Change logs for ntfs-3g source package in Kinetic

ntfs-3g (1:2022.5.17-1ubuntu1.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: code execution via incorrect validation of metadata
    - debian/patches/CVE-2022-40284-1.patch: rejected zero-sized runs in
      libntfs-3g/runlist.c.
    - debian/patches/CVE-2022-40284-2.patch: avoided merging runlists with
      no runs in libntfs-3g/runlist.c.
    - CVE-2022-40284

 -- Marc Deslauriers <email address hidden>  Tue, 01 Nov 2022 07:53:35 -0400

ntfs-3g (1:2022.5.17-1ubuntu1) kinetic; urgency=medium

  * Merge with Debian unstable. Remaining changes:
    - debian/ntfs-3g.postinst: don't install /bin/ntfs-3g as setuid root.
    - debian/control: don't Build-Depends on libfuse-dev since the package
      is built using the --with-fuse=internal option, switch to fuse3.

ntfs-3g (1:2022.5.17-1) unstable; urgency=high

  * New upstream release (closes: #1011770) fixing CVE-2021-46790,
    CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786,
    CVE-2022-30787, CVE-2022-30788 and CVE-2022-30789: these vulnerabilities
    may allow an attacker using a maliciously crafted NTFS-formatted image
    file or external storage to potentially execute arbitrary privileged code.

 -- Marc Deslauriers <email address hidden>  Tue, 07 Jun 2022 10:33:43 -0400

ntfs-3g (1:2021.8.22-3ubuntu1) jammy; urgency=medium

  * debian/control:
    - don't Build-Depends on libfuse-dev since the package is built using
      the --with-fuse=internal option, switch to fuse3

  [ Simon Chopin ]
  * Merge with Debian unstable (LP: #1951239). Remaining changes:
    + Don't install /bin/ntfs-3g as setuid root.
  * Dropped, merged upstream:
    + SECURITY UPDATE: multiple security issues
      debian/patches/aug2021-security.patch: backport fixes from new
      upstream version.
      - CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289,
        CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269,
        CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254,
        CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258,
        CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262,
        CVE-2021-39263

ntfs-3g (1:2021.8.22-3) unstable; urgency=medium

  * Backport upstream documentation updates.
  * Update homepage location (closes: #993989).
  * Update watch file.
  * Update Standards-Version to 4.6.0 .

ntfs-3g (1:2021.8.22-2) unstable; urgency=medium

  * Upload to Sid.

ntfs-3g (1:2021.8.22-1) experimental; urgency=high

  * New upstream release (closes: #988386) fixing CVE-2021-33285,
    CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286,
    CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251,
    CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255,
    CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259,
    CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263: multiple
    buffer overflows.
  * Library transition from libntfs-3g886 to libntfs-3g89 .

ntfs-3g (1:2017.3.23AR.6-1) experimental; urgency=medium

  * New upstream release.
  * Library transition from libntfs-3g885 to libntfs-3g886 .
  * Update debhelper level to 13 .
  * Update Standards-Version to 4.5.1 .

ntfs-3g (1:2017.3.23AR.5-1) experimental; urgency=medium

  * New upstream release.
  * Library transition from libntfs-3g884 to libntfs-3g885 .
  * Update Standards-Version to 4.5.0 .

ntfs-3g (1:2017.3.23AR.4-1) experimental; urgency=medium

  * New upstream release.
  * Prevent installation of hal/fdi/policy (closes: #913281).
  * Library transition from libntfs-3g883 to libntfs-3g884 .

 -- Sebastien Bacher <email address hidden>  Thu, 13 Jan 2022 15:38:10 +0100