stable

ntfs-3g-system-compression-1.0-9.fc35

FEDORA-2022-1176b501f0 created by rjones 2 years ago for Fedora 35

Rebuild for ntfs-3g CVE

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-1176b501f0

This update has been submitted for testing by rjones.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update's test gating status has been changed to 'failed'.

2 years ago

This update has been pushed to testing.

2 years ago
User Icon kparal commented & provided feedback 2 years ago
karma

Listing Windows/System32/ works fine, so I think this works ok.

@rjones Can this be merged into https://bodhi.fedoraproject.org/updates/FEDORA-2022-8fa7e5aeaf so that the updates go out together? I believe these two should be a single update.

This update's test gating status has been changed to 'passed'.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago
BZ#2093310 CVE-2022-30783 ntfs-3g-system-compression: ntfs-3g: invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic [fedora-all]
0
0
BZ#2093319 CVE-2022-30784 ntfs-3g-system-compression: ntfs-3g: crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value [fedora-all]
0
0
BZ#2093325 CVE-2022-30785 ntfs-3g-system-compression: ntfs-3g: a file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations [fedora-all]
0
0
BZ#2093331 CVE-2022-30786 ntfs-3g-system-compression: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate [fedora-all]
0
0
BZ#2093338 CVE-2022-30787 ntfs-3g-system-compression: ntfs-3g: integer underflow in fuse_lib_readdir enables arbitrary memory read operations [fedora-all]
0
0
BZ#2093345 CVE-2022-30788 ntfs-3g-system-compression: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc [fedora-all]
0
0
BZ#2093352 CVE-2022-30789 ntfs-3g-system-compression: ntfs-3g: crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array [fedora-all]
0
0
BZ#2093361 CVE-2021-46790 ntfs-3g-system-compression: ntfs-3g: heap-based buffer overflow in ntfsck [fedora-all]
0
0

Automated Test Results