-utils/cfdisk.c
+@@ -1733,6 +1733,8 @@ static int ui_table_goto(struct cfdisk *cf, int where)
+ 
+ 	if (where < 0)
+ 		where = 0;
++	if (!nparts)
++		where = 0;
+ 	else if ((size_t) where > nparts - 1)
+ 		where = nparts - 1;
+ 
+-- 
+2.33.0
+

backport-dmesg-fix-notime-use.patch

@@ -0,0 +1,51 @@
+From ddb558e87f96aac76c7d38701e61e89583d651a5 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Mon, 3 Feb 2025 11:29:44 +0100
+Subject: [PATCH] dmesg: fix --notime use
+
+The --notime command line option disables parsing of timestamps from
+kmsg. This is a bug because the timestamps can be used for operations
+other than just output. For example, they can be used for filters like
+--since (dmesg --since '1 day ago' --notime).
+
+Addresses: https://github.com/util-linux/util-linux/issues/3392
+Signed-off-by: Karel Zak <kzak@redhat.com>
+
+Reference:https://github.com/util-linux/util-linux/commit/ddb558e87f96aac76c7d38701e61e89583d651a5
+Conflict:context adapt
+---
+ sys-utils/dmesg.c | 11 ++---------
+ 1 file changed, 2 insertions(+), 9 deletions(-)
+
+diff --git a/sys-utils/dmesg.c b/sys-utils/dmesg.c
+index 5c58010..3c883a8 100644
+--- a/sys-utils/dmesg.c
++++ b/sys-utils/dmesg.c
+@@ -752,11 +752,7 @@ static int get_next_syslog_record(struct dmesg_control *ctl,
+ 		if (*begin == '[' && (*(begin + 1) == ' ' ||
+ 				      isdigit(*(begin + 1)))) {
+ 
+-			if (!is_timefmt(ctl, NONE))
+-				begin = parse_syslog_timestamp(begin + 1, &rec->tv);
+-			else
+-				begin = skip_item(begin, end, "]");
+-
++			begin = parse_syslog_timestamp(begin + 1, &rec->tv);
+ 			if (begin < end && *begin == ' ')
+ 				begin++;
+ 		}
+@@ -1205,10 +1201,7 @@ static int parse_kmsg_record(struct dmesg_control *ctl,
+ 		goto mesg;
+ 
+ 	/* C) timestamp */
+-	if (is_timefmt(ctl, NONE))
+-		p = skip_item(p, end, ",;");
+-	else
+-		p = parse_kmsg_timestamp(p, &rec->tv);
++	p = parse_kmsg_timestamp(p, &rec->tv);
+ 	if (LAST_KMSG_FIELD(p))
+ 		goto mesg;
+ 
+-- 
+2.33.0
+

