Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Zwei Probleme in e2fsprogs
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in e2fsprogs
ID: FEDORA-2015-2511
Distribution: Fedora
Plattformen: Fedora 21
Datum: Mi, 4. März 2015, 16:38
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572

Originalnachricht

Name        : e2fsprogs
Product : Fedora 21
Version : 1.42.12
Release : 3.fc21
URL : http://e2fsprogs.sourceforge.net/
Summary : Utilities for managing ext2, ext3, and ext4 filesystems
Description :
The e2fsprogs package contains a number of utilities for creating,
checking, modifying, and correcting any inconsistencies in second,
third and fourth extended (ext2/ext3/ext4) filesystems. E2fsprogs
contains e2fsck (used to repair filesystem inconsistencies after an
unclean shutdown), mke2fs (used to initialize a partition to contain
an empty ext2 filesystem), debugfs (used to examine the internal
structure of a filesystem, to manually repair a corrupted
filesystem, or to create test cases for e2fsck), tune2fs (used to
modify filesystem parameters), and most of the other core ext2fs
filesystem utilities.

You should install the e2fsprogs package if you need to manage the
performance of an ext2, ext3, or ext4 filesystem.

-------------------------------------------------------------------------------
-
Update Information:

- Fix potential buffer overflow in closefs (#1193947, CVE-2015-1572)
- Fix dumpe2fs segfault with no arguments (#1194063)
- Don't require fsck prior to resize2fs -P (#1170803)
Changes e2fsck.conf so that for filesystems with time-based check intervals set
in the superblock, these time-based checks will work again. You may need to wait through an e2fsck on your next reboot in this case.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Feb 24 2015 Eric Sandeen <sandeen@redhat.com> 1.42.12-3
- Fix potential buffer overflow in closefs (#1193947, CVE-2015-1572)
- Fix dumpe2fs segfault with no arguments (#1194063)
- Don't require fsck prior to resize2fs -P (#1170803)
* Tue Feb 17 2015 Eric Sandeen <sandeen@redhat.com> 1.42.12-2
- Fix use after free (#1192861)
- Fix time-based fsck if set in superblock (e2fsck.conf, #963283)
* Thu Feb 5 2015 Eric Sandeen <sandeen@redhat.com> 1.42.12-1
- New upstream release
- Security fix for CVE-2015-0247
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1193945 - CVE-2015-1572 e2fsprogs: potential buffer overflow in
closefs() (incomplete CVE-2015-0247 fix)
https://bugzilla.redhat.com/show_bug.cgi?id=1193945
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update e2fsprogs' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung