Security update for dosfstools
This update for dosfstools fixes the following issues:
- fixed buffer overflows based on insufficient size of variable for
storing FAT size (CVE-2016-4804, boo#980377)
* dosfstools-3.0.26-read-fat-overflow.patch
- fixed memory corruption when setting FAT12 entries (CVE-2015-8872,
boo#980364)
* dosfstools-3.0.26-off-by-2.patch
- Fix attempt to rename root dir in fsck due to uninitialized
fields [boo#912607]
- Drop gpg-offline build-time requirement; this is now handled by
the local source validator
-
Submitted by
Jan Matejek (matejcik)
Fixed bugs
bnc#980364
VUL-0: CVE-2015-8872: dosfstools: Off-by-2 error leading to corruption in FAT12
bnc#912607
fsck.fat 3.0.26 (2014-03-07): "/ Bad short file name ()."
bnc#980377
VUL-1: CVE-2016-4804: dosfstools: Heap-buffer-overflows in read_fat() and get_fat() functions