backport-libblkid-apfs-validate-checksums.patch

@@ -0,0 +1,75 @@
+From 2011a616aa533c336f9242f25017ce7043557e4c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
+Date: Tue, 6 Aug 2024 19:07:48 +0200
+Subject: [PATCH] libblkid: apfs: validate checksums
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The apfs superblock contains a checksum based on Fletcher-64.
+Validate the checksum to make the probing more robust.
+
+Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
+Reference:https://github.com/util-linux/util-linux/commit/2011a616aa533c336f9242f25017ce7043557e4c
+Conflict:NA
+---
+ libblkid/src/superblocks/apfs.c | 36 ++++++++++++++++++++++++++++++++-
+ 1 file changed, 35 insertions(+), 1 deletion(-)
+
+diff --git a/libblkid/src/superblocks/apfs.c b/libblkid/src/superblocks/apfs.c
+index b7f09f33..4557abcb 100644
+--- a/libblkid/src/superblocks/apfs.c
++++ b/libblkid/src/superblocks/apfs.c
+@@ -35,7 +35,38 @@ struct apfs_super_block {
+ 	uint64_t read_only_features;
+ 	uint64_t incompatible_features;
+ 	uint8_t uuid[16];
+-};
++
++	uint8_t padding[4008]; // Pad to 4096 bytes for checksum
++} __attribute__((packed));
++
++static uint64_t apfs_fletcher64(const uint8_t *buf, size_t size)
++{
++	uint64_t lo32 = 0, hi32 = 0, csum_hi;
++	uint32_t csum_low;
++	size_t i;
++
++	for (i = 0; i < size / 4; i++) {
++		lo32 += le32_to_cpu(((uint32_t *)buf)[i]);
++		hi32 += lo32;
++	}
++
++	csum_low = ~((lo32 + hi32) % UINT32_MAX);
++	csum_hi = ~((lo32 + csum_low) % UINT32_MAX);
++
++	return csum_hi << 32 | csum_low;
++}
++
++static int apfs_verify_checksum(blkid_probe pr,
++				const struct apfs_super_block *sb)
++{
++	const size_t csummed_start_offset = offsetof(__typeof__(*sb), oid);
++	uint64_t csum;
++
++	csum = apfs_fletcher64(((const uint8_t *)sb) + csummed_start_offset,
++			       sizeof(*sb) - csummed_start_offset);
++
++	return blkid_probe_verify_csum(pr, csum, le64_to_cpu(sb->checksum));
++}
+ 
+ static int probe_apfs(blkid_probe pr, const struct blkid_idmag *mag)
+ {
+@@ -45,6 +76,9 @@ static int probe_apfs(blkid_probe pr, const struct blkid_idmag *mag)
+ 	if (!sb)
+ 		return errno ? -errno : BLKID_PROBE_NONE;
+ 
++	if (!apfs_verify_checksum(pr, sb))
++		return BLKID_PROBE_NONE;
++
+ 	if (le16_to_cpu(sb->type) != APFS_CONTAINER_SUPERBLOCK_TYPE)
+ 		return BLKID_PROBE_NONE;
+ 
+-- 
+2.33.0
+

backport-libblkid-fix-potential-memory-leaks.patch

@@ -0,0 +1,59 @@
+From dfe1c4bc742ed3f53c06bb232ebc1f5fadd0881e Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Mon, 13 Jan 2025 11:26:06 +0100
+Subject: [PATCH] libblkid: fix potential memory leaks
+
+Addresses: https://github.com/util-linux/util-linux/pull/3356
+Signed-off-by: Karel Zak <kzak@redhat.com>
+
+Reference:https://github.com/util-linux/util-linux/commit/dfe1c4bc742ed3f53c06bb232ebc1f5fadd0881e
+Conflict:NA
+---
+ libblkid/src/save.c | 10 ++++++----
+ 1 file changed, 6 insertions(+), 4 deletions(-)
+
+diff --git a/libblkid/src/save.c b/libblkid/src/save.c
+index 1a617c07..295924e1 100644
+--- a/libblkid/src/save.c
++++ b/libblkid/src/save.c
+@@ -109,7 +109,8 @@ int blkid_flush_cache(blkid_cache cache)
+ 		    && errno != EEXIST) {
+ 			DBG(SAVE, ul_debug("can't create %s directory for cache file",
+ 					BLKID_RUNTIME_DIR));
+-			return 0;
++			ret = 0;
++			goto done;
+ 		}
+ 	}
+ 
+@@ -117,7 +118,8 @@ int blkid_flush_cache(blkid_cache cache)
+ 	if (((ret = stat(filename, &st)) < 0 && errno != ENOENT) ||
+ 	    (ret == 0 && access(filename, W_OK) < 0)) {
+ 		DBG(SAVE, ul_debug("can't write to cache file %s", filename));
+-		return 0;
++		ret = 0;
++		goto done;
+ 	}
+ 
+ 	/*
+@@ -154,7 +156,7 @@ int blkid_flush_cache(blkid_cache cache)
+ 
+ 	if (!file) {
+ 		ret = errno;
+-		goto errout;
++		goto done;
+ 	}
+ 
+ 	list_for_each(p, &cache->bic_devs) {
+@@ -201,7 +203,7 @@ int blkid_flush_cache(blkid_cache cache)
+ 		}
+ 	}
+ 
+-errout:
++done:
+ 	free(tmp);
+ 	if (filename != cache->bic_filename)
+ 		free(filename);
+-- 
+2.33.0
+

backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch

@@ -0,0 +1,44 @@
+From 57714290bdc99cab533edbc4a021d6ee3a7cc211 Mon Sep 17 00:00:00 2001
+From: zhangyao <zhangyao108@huawei.com>
+Date: Thu, 4 Jul 2024 16:28:51 +0800
+Subject: [PATCH] lsmem: make lsmem to check for the nodes more robust
+
+See #3110.
+Reference:https://github.com/util-linux/util-linux/commit/57714290bdc99cab533edbc4a021d6ee3a7cc211
+Conflict:NA
+---
+ sys-utils/lsmem.c | 11 +++++++++--
+ 1 file changed, 9 insertions(+), 2 deletions(-)
+
+diff --git a/sys-utils/lsmem.c b/sys-utils/lsmem.c
+index 3b5ca19a0..7c1be8e83 100644
+--- a/sys-utils/lsmem.c
++++ b/sys-utils/lsmem.c
+@@ -485,6 +485,7 @@ static int memory_block_filter(const struct dirent *de)
+ static void read_basic_info(struct lsmem *lsmem)
+ {
+ 	char dir[PATH_MAX];
++	int i = 0;
+ 
+ 	if (ul_path_access(lsmem->sysmem, F_OK, "block_size_bytes") != 0)
+ 		errx(EXIT_FAILURE, _("This system does not support memory blocks"));
+@@ -495,8 +496,14 @@ static void read_basic_info(struct lsmem *lsmem)
+ 	if (lsmem->ndirs <= 0)
+ 		err(EXIT_FAILURE, _("Failed to read %s"), dir);
+ 
+-	if (memory_block_get_node(lsmem, lsmem->dirs[0]->d_name) != -1)
+-		lsmem->have_nodes = 1;
++	for (i = 0; i < lsmem->ndirs; i++)
++	{
++		if (memory_block_get_node(lsmem, lsmem->dirs[i]->d_name) != -1)
++		{
++			lsmem->have_nodes = 1;
++			break;
++		}
++	}
+ 
+ 	/* The valid_zones sysmem attribute was introduced with kernel 3.18 */
+ 	if (ul_path_access(lsmem->sysmem, F_OK, "memory0/valid_zones") == 0)
+-- 
+2.33.0
+

backport-more-make-sure-we-have-data-on-stderr.patch

@@ -0,0 +1,97 @@
+From 640b9480bd3efc0f4bc7f38a785d02cda70ec5c3 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Thu, 22 Aug 2024 08:56:52 +0200
+Subject: [PATCH] more: make sure we have data on stderr
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+more(1) uses more_poll() to monitor data on stdin, stderr, and
+signals. It is used before read_command(), but this function only
+reads from stderr. Therefore, if any other non-stderr event occurs,
+this function will wait on read(). In this case, more(1) will not
+react to signals anymore. We need to ensure that more(1) only waits in
+more_poll().
+
+Try
+
+ for x in {1..1000}; do echo "line $x"; done | more
+
+to reproduce.
+
+Reported-by: Radka Skvarilova <rskvaril@redhat.com>
+Signed-off-by: Karel Zak <kzak@redhat.com>
+Reference:https://github.com/util-linux/util-linux/commit/640b9480bd3efc0f4bc7f38a785d02cda70ec5c3
+Conflict:NA
+---
+ text-utils/more.c | 18 +++++++++++++-----
+ 1 file changed, 13 insertions(+), 5 deletions(-)
+
+diff --git a/text-utils/more.c b/text-utils/more.c
+index 4c225331..953e94db 100644
+--- a/text-utils/more.c
++++ b/text-utils/more.c
+@@ -1350,7 +1350,7 @@ static void read_line(struct more_control *ctl)
+ }
+ 
+ /* returns: 0 timeout or nothing; <0 error, >0 success */
+-static int more_poll(struct more_control *ctl, int timeout)
++static int more_poll(struct more_control *ctl, int timeout, int *stderr_active)
+ {
+ 	enum {
+ 		POLLFD_SIGNAL = 0,
+@@ -1364,6 +1364,9 @@ static int more_poll(struct more_control *ctl, int timeout)
+ 	};
+ 	int has_data = 0;
+ 
++	if (stderr_active)
++		*stderr_active = 0;
++
+ 	while (!has_data) {
+ 		int rc;
+ 
+@@ -1430,8 +1433,11 @@ static int more_poll(struct more_control *ctl, int timeout)
+ 		}
+ 
+ 		/* event on stderr (we reads user commands from stderr!) */
+-		if (pfd[POLLFD_STDERR].revents)
++		if (pfd[POLLFD_STDERR].revents) {
+ 			has_data++;
++			if (stderr_active)
++				*stderr_active = 1;
++		}
+ 	}
+ 
+ 	return has_data;
+@@ -1502,7 +1508,7 @@ static void search(struct more_control *ctl, char buf[], int n)
+ 			}
+ 			break;
+ 		}
+-		more_poll(ctl, 0);
++		more_poll(ctl, 0, NULL);
+ 	}
+ 	/* Move ctrl+c signal handling back to more_key_command(). */
+ 	signal(SIGINT, SIG_DFL);
+@@ -1656,7 +1662,7 @@ static int skip_forwards(struct more_control *ctl, int nlines, cc_t comchar)
+ static int more_key_command(struct more_control *ctl, char *filename)
+ {
+ 	int retval = 0;
+-	int done = 0, search_again = 0;
++	int done = 0, search_again = 0, stderr_active = 0;
+ 	char cmdbuf[INIT_BUF];
+ 	struct number_command cmd;
+ 
+@@ -1666,7 +1672,9 @@ static int more_key_command(struct more_control *ctl, char *filename)
+ 		ctl->report_errors = 0;
+ 	ctl->search_called = 0;
+ 	for (;;) {
+-		if (more_poll(ctl, -1) <= 0)
++		if (more_poll(ctl, -1, &stderr_active) <= 0)
++			continue;
++		if (stderr_active == 0)
+ 			continue;
+ 		cmd = read_command(ctl);
+ 		if (cmd.key == more_kc_unknown_command)
+-- 
+2.33.0
+

