Bug#778948: marked as done (e2fsprogs: CVE-2015-1572 buffer overflow)

Sun, 17 May 2015 23:22:10 -0700 

Your message dated Mon, 18 May 2015 06:19:04 +0000
with message-id <e1yueog-0003uu...@franck.debian.org>
and subject line Bug#778948: fixed in e2fsprogs 1.42.13-1
has caused the Debian Bug report #778948,
regarding e2fsprogs: CVE-2015-1572 buffer overflow
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
778948: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778948
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
package: src:e2fsprogs
severity: important
tags: security

A buffer overflow issue was recently fixed for e2fsprogs:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1572

Best wishes,
Mike

--- End Message ---
--- Begin Message --- 
Source: e2fsprogs
Source-Version: 1.42.13-1

We believe that the bug you reported is fixed in the latest version of
e2fsprogs, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 778...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Theodore Y. Ts'o <ty...@mit.edu> (supplier of updated e2fsprogs package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 17 May 2015 20:38:27 -0400
Source: e2fsprogs
Binary: e2fsck-static libcomerr2 comerr-dev libss2 ss-dev e2fsprogs-udeb 
e2fslibs e2fslibs-dev e2fsprogs e2fsprogs-dbg e2fslibs-dbg libcomerr2-dbg 
libss2-dbg
Architecture: source i386
Version: 1.42.13-1
Distribution: unstable
Urgency: low
Maintainer: Theodore Y. Ts'o <ty...@mit.edu>
Changed-By: Theodore Y. Ts'o <ty...@mit.edu>
Description:
 comerr-dev - common error description library - headers and static libraries
 e2fsck-static - statically-linked version of the ext2/ext3/ext4 filesystem 
checke
 e2fslibs   - ext2/ext3/ext4 file system libraries
 e2fslibs-dbg - debugging information for e2fslibs
 e2fslibs-dev - ext2/ext3/ext4 file system libraries - headers and static 
librari
 e2fsprogs  - ext2/ext3/ext4 file system utilities
 e2fsprogs-dbg - debugging information for e2fsprogs
 e2fsprogs-udeb - stripped-down versions of e2fsprogs, for debian-installer 
(udeb)
 libcomerr2 - common error description library
 libcomerr2-dbg - debugging information for libcomerr2
 libss2     - command-line interface parsing library
 libss2-dbg - debugging information for libss2
 ss-dev     - command-line interface parsing library - headers and static libra
Closes: 760275 764293 773795 775234 778948
Changes:
 e2fsprogs (1.42.13-1) unstable; urgency=low
 .
   * New upstream version
   * NMU acknowledge (Closes: #778948)
   * Fixed a bug which could cause e2fsck to corrupt Hurd file systems.
     (Closes: #760275)
   * Fixed a deadlock which occurs when using systemd and e2fsck.conf's
     logging feature.  (Closes: #775234)
   * Fixed a bug which could cause programs using libext2's inode table
     scanning functions from crashing on certain corrupted file systems.
     (Closes: #773795)
   * Fixed dumpe2fs so it won't crash if the user doesn't specify a block
