Zwei Probleme in dosfstools
ID: | FEDORA-2016-f695b1a747 |
Distribution: | Fedora |
Plattformen: | Fedora 24 |
Datum: | Sa, 21. Mai 2016, 22:55 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8872 |
Applikationen: | dosfstools |
Originalnachricht |
|
Name : dosfstools Product : Fedora 24 Version : 3.0.28 Release : 3.fc24 URL : http://github.com/dosfstools/dosfstools Summary : Utilities for making and checking MS-DOS FAT filesystems on Linux Description : The dosfstools package includes the mkdosfs and dosfsck utilities, which respectively make and check MS-DOS FAT filesystems on hard drives or on floppies. -------------------------------------------------------------------------------- Update Information: This is an update fixing off-by-2 error leading to corruption in FAT12 ( CVE-2015-8872) and heap-buffer-overflows in read_fat() and get_fat() functions (CVE-2016-4804). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1336745 - CVE-2016-4804 dosfstools: Heap-buffer-overflows in read_fat() and get_fat() functions https://bugzilla.redhat.com/show_bug.cgi?id=1336745 [ 2 ] Bug #1336739 - CVE-2015-8872 dosfstools: Off-by-2 error leading to corruption in FAT12 https://bugzilla.redhat.com/show_bug.cgi?id=1336739 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update dosfstools' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org |