backport-setpriv.c-fix-memory-leak-in-parse_groups-function.patch

@@ -0,0 +1,37 @@
+From f5bd825b9c187000d621f65af08b23a945a6cad8 Mon Sep 17 00:00:00 2001
+From: AntonMoryakov <ant.v.moryakov@gmail.com>
+Date: Thu, 16 Jan 2025 19:24:20 +0300
+Subject: [PATCH] setpriv.c: fix memory leak in parse_groups function
+
+The static analyzer flagged a memory leak in the parse_groups function.
+The memory allocated for 'buf' (via xstrdup) was not freed at the end
+of the function, leading to a memory leak.
+
+Changes:
+- Added free(buf) at the end of the function to release allocated memory.
+
+Triggers found by static analyzer Svace.
+
+Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
+Reference:https://github.com/util-linux/util-linux/commit/f5bd825b9c187000d621f65af08b23a945a6cad8
+Conflict:NA
+---
+ sys-utils/setpriv.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
+index 87299a10..90784554 100644
+--- a/sys-utils/setpriv.c
++++ b/sys-utils/setpriv.c
+@@ -448,7 +448,7 @@ static void parse_groups(struct privctx *opts, const char *str)
+ 	while ((c = strsep(&groups, ",")))
+ 		opts->groups[i++] = get_group(c, _("Invalid supplementary group id"));
+ 
+-	free(groups);
++	free(buf);
+ }
+ 
+ static void parse_pdeathsig(struct privctx *opts, const char *str)
+-- 
+2.33.0
+

backport-sulogin-fix-POSIX-locale-use.patch

@@ -0,0 +1,52 @@
+From aa11f9a2e163a57455255b03a03bf841cbf5be72 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Thu, 16 Jan 2025 13:14:43 +0100
+Subject: [PATCH] sulogin: fix POSIX locale use
+
+In some cases, sulogin can set LC_CTYPE="POSIX" while retaining the
+original LC_MESSAGES. In this scenario, the gettext() function may not
+work as intended and sulogin returns "???" (for example for
+ja_JP.UTF-8). GNU gettext FAQ:
+
+ This symptom occurs when the LC_CTYPE facet of the locale is not set;
+ then gettext() doesn't know which character set to use, and converts
+ all messages to ASCII, as far as possible.
+
+Addresses: https://issues.redhat.com/browse/RHEL-56983
+Addresses: https://github.com/util-linux/util-linux/issues/2185
+Signed-off-by: Karel Zak <kzak@redhat.com>
+
+Reference:https://github.com/util-linux/util-linux/commit/aa11f9a2e163a57455255b03a03bf841cbf5be72
+Conflict:NA
+---
+ login-utils/sulogin.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/login-utils/sulogin.c b/login-utils/sulogin.c
+index d2241396..77fc5b20 100644
+--- a/login-utils/sulogin.c
++++ b/login-utils/sulogin.c
+@@ -313,6 +313,7 @@ static void tcinit(struct console *con)
+ 		}
+ 
+ 		setlocale(LC_CTYPE, "POSIX");
++		setlocale(LC_MESSAGES, "POSIX");
+ 		goto setattr;
+ 	}
+ #if defined(IUTF8) && defined(KDGKBMODE)
+@@ -327,10 +328,12 @@ static void tcinit(struct console *con)
+ 	case K_XLATE:
+ 	default:
+ 		setlocale(LC_CTYPE, "POSIX");
++		setlocale(LC_MESSAGES, "POSIX");
+ 		break;
+ 	}
+ #else
+ 	setlocale(LC_CTYPE, "POSIX");
++	setlocale(LC_MESSAGES, "POSIX");
+ #endif
+ 	reset_virtual_console(tio, flags);
+ setattr:
+-- 
+2.33.0
+

