Bug#854968: unblock: ntfs-3g

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#854968: unblock: ntfs-3g
From: "Laszlo Boszormenyi (GCS)" <gcs@debian.org>
Date: Sun, 12 Feb 2017 18:08:21 +0100
Message-id: <[🔎] 1486919301.2481.4.camel@debian.org>
Reply-to: "Laszlo Boszormenyi (GCS)" <gcs@debian.org>, 854968@bugs.debian.org

Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi Release Team,

Please unblock ntfs-3g 2016.2.22AR.1-4 as it fixes CVE-2017-0358.
The debdiff is attached for your convenience.

Thanks,
Laszlo/GCS

diff -Nru ntfs-3g-2016.2.22AR.1/debian/changelog ntfs-3g-2016.2.22AR.1/debian/changelog
--- ntfs-3g-2016.2.22AR.1/debian/changelog	2016-04-21 18:48:50.000000000 +0000
+++ ntfs-3g-2016.2.22AR.1/debian/changelog	2017-02-01 06:23:28.000000000 +0000
@@ -1,3 +1,10 @@
+ntfs-3g (1:2016.2.22AR.1-4) unstable; urgency=high
+
+  * Fix CVE-2017-0358: modprobe influence vulnerability via environment
+    variables.
+
+ -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Wed, 01 Feb 2017 06:23:28 +0000
+
 ntfs-3g (1:2016.2.22AR.1-3) unstable; urgency=low
 
   * Really fix ELIBBAD errno on kFreeBSD (closes: #821838).
diff -Nru ntfs-3g-2016.2.22AR.1/debian/patches/0003-CVE-2017-0358.patch ntfs-3g-2016.2.22AR.1/debian/patches/0003-CVE-2017-0358.patch
--- ntfs-3g-2016.2.22AR.1/debian/patches/0003-CVE-2017-0358.patch	1970-01-01 00:00:00.000000000 +0000
+++ ntfs-3g-2016.2.22AR.1/debian/patches/0003-CVE-2017-0358.patch	2017-02-01 06:23:28.000000000 +0000
@@ -0,0 +1,36 @@
+--- ntfs-3g/src/lowntfs-3g.c.ref	2016-12-31 08:56:59.011749600 +0100
++++ ntfs-3g/src/lowntfs-3g.c	2017-01-05 14:41:52.041473700 +0100
+@@ -4291,13 +4291,14 @@
+ 	struct stat st;
+ 	pid_t pid;
+ 	const char *cmd = "/sbin/modprobe";
++	char *env = (char*)NULL;
+ 	struct timespec req = { 0, 100000000 };   /* 100 msec */
+ 	fuse_fstype fstype;
+         
+ 	if (!stat(cmd, &st) && !geteuid()) {
+ 		pid = fork();
+ 		if (!pid) {
+-			execl(cmd, cmd, "fuