Publishing details
Changelog
ntfs-3g (1:2017.3.23AR.3-3+deb10u2) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* Fix multiple issues (Closes: #1011770)
- Used a default usn when the former one cannot be retrieved
(CVE-2022-30788)
- Made sure there is no null character in an attribute name
(CVE-2022-30786)
- Avoided allocating and reading an attribute beyond its full size
(CVE-2022-30784)
- Made sure the client log data does not overflow from restart page
(CVE-2022-30789)
- Made sure there is no null character in an attribute name (bis)
(CVE-2022-30786)
- Fixed possible out-of-buffer condition in ntfsck (CVE-2021-46790)
- Fixed operation on little endian data (CVE-2022-30788)
- Returned an error code when the --help or --version options are
used (CVE-2022-30783)
- Hardened the checking of directory offset requested by a readdir
(CVE-2022-30785, CVE-2022-30787)
-- Salvatore Bonaccorso <email address hidden> Thu, 09 Jun 2022 14:43:42 +0200
Builds
Package files