backport-sys-utils-fix-add-NULL-check-for-mnt_fs_get_target-r.patch

@@ -0,0 +1,41 @@
+From 0fabec8c7fda554b79327d8713352e7a07539895 Mon Sep 17 00:00:00 2001
+From: AntonMoryakov <ant.v.moryakov@gmail.com>
+Date: Tue, 14 Jan 2025 18:06:49 +0300
+Subject: [PATCH] sys-utils: fix add NULL check for mnt_fs_get_target return
+ value
+
+The static analyzer flagged a potential issue: the return value of
+mnt_fs_get_target(fs) could be NULL, but it was dereferenced without
+a check. This could lead to undefined behavior.
+
+Added a NULL check before using the tgt pointer. If tgt is NULL,
+the current iteration is skipped.
+
+ChanChanges:
+- Added if (!tgt) check before using tgt.
+
+Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
+
+Reference:https://github.com/util-linux/util-linux/commit/0fabec8c7fda554b79327d8713352e7a07539895
+Conflict:NA
+---
+ sys-utils/lsns.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/sys-utils/lsns.c b/sys-utils/lsns.c
+index 500bc013..93bbd758 100644
+--- a/sys-utils/lsns.c
++++ b/sys-utils/lsns.c
+@@ -1132,6 +1132,9 @@ static int nsfs_xasputs(char **str,
+ 
+ 		const char *tgt = mnt_fs_get_target(fs);
+ 
++		if(!tgt)
++			continue;
++
+ 		if (!*str)
+ 			xasprintf(str, "%s", tgt);
+ 
+-- 
+2.33.0
+

backport-sys-utils-save_adjtime-fix-memory-leak.patch

@@ -0,0 +1,42 @@
+From 4e4fd6a5fc84b8dc172e1ea67b28064c67376d1a Mon Sep 17 00:00:00 2001
+From: Maks Mishin <maks.mishinFZ@gmail.com>
+Date: Thu, 17 Oct 2024 07:14:26 +0300
+Subject: [PATCH] sys-utils: (save_adjtime): fix memory leak
+
+Dynamic memory, referenced by 'content', is allocated by calling function 'xasprintf'
+and lost when function returns.
+
+Found by the static analyzer Svace.
+Reference:https://github.com/util-linux/util-linux/commit/4e4fd6a5fc84b8dc172e1ea67b28064c67376d1a
+Conflict:NA
+---
+ sys-utils/hwclock.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/sys-utils/hwclock.c b/sys-utils/hwclock.c
+index cea249eb..9e3a957a 100644
+--- a/sys-utils/hwclock.c
++++ b/sys-utils/hwclock.c
+@@ -917,6 +917,7 @@ static int save_adjtime(const struct hwclock_control *ctl,
+ 		fp = fopen(ctl->adj_file_name, "w");
+ 		if (fp == NULL) {
+ 			warn(_("cannot open %s"), ctl->adj_file_name);
++			free(content);
+ 			return EXIT_FAILURE;
+ 		}
+ 
+@@ -925,9 +926,11 @@ static int save_adjtime(const struct hwclock_control *ctl,
+ 
+ 		if (rc) {
+ 			warn(_("cannot update %s"), ctl->adj_file_name);
++			free(content);
+ 			return EXIT_FAILURE;
+ 		}
+ 	}
++	free(content);
+ 	return EXIT_SUCCESS;
+ }
+ 
+-- 
+2.33.0
+

