[ubuntu/lucid-updates] e2fsprogs 1.41.11-1ubuntu2.3 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Feb 23 18:58:34 UTC 2015
e2fsprogs (1.41.11-1ubuntu2.3) lucid-security; urgency=medium
* SECURITY UPDATE: heap overflow via block group descriptor information
- limit first_meta_bg in lib/ext2fs/closefs.c, lib/ext2fs/openfs.c.
- https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=f66e6ce4
- CVE-2015-0247
* SECURITY UPDATE: buffer overflow in closefs()
- properly check against fs->desc_blocks in lib/ext2fs/closefs.c.
- https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a
- CVE-2015-1572
Date: 2015-02-16 19:11:13.094788+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/e2fsprogs/1.41.11-1ubuntu2.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Lucid-changes
mailing list