util-linux: add patch for CVE-2017-2616

adds CVE-2017-2616.patch taken from upstream commit f1b8b84d3476ac910d922c63a50a4129adbaf584 to fix the corresponding security issue.

Closes: #5824 [via git-merge-pr]

srcpkgs/util-linux/patches/CVE-2017-2616.patch

@@ -0,0 +1,37 @@
+--- login-utils/su-common.c
++++ login-utils/su-common.c
+@@ -368,6 +368,9 @@ create_watching_parent (void)
+             }
+           else
+             status = WEXITSTATUS (status);
++
++	  /* child is gone, don't use the PID anymore */
++	  child = (pid_t) -1;
+         }
+       else if (caught_signal)
+         status = caught_signal + 128;
+@@ -377,7 +380,7 @@ create_watching_parent (void)
+   else
+     status = 1;
+ 
+-  if (caught_signal)
++  if (caught_signal && child != (pid_t)-1)
+     {
+       fprintf (stderr, _("\nSession terminated, killing shell..."));
+       kill (child, SIGTERM);
+@@ -387,9 +390,12 @@ create_watching_parent (void)
+ 
+   if (caught_signal)
+     {
+-      sleep (2);
+-      kill (child, SIGKILL);
+-      fprintf (stderr, _(" ...killed.\n"));
++      if (child != (pid_t)-1)
++	{
++	  sleep (2);
++	  kill (child, SIGKILL);
++	  fprintf (stderr, _(" ...killed.\n"));
++	}
+ 
+       /* Let's terminate itself with the received signal.
+        *

srcpkgs/util-linux/template

@@ -1,7 +1,7 @@
 # Template file for 'util-linux'
 pkgname=util-linux
 version=2.28.2
-revision=3
+revision=4
 short_desc="Miscellaneous linux utilities"
 maintainer="Juan RP <xtraeme@voidlinux.eu>"
 homepage="https://www.kernel.org/pub/linux/utils/util-linux/"