backport-sys-utils-setpriv-fix-potential-memory-leak.patch

@@ -0,0 +1,39 @@
+From 8f15d94a21cbc6886bdf2474e6e1bb507cab1149 Mon Sep 17 00:00:00 2001
+From: Maks Mishin <maks.mishinFZ@gmail.com>
+Date: Thu, 10 Oct 2024 20:23:49 +0300
+Subject: [PATCH] sys-utils: (setpriv): fix potential memory leak
+
+Dynamic memory, referenced by 'buf' is allocated by calling function 'xstrdup'
+add then changed by calling of strsep function.
+The free(buf) call is incorrect if buf != NULL, and points to some
+place inside or outside the source string.
+Reference:https://github.com/util-linux/util-linux/commit/8f15d94a21cbc6886bdf2474e6e1bb507cab1149
+Conflict:NA
+---
+ sys-utils/setpriv.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
+index bd188e4d..5899552d 100644
+--- a/sys-utils/setpriv.c
++++ b/sys-utils/setpriv.c
+@@ -578,6 +578,7 @@ static void do_caps(enum cap_type type, const char *caps)
+ static void parse_securebits(struct privctx *opts, const char *arg)
+ {
+ 	char *buf = xstrdup(arg);
++	char *source_buf = buf;
+ 	char *c;
+ 
+ 	opts->have_securebits = 1;
+@@ -631,7 +632,7 @@ static void parse_securebits(struct privctx *opts, const char *arg)
+ 
+ 	opts->securebits |= SECBIT_KEEP_CAPS;	/* We need it, and it's reset on exec */
+ 
+-	free(buf);
++	free(source_buf);
+ }
+ 
+ static void do_selinux_label(const char *label)
+-- 
+2.33.0
+

backport-whereis-avoid-accessing-uninitialized-memory.patch

@@ -0,0 +1,27 @@
+From 7e06d474b17b9b74aa8e4b8a42ab394c1f80b1fd Mon Sep 17 00:00:00 2001
+From: xiovwx <xiovwx@gmail.com>
+Date: Thu, 23 Jan 2025 11:06:27 +0000
+Subject: [PATCH] whereis: avoid accessing uninitialized memory
+
+Reference:https://github.com/util-linux/util-linux/commit/7e06d474b17b9b74aa8e4b8a42ab394c1f80b1fd
+Conflict:NA
+---
+ misc-utils/whereis.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/misc-utils/whereis.c b/misc-utils/whereis.c
+index a35c1dff..b575e57a 100644
+--- a/misc-utils/whereis.c
++++ b/misc-utils/whereis.c
+@@ -471,7 +471,7 @@ static void findin(const char *dir, const char *pattern, int *count,
+ 
+ static void lookup(const char *pattern, struct wh_dirlist *ls, int want)
+ {
+-	char patbuf[PATH_MAX];
++	char patbuf[PATH_MAX] = { 0 };
+ 	int count = 0;
+ 	char *wait = NULL, *p;
+ 
+-- 
+2.33.0
+

