Back to ntfs-3g PTS page

Accepted ntfs-3g 1:2016.2.22AR.1+dfsg-1+deb9u3 (source) into oldoldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 18 Jun 2022 17:34:24 +0200
Source: ntfs-3g
Binary: ntfs-3g ntfs-3g-dbg ntfs-3g-dev libntfs-3g871 ntfs-3g-udeb
Architecture: source
Version: 1:2016.2.22AR.1+dfsg-1+deb9u3
Distribution: stretch-security
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 libntfs-3g871 - read/write NTFS driver for FUSE (runtime library)
 ntfs-3g    - read/write NTFS driver for FUSE
 ntfs-3g-dbg - read/write NTFS driver for FUSE (debug)
 ntfs-3g-dev - read/write NTFS driver for FUSE (development)
 ntfs-3g-udeb - read/write NTFS driver for FUSE (udeb)
Closes: 1011770
Changes:
 ntfs-3g (1:2016.2.22AR.1+dfsg-1+deb9u3) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team. (Closes: #1011770)
   * CVE-2022-30783: an invalid return code in fuse_kern_mount enables
     intercepting of libfuse-lite protocol traffic between NTFS-3G and the
     kernel when using libfuse-lite.
   * CVE-2022-30784: a crafted NTFS image can cause heap exhaustion in
     ntfs_get_attribute_value.
   * CVE-2022-30785: a file handle created in fuse_lib_opendir, and later
     used in fuse_lib_readdir, enables arbitrary memory read and write
     operations when using libfuse-lite.
   * CVE-2022-30786: a crafted NTFS image can cause a heap-based buffer
     overflow in ntfs_names_full_collate.
   * CVE-2022-30787: an integer underflow in fuse_lib_readdir enables
     arbitrary memory read operations when using libfuse-lite.
   * CVE-2022-30788: a crafted NTFS image can cause a heap-based buffer
     overflow in ntfs_mft_rec_alloc.
   * CVE-2022-30789: a crafted NTFS image can cause a heap-based buffer
     overflow in ntfs_check_log_client_array.
Checksums-Sha1:
 97413a33b10f05886c74a10ddf1c53e83cd3a812 2311 ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3.dsc
 0a31be877365936024f4dac949dea3b8fdd81e6e 40012 ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3.debian.tar.xz
 bc3ef507908e134a90961563cfade8abd1014e10 7997 ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3_amd64.buildinfo
Checksums-Sha256:
 7e716a87f2b54d468c460676c136cf3fe2fad36bd0d5ee91cc17e0f89e67be21 2311 ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3.dsc
 c41274c69df900db225e9e7208ee59b5ae8fb4c046255de37977ec69c97cb9f0 40012 ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3.debian.tar.xz
 5fdd243196a03bde3b8f4974f5226d28715fb40534405ac63cdaae7cc6dec106 7997 ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3_amd64.buildinfo
Files:
 2fd76b388d559338b82f9cf9a5d4ff35 2311 otherosfs optional ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3.dsc
 9cebd0e938f7c4321947de30dbd17ae3 40012 otherosfs optional ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3.debian.tar.xz
 7c1a1072037fed33493616acad683c96 7997 otherosfs optional ntfs-3g_2016.2.22AR.1+dfsg-1+deb9u3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmKxqXIACgkQDTl9HeUl
XjDDGg/8C2Kb3mTzGmmcrXZ1VL3p1odE68SSSEmNN8HJHXfmsM5yhVURQgOOs+xe
DNXXx/hvxNaRz8Aig5SD/NSS37mPdv5lYPseBy/9EySHevhbPHMFyx8xSmv+XJ23
iSh5kWo9Cs2ndo+hu1pzbdossq8n7E1U0XGudURsf2qaO23PHjWaMwcwqWqz/JFN
9XqiHm0UEq6gH3I6Aw5woUwzftdSxBp5B4lzhIme7l9hSrQUQppI+Krroo4qTkoa
1u3AQ3KwLJWf3gf1tLm9+rwIvR9j6Evd5i4jtq+6Y3r4IDJB8xR8lbNX4sHIg7Hu
5s//1SOk2M8FPoAnKzJLhM8XCNXwajSxAsboDpfs0fVvHGB86lKLYdkjcT3ASYdZ
bnewBV72QbbCnq+tJi4H8h61EvOeotRIKJsrqh6D/MJlpl9uAC9cO1iK6T49XAS2
77l6xxspo8OrMHZ3DUFbRYqKuKvkwvekJ9zn2owYzPIiE8lSpU6twM4Nk/0FbdIt
hx2xEEpMQ0W+44GORI3KCLdEG3lFNSJsDCYQ2ZbqH8RLTn05muzP3714l0fTaB7X
Yw4sIY3kTsm9dXVNtmTRX3uxSnC3n37YCbifvA34Ou/i6+We7fO/4sYOfkkQ9xmw
QpG2uGXVdyWnqz5dl6jvVqtQRnSOCZeEXyG8Y94tBlabSuDxkOQ=
=otns
-----END PGP SIGNATURE-----