Overview

File _patchinfo of Package patchinfo.3807

<patchinfo incident="3807">
  <packager>jankara</packager>
  <issue tracker="cve" id="CVE-2015-0247"></issue>
  <issue tracker="cve" id="CVE-2015-1572"></issue>
  <issue tracker="bnc" id="915402">VUL-1: CVE-2015-0247: e2fsprogs: couple of heap overflows in e2fsprogs (fsck, dumpe2fs, e2image...)</issue>
  <issue tracker="bnc" id="918346">VUL-1: CVE-2015-1572: e2fsprogs: potential buffer overflow in closefs()</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for e2fsprogs</summary>
  <description>e2fsprogs was updated to fix two security issues.

The following vulnerabilities were fixed:

* CVE-2015-1572: A local user could have executed arbitrary code by causing a crafted block group descriptor to be marked as dirty. Completes fix for CVE-2015-0247. (boo#918346)
* CVE-2015-0247: A local user could have executed arbitrary code via crafted block group descriptor data in a filesystem image. (boo#915402)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places