mkfs.bfs-fix-memory-leaks-and-weak-code.patch

@@ -0,0 +1,98 @@
+From 2c6ce1240f118a2d00ad93060da409c3995b7f67 Mon Sep 17 00:00:00 2001
+From: Karel Zak <kzak@redhat.com>
+Date: Tue, 1 Apr 2025 15:54:07 +0200
+Subject: [PATCH] mkfs.bfs: fix memory leaks and weak code
+
+---
+ disk-utils/mkfs.bfs.c | 34 ++++++++++++++++++++++------------
+ 1 file changed, 22 insertions(+), 12 deletions(-)
+
+diff --git a/disk-utils/mkfs.bfs.c b/disk-utils/mkfs.bfs.c
+index 54d261b..71e8b6b 100644
+--- a/disk-utils/mkfs.bfs.c
++++ b/disk-utils/mkfs.bfs.c
+@@ -93,19 +93,23 @@ static void __attribute__((__noreturn__)) usage(void)
+ 
+ int main(int argc, char **argv)
+ {
+-	char *device, *volume, *fsname;
++	char *device, *volume = NULL, *fsname = NULL;
+ 	long inodes;
+ 	unsigned long long total_blocks, ino_bytes, ino_blocks, data_blocks;
+ 	unsigned long long user_specified_total_blocks = 0;
+ 	int verbose = 0;
+ 	int fd;
+ 	uint32_t first_block;
+-	struct bfssb sb;
+ 	struct bfsi ri;
+ 	struct bfsde de;
+ 	struct stat statbuf;
+ 	time_t now;
+-	int c, i, len;
++	int c, i;
++	size_t len;
++	struct bfssb sb = {
++		.s_fsname = "\x20\x20\x20\x20\x20\x20",
++		.s_volume = "\x20\x20\x20\x20\x20\x20"
++	};
+ 
+ 	enum { VERSION_OPTION = CHAR_MAX + 1 };
+ 	static const struct option longopts[] = {
+@@ -130,7 +134,6 @@ int main(int argc, char **argv)
+ 	if (argc == 2 && !strcmp(argv[1], "-V"))
+ 		print_version(EXIT_SUCCESS);
+ 
+-	volume = fsname = "      ";	/* is there a default? */
+ 	inodes = 0;
+ 
+ 	while ((c = getopt_long(argc, argv, "N:V:F:vhcl", longopts, NULL)) != -1) {
+@@ -140,17 +143,21 @@ int main(int argc, char **argv)
+ 			break;
+ 
+ 		case 'V':
++			if (volume)
++				errx(EXIT_FAILURE, _("more than one volume"));
+ 			len = strlen(optarg);
+-			if (len <= 0 || len > 6)
++			if (!len || len > sizeof(sb.s_volume))
+ 				errx(EXIT_FAILURE, _("volume name too long"));
+-			volume = xstrdup(optarg);
++			volume = optarg;
+ 			break;
+ 
+ 		case 'F':
++			if (fsname)
++				errx(EXIT_FAILURE, _("more than one fsname"));
+ 			len = strlen(optarg);
+-			if (len <= 0 || len > 6)
++			if (!len || len > sizeof(sb.s_fsname))
+ 				errx(EXIT_FAILURE, _("fsname name too long"));
+-			fsname = xstrdup(optarg);
++			fsname = optarg;
+ 			break;
+ 
+ 		case 'v':
+@@ -233,13 +240,16 @@ int main(int argc, char **argv)
+ 	sb.s_start = cpu_to_le32(ino_bytes + sizeof(struct bfssb));
+ 	sb.s_end = cpu_to_le32(total_blocks * BFS_BLOCKSIZE - 1);
+ 	sb.s_from = sb.s_to = sb.s_backup_from = sb.s_backup_to = -1;
+-	memcpy(sb.s_fsname, fsname, 6);
+-	memcpy(sb.s_volume, volume, 6);
++
++	if (fsname)
++		str2memcpy(sb.s_fsname, fsname, sizeof(sb.s_fsname));
++	if (volume)
++		str2memcpy(sb.s_volume, volume, sizeof(sb.s_volume));
+ 
+ 	if (verbose) {
+ 		fprintf(stderr, _("Device: %s\n"), device);
+-		fprintf(stderr, _("Volume: <%-6s>\n"), volume);
+-		fprintf(stderr, _("FSname: <%-6s>\n"), fsname);
++		fprintf(stderr, _("Volume: <%.6s>\n"), sb.s_volume);
++		fprintf(stderr, _("FSname: <%.6s>\n"), sb.s_fsname);
+ 		fprintf(stderr, _("BlockSize: %d\n"), BFS_BLOCKSIZE);
+ 		if (ino_blocks == 1)
+ 			fprintf(stderr, _("Inodes: %ld (in 1 block)\n"),
+-- 
+2.20.1
+

