[ubuntu/disco-proposed] ntfs-3g 1:2017.3.23AR.3-2ubuntu1 (Accepted)
Chris Coulson
chris.coulson at canonical.com
Thu Mar 21 17:45:13 UTC 2019
ntfs-3g (1:2017.3.23AR.3-2ubuntu1) disco; urgency=medium
* SECURITY UPDATE: Heap buffer overflow in /bin/ntfs-3g
- debian/patches/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch:
Fixed reporting an error when failed to build the mountpoint
- CVE-2019-9755
* Don't install /bin/ntfs-3g as setuid root. If administrators want to allow
unprivileged users to be able to mount NTFS images, they can restore this
functionality by changing the permissions of /bin/ntfs-3g with
dpkg-statoverride
- update debian/ntfs-3g.postinst
Date: Thu, 21 Mar 2019 15:26:13 +0000
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/ntfs-3g/1:2017.3.23AR.3-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 21 Mar 2019 15:26:13 +0000
Source: ntfs-3g
Architecture: source
Version: 1:2017.3.23AR.3-2ubuntu1
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Chris Coulson <chris.coulson at canonical.com>
Changes:
ntfs-3g (1:2017.3.23AR.3-2ubuntu1) disco; urgency=medium
.
* SECURITY UPDATE: Heap buffer overflow in /bin/ntfs-3g
- debian/patches/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch:
Fixed reporting an error when failed to build the mountpoint
- CVE-2019-9755
.
* Don't install /bin/ntfs-3g as setuid root. If administrators want to allow
unprivileged users to be able to mount NTFS images, they can restore this
functionality by changing the permissions of /bin/ntfs-3g with
dpkg-statoverride
- update debian/ntfs-3g.postinst
Checksums-Sha1:
45ae587c1ec94a63769a5b54900e6b4a7d14f2b9 2283 ntfs-3g_2017.3.23AR.3-2ubuntu1.dsc
e21ca84e074bdc36b43911bf6b0a180319810ba0 23092 ntfs-3g_2017.3.23AR.3-2ubuntu1.debian.tar.xz
662f196d39d002f8821f4878f1b6ca916aecfb6c 6501 ntfs-3g_2017.3.23AR.3-2ubuntu1_source.buildinfo
Checksums-Sha256:
f4a89fe9f821844364415c0f603079b183d5345cd95fed563dc3776f56d42dee 2283 ntfs-3g_2017.3.23AR.3-2ubuntu1.dsc
9aadec89260bda306f5bdb4cbf843e5d6412f2c5f1fb18f26e8250474eaf87d7 23092 ntfs-3g_2017.3.23AR.3-2ubuntu1.debian.tar.xz
1653fbb0d5f8f7aea536f16786b3ca4e5308377bfc31ac09491e7aeec1d1c22e 6501 ntfs-3g_2017.3.23AR.3-2ubuntu1_source.buildinfo
Files:
e9891166d9b109dc93e15e48ba214582 2283 otherosfs optional ntfs-3g_2017.3.23AR.3-2ubuntu1.dsc
f10b1bd93305d46a7618b8fe45634ddd 23092 otherosfs optional ntfs-3g_2017.3.23AR.3-2ubuntu1.debian.tar.xz
ebfe5c9157b43332b60e4b3f0f7fde7a 6501 otherosfs optional ntfs-3g_2017.3.23AR.3-2ubuntu1_source.buildinfo
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs at debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlyTzUAACgkQZWnYVadE
vpPZohAAsUWKFOHFtRRIOrewhdwobTV5CRL+g7E/jPIw2L9Gigy3ooa746/h5SGd
v+Mizi3rHZwLzQ5H0kaB+4tbWPYVL1WD/zoytGivi16zw25/z1uwPjeql4v1p19t
qH/FI/4K1p5t+uzMwdRay2we4vX/cNrh5oIth1n0VWFctPo7p32uhS7p64/9xfLD
KLvVa2hWjpN094V56TJCgHIm6vorW49O08zcj5gurDJMiDL7FOYJ1/VpxVhfyet7
4r7VWTL7CIrKg+Xc1Qk/vr8wayQCIlUZl2jEMzON913hQnYBsnChuxTnb6mxA85F
2iwf7upPK167FYSHAFq9KAIT7353YAM+dJVXIZu+YdJbxdATw+XRmj5qRsWCyvSG
nXzTZCGDRO8bz+mvg2skXXwwYWqfb8ujPys2Xmy3gqf49Ca+AOY/defmqXy1g677
BcvfMDDKcF6TLIDO6JxHi/ApG7E9SvF5mjCBlx2negDh5QKstYA8lWtyyUgvw6CW
5pv1aE4ncq12g4S1ZTPj8GKv/Qo5Rl/1RtF4UO5aJN0I1R0sW2rSz9HyZceZXJdn
Gt2LGsj812/FYsuAAttJXyYqLsrVineyiPWbBhOPvQCEVGrpa7JTl/WddkiykiHV
kMQvWEDzYm9LDYX38FgIQOLK/GlZkjemd30IJjlFhSjPOaYwREM=
=6qUH
-----END PGP SIGNATURE-----
More information about the Disco-changes
mailing list