Overview

File _patchinfo of Package patchinfo.25304

<patchinfo incident="25304">
  <issue tracker="bnc" id="1199978">VUL-0: CVE-2022-30783,CVE-2022-30784,CVE-2022-30785,CVE-2022-30786,CVE-2022-30787,CVE-2022-30788,CVE-2022-30789: ntfs-3g_ntfsprogs: 2022.5.17 release</issue>
  <issue tracker="cve" id="2022-30785"/>
  <issue tracker="cve" id="2022-30789"/>
  <issue tracker="cve" id="2022-30787"/>
  <issue tracker="cve" id="2021-46790"/>
  <issue tracker="cve" id="2022-30788"/>
  <issue tracker="cve" id="2022-30783"/>
  <issue tracker="cve" id="2022-30786"/>
  <issue tracker="cve" id="2022-30784"/>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ntfs-3g_ntfsprogs</summary>
  <description>This update for ntfs-3g_ntfsprogs fixes the following issues:

Updated to version 2022.5.17 (bsc#1199978):
- CVE-2022-30783: Fixed an issue where messages between NTFS-3G and
  the kernel could be intercepted when using libfuse-lite.
- CVE-2022-30784: Fixed a memory exhaustion issue when opening a
  crafted NTFS image.
- CVE-2022-30785: Fixed a bug where arbitrary memory read and write
  operations could be achieved whe using libfuse-lite.
- CVE-2022-30786: Fixed a memory corruption issue when opening a
  crafted NTFS image.
- CVE-2022-30787: Fixed an integer underflow which enabled arbitrary
  memory read operations when using libfuse-lite.
- CVE-2022-30788: Fixed a memory corruption issue when opening a
  crafted NTFS image.
- CVE-2022-30789: Fixed a memory corruption issue when opening a
  crafted NTFS image.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places