util-linux.spec

@@ -3,7 +3,7 @@
 
 Name:           util-linux
 Version:        2.37.2
-Release:        37
+Release:        42
 Summary:        A random collection of Linux utilities
 License:        GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain
 URL:            https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git
@@ -155,6 +155,18 @@ Patch6133:      backport-wall-fix-possible-memory-leak.patch
 Patch6134:      backport-wall-make-sure-unsigned-variable-not-underflow.patch
 Patch6135:      backport-Fix-ul_path_read_buffer.patch
 Patch6136:	backport-login-su-pam_end-compliance.patch
+Patch6137:      backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch
+Patch6138:      backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch
+Patch6139:      backport-more-make-sure-we-have-data-on-stderr.patch
+Patch6140:      backport-libblkid-apfs-validate-checksums.patch
+Patch6141:      backport-sys-utils-setpriv-fix-potential-memory-leak.patch
+Patch6142:      backport-sys-utils-save_adjtime-fix-memory-leak.patch
+Patch6143:      backport-libblkid-fix-potential-memory-leaks.patch
+Patch6144:      backport-sys-utils-fix-add-NULL-check-for-mnt_fs_get_target-r.patch
+Patch6145:      backport-sulogin-fix-POSIX-locale-use.patch
+Patch6146:      backport-setpriv.c-fix-memory-leak-in-parse_groups-function.patch
+Patch6147:      backport-whereis-avoid-accessing-uninitialized-memory.patch
+Patch6148:      backport-dmesg-fix-notime-use.patch
 
 Patch9000:      Add-check-to-resolve-uname26-version-test-failed.patch
 Patch9001:      SKIPPED-no-root-permissions-test.patch
@@ -163,6 +175,7 @@ Patch9002:      util-linux-Add-sw64-architecture.patch
 %endif
 Patch9003:      backport-uuidd-fix-open-lock-state-issue.patch
 Patch9004:      sfdisk-fix-crash-casued-by-out-of-bounds-access.patch
+Patch9005:      mkfs.bfs-fix-memory-leaks-and-weak-code.patch
 
 BuildRequires:  audit-libs-devel >= 1.0.6 gettext-devel libselinux-devel ncurses-devel pam-devel zlib-devel popt-devel
 BuildRequires:  libutempter-devel systemd-devel systemd libuser-devel libcap-ng-devel python3-devel gcc autoconf automake
@@ -533,6 +546,53 @@ fi
 %{_mandir}/man8/{swapoff.8*,swapon.8*,switch_root.8*,umount.8*,wdctl.8.gz,wipefs.8*,zramctl.8*}
 
 %changelog
+* Thu Apr 17 2025 hugel <gengqihu2@h-partners.com> - 2.37.2-42
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:revert community patches
+       [del] backport-libblkid-ext-add-checksum-support.patch
+       [del] backport-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch
+
+* Fri Apr 11 2025 zhangting <dev03303@linx-info.com> - 2.37.2-41
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: fix an issue that mkfs.bfs fix memory leak
+	mkfs.bfs-fix-memory-leaks-and-weak-code.patch
+
+* Mon Mar 03 2025 zhangyao <zhangyao108@huawei.com> - 2.37.2-40
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:sync community patches
+       [add] backport-libblkid-ext-add-checksum-support.patch
+       backport-libblkid-fix-spurious-ext-superblock-checksum-mismat.patch
+       backport-libblkid-fix-potential-memory-leaks.patch
+       backport-sys-utils-fix-add-NULL-check-for-mnt_fs_get_target-r.patch
+       backport-sulogin-fix-POSIX-locale-use.patch
+       backport-setpriv.c-fix-memory-leak-in-parse_groups-function.patch
+       backport-whereis-avoid-accessing-uninitialized-memory.patch
+       backport-dmesg-fix-notime-use.patch
+
+* Thu Dec 12 2024 zhangyao <zhangyao108@huawei.com> - 2.37.2-39
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:sync community patches
+       [add] backport-sys-utils-setpriv-fix-potential-memory-leak.patch
+       backport-sys-utils-save_adjtime-fix-memory-leak.patch
+
+* Mon Nov 04 2024 zhangyao <zhangyao108@huawei.com> - 2.37.2-38
+- Type:bugfix
+- CVE:NA
+- SUG:NA
+- DESC:sync community patches
+       [add]backport-lsmem-make-lsmem-to-check-for-the-nodes-more-robust.patch
+       backport-cfdisk-fix-possible-integer-overflow-coverity-scan.patch
+       backport-more-make-sure-we-have-data-on-stderr.patch
+       backport-libblkid-apfs-validate-checksums.patch
+
 * Mon Aug 5 2024 liyuzhe <liyuzhe@cqsoftware.com.cn> -  2.37.2-37
 - Fixed incorrect macro usage in summary fields of devel and help subpackages