     device (file system).  (Closes: #764293)
   * Fixed e2fsck so if it notices unexpected HTREE blocks in pass 2, it
     will report the correct directory inode containing the inconsistency.
   * If e2fsck fails to grow the dir_info structure due realloc(3) not
     having enough memory, it will now fail with explanatory message
     instead of staggering on failing with a confusing internal error
     messages.
   * The tune2fs program will zero out the superblock journal backup
     information when removing a journal from a file system.
   * The mke2fs program now enables the large_file feature by default.
   * Fixed a bug which could cause badblocks to crash if there are millions
     and millions of bad blocks.
   * Fixed some use-after-free bug in resize2fs and e2fsck.
   * Fixed some bigendian bugs that had crept into both indirect and extent
     handling inside libext2fs.
   * Updated/fixed various man pages.
   * Update Esperanto, German, and Spanish translations.  Added Danish
     translation.
Checksums-Sha1:
 37aed0a1cede3983d1100f7ebaf0a38018407113 2200 e2fsprogs_1.42.13-1.dsc
 77d1412472ac5a67f8954166ec16c37616074c37 6511931 e2fsprogs_1.42.13.orig.tar.gz
 3f722595dc3cd676e93c4fdeff86a3064058b8f3 64940 
e2fsprogs_1.42.13-1.debian.tar.xz
 cdbf8ba14d52368f53f64d5fbfef258d7315afa9 275572 
e2fsck-static_1.42.13-1_i386.deb
 2408912765f6396250084e1bca31b2be9cfbe2af 60908 libcomerr2_1.42.13-1_i386.deb
 aded1784e00ff18541c1396c00e364a36e23ada9 65538 libss2_1.42.13-1_i386.deb
 0cf49c9a6b7d6915e1ca43b4dd2b5ac9762a7071 206388 e2fslibs_1.42.13-1_i386.deb
 c86b293de6cba7523e24c4bd8730434ae383aac6 219522 e2fslibs-dev_1.42.13-1_i386.deb
 9b89d966981b4039100566b38336b20d77f80e5e 788774 e2fsprogs_1.42.13-1_i386.deb
 92a5eeaac3fcc13f54887f0ba0f099cb5a506108 863816 
e2fsprogs-dbg_1.42.13-1_i386.deb
 2efa53fd46962c289c0152ddf55391987e60a211 289168 e2fslibs-dbg_1.42.13-1_i386.deb
 175b5cd6ca61c965c6f4193324388e1791beab45 62986 
libcomerr2-dbg_1.42.13-1_i386.deb
 f48ed7baa5376ec1e030f67f3a92eec0f4010d79 71096 libss2-dbg_1.42.13-1_i386.deb
 036e7cbfa01806ee5c6e84f3b20b56a8e46aa975 38244 
comerr-dev_2.1-1.42.13-1_i386.deb
 2262f8ba612e5845e492f23f08b7b06c0211952f 17286 ss-dev_2.0-1.42.13-1_i386.deb
 083834612a779d557259c16a409c1cdcd544a036 292776 
e2fsprogs-udeb_1.42.13-1_i386.udeb
Checksums-Sha256:
 83e511378f584eae0e83af91a17980d84d9261688ce16b872b38dacf22fa8c30 2200 
e2fsprogs_1.42.13-1.dsc
 59993ff3a44f82e504561e0ebf95e8c8fa9f9f5746eb6a7182239605d2a4e2d4 6511931 
e2fsprogs_1.42.13.orig.tar.gz
 5c1b8e615afaf37d7d8f984755c52d3df2b60b384d7b28f596283d3da571af14 64940 
e2fsprogs_1.42.13-1.debian.tar.xz
 38562be6de0815d646590bf7c5dc7cf92beec7b9f11a2b642595423eafddc2bb 275572 
e2fsck-static_1.42.13-1_i386.deb
 31fd4facb981bb7aaa427cc232ca407e382c4b8ed339b45730d9b5a17b90020d 60908 
libcomerr2_1.42.13-1_i386.deb
 473c029cf35571fbcbb4632290f9a8045ddeb82e93de8b192ca3fde2008e9cef 65538 
libss2_1.42.13-1_i386.deb
 84d3dfedc2c6e2b24ad2e771061b708aeba8ccc5c7aaa78d980504cd6b10dca7 206388 
e2fslibs_1.42.13-1_i386.deb
 315f82eb3827849697c72eb1ca52725f5cb74cda5e2338f6868bd2079f42ee51 219522 
e2fslibs-dev_1.42.13-1_i386.deb
 0d497c505dc1a458081b2e138eeae5d81ee4df6419d1842335e487b0507121ae 788774 
e2fsprogs_1.42.13-1_i386.deb
 1d824f9358a6612b9d248d0bb742323698a05e969a3fb552b3f95f23399f046c 863816 
e2fsprogs-dbg_1.42.13-1_i386.deb
 5050602598cda4f50080c6aee4dbb5d6a294409027aced5f7ea82326d4028637 289168 
e2fslibs-dbg_1.42.13-1_i386.deb
 652366ebcc1bb376f27d060f54c130d3c9ae48a7ee7a023ce7f22db7b67f3be3 62986 
libcomerr2-dbg_1.42.13-1_i386.deb
 b3f6f3021d528a93303b6f773e27d5245a9de8cf32222a02cddf44bb9f4b8439 71096 
libss2-dbg_1.42.13-1_i386.deb
 7759e5811eb313f6fce2c482050166fa39e6c24216c100eb1cc32bfdec39c3c5 38244 
comerr-dev_2.1-1.42.13-1_i386.deb
 2e333902cc3f78efcbbd842b245b587f96035bb8cc30b13102a61fba9cab26f2 17286 
ss-dev_2.0-1.42.13-1_i386.deb
 c51e5173eadd3a0bdb0a5c5f7d0310645e70ece8b5791e036193a89f41999732 292776 
e2fsprogs-udeb_1.42.13-1_i386.udeb
Files:
 01f4be0375e35ef2c14ccc41288fe934 2200 admin required e2fsprogs_1.42.13-1.dsc
 bc759fc62666786f5436e2075beb3265 6511931 admin required 
e2fsprogs_1.42.13.orig.tar.gz
 3cc64ec36f3767141bc79a3e0419b2b4 64940 admin required 
e2fsprogs_1.42.13-1.debian.tar.xz
 c232972fa64fa333ef5191d4e47d49ac 275572 admin optional 
e2fsck-static_1.42.13-1_i386.deb
 4f92e70fe8aaa8200fb2a59374f568e0 60908 libs required 
libcomerr2_1.42.13-1_i386.deb
 855cfc4f4a1b4c16c7131addd0179601 65538 libs required libss2_1.42.13-1_i386.deb
 44911c380a7e7fce105cc403aeb4efd9 206388 libs required 
e2fslibs_1.42.13-1_i386.deb
 a3dd7a9d301f3a75d15725872cd0a23a 219522 libdevel extra 
e2fslibs-dev_1.42.13-1_i386.deb
 996bc22144b85f467178aca0aa69e594 788774 admin required 
e2fsprogs_1.42.13-1_i386.deb
 8e2e96cb18f4e526720b21e8dde24662 863816 debug extra 
e2fsprogs-dbg_1.42.13-1_i386.deb
 96a6a61aeafa633310915f935ff13651 289168 debug extra 
e2fslibs-dbg_1.42.13-1_i386.deb
 535afdea6907190ca87290b985d33edf 62986 debug extra 
libcomerr2-dbg_1.42.13-1_i386.deb
 1bbad9b30eb557967ba85c8ba4e4841f 71096 debug extra 
libss2-dbg_1.42.13-1_i386.deb
 557027a47d6455285e7115da22fcc721 38244 libdevel extra 
comerr-dev_2.1-1.42.13-1_i386.deb
 a98b6a72eb1958046ae01a3817189017 17286 libdevel extra 
ss-dev_2.0-1.42.13-1_i386.deb
 5991559a6531c54cda06362dcadb5734 292776 debian-installer optional 
e2fsprogs-udeb_1.42.13-1_i386.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJVWYI8AAoJEPL5WVaVDYGjkmAH/RTXqtYhEWAIgqXjrJR9o5k+
lteK6q+rUy5DXFiR2qmzi9WIxIbSMXeMfVWPv/WjXzxRRtU8N7w1JsPhks+ZNLdV
1ty23pjd8C0duRIztYNKpdrybOmZVVxRqgWg6X0C9fhcoiI70sK106qYmc1XmEUb
3MHpyPOVXUhdoWMP8bXkqDrawQkZ+JV0p84dOiAvw3cMz+PbMyQTY/HrUs9X1wlG
AgHhfylLMjg6jdbBhFwxGvaYzwwg2dOkVpHu9sZeSDAq0foWJvxnHaqK0NlYkMKE
7oOyhoyjjE/gWc2n2fuMvQkCHw6dl6DEuYXZCGlLQ+hTMJrpJ3cwM3XJqNYPGyU=
=NGvK
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to