-
e2fsprogs (1.42.13-1ubuntu1.2) xenial-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds write
- debian/patches/CVE-2019-5188-*.patch: abort if there is a corrupted
directory block when rehashing and don't try to rehash a deleted directory
in e2fsck/rehash.c, e2fsck/pass1b.c.
- CVE-2019-5188
-- <email address hidden> (Leonidas S. Barbosa) Wed, 22 Jan 2020 11:12:45 -0300
-
e2fsprogs (1.42.13-1ubuntu1.1) xenial-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds write on the heap
- debian/patches/CVE-2019-5094.patch: add checks to prevent
buffer overrun in quota code in lib/quota/quotaio_tree.c,
lib/quota/quotaio_v2.c, lib/quota/mkquota.c.
- CVE-2019-5094
-- <email address hidden> (Leonidas S. Barbosa) Thu, 26 Sep 2019 13:49:59 -0300
-
e2fsprogs (1.42.13-1ubuntu1) xenial; urgency=medium
* Merge from Debian unstable. Remaining changes:
- debian/rules:
Block pkg-create-dbgsym from operating on this package.
Build without dietlibc-dev, which is in universe
Use the autotools-dev dh addon to update config.guess/config.sub for new
ports.
- debian/control:
Regenerate with ./debian/rules debian/control
e2fsprogs (1.42.13-1) unstable; urgency=low
* New upstream version
* NMU acknowledge (Closes: #778948)
* Fixed a bug which could cause e2fsck to corrupt Hurd file systems.
(Closes: #760275)
* Fixed a deadlock which occurs when using systemd and e2fsck.conf's
logging feature. (Closes: #775234)
* Fixed a bug which could cause programs using libext2's inode table
scanning functions from crashing on certain corrupted file systems.
(Closes: #773795)
* Fixed dumpe2fs so it won't crash if the user doesn't specify a block
device (file system). (Closes: #764293)
* Fixed e2fsck so if it notices unexpected HTREE blocks in pass 2, it
will report the correct directory inode containing the inconsistency.
* If e2fsck fails to grow the dir_info structure due realloc(3) not
having enough memory, it will now fail with explanatory message
instead of staggering on failing with a confusing internal error
messages.
* The tune2fs program will zero out the superblock journal backup
information when removing a journal from a file system.
* The mke2fs program now enables the large_file feature by default.
* Fixed a bug which could cause badblocks to crash if there are millions
and millions of bad blocks.
* Fixed some use-after-free bug in resize2fs and e2fsck.
* Fixed some bigendian bugs that had crept into both indirect and extent
handling inside libext2fs.
* Updated/fixed various man pages.
* Update Esperanto, German, and Spanish translations. Added Danish
translation.
e2fsprogs (1.42.12-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
* Fix CVE-2015-1572: incomplete fix for CVE-2015-0247 (closes: #778948).
-- Marc Deslauriers <email address hidden> Fri, 30 Oct 2015 07:51:26 -0400
-
e2fsprogs (1.42.12-1ubuntu2) vivid; urgency=medium
* SECURITY UPDATE: buffer overflow in closefs()
- debian/patches/CVE-2015-1572.patch: properly check against
fs->desc_blocks in lib/ext2fs/closefs.c.
- CVE-2015-1572
-- Marc Deslauriers <email address hidden> Mon, 16 Feb 2015 13:40:05 -0500
