Change logs for ntfs-3g source package in Impish
-
ntfs-3g (1:2017.3.23AR.3-3ubuntu5.1) impish-security; urgency=medium * SECURITY UPDATE: heap buffer overflow in ntfsck - debian/patches/CVE-2021-46790.patch: properly handle error in ntfsprogs/ntfsck.c. - CVE-2021-46790 * SECURITY UPDATE: traffic interception via incorrect return code - debian/patches/CVE-2022-30783.patch: return proper error code in libfuse-lite/mount.c, src/ntfs-3g_common.c, src/ntfs-3g_common.h. - CVE-2022-30783 * SECURITY UPDATE: heap exhaustion via invalid NTFS image - debian/patches/CVE-2022-30784.patch: Avoid allocating and reading an attribute beyond its full size in libntfs-3g/attrib.c. - CVE-2022-30784 * SECURITY UPDATE: arbitrary memory access via fuse - debian/patches/CVE-2022-30785_30787.patch: check directory offset in libfuse-lite/fuse.c. - CVE-2022-30785 - CVE-2022-30787 * SECURITY UPDATE: heap overflow via ntfs attribute names - debian/patches/CVE-2022-30786-1.patch: make sure there is no null character in an attribute name in libntfs-3g/attrib.c. - debian/patches/CVE-2022-30786-2.patch: make sure there is no null character in an attribute name in libntfs-3g/attrib.c. - CVE-2022-30786 * SECURITY UPDATE: heap buffer overflow via crafted NTFS image - debian/patches/CVE-2022-30788-1.patch: use a default usn when the former one cannot be retrieved in libntfs-3g/mft.c. - debian/patches/CVE-2022-30788-2.patch: fix operation on little endian data in libntfs-3g/mft.c. - CVE-2022-30788 * SECURITY UPDATE: heap buffer overflow via crafted NTFS image - debian/patches/CVE-2022-30789.patch: make sure the client log data does not overflow from restart page in libntfs-3g/logfile.c. - CVE-2022-30789 -- Marc Deslauriers <email address hidden> Mon, 06 Jun 2022 14:08:38 -0400
-
ntfs-3g (1:2017.3.23AR.3-3ubuntu5) impish; urgency=medium * SECURITY UPDATE: multiple security issues - debian/patches/aug2021-security.patch: backport fixes from new upstream version. - CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263 -- Marc Deslauriers <email address hidden> Mon, 23 Aug 2021 09:10:28 -0400
-
ntfs-3g (1:2017.3.23AR.3-3ubuntu4) hirsute; urgency=medium * No-change rebuild to drop the udeb package. -- Matthias Klose <email address hidden> Thu, 25 Feb 2021 06:59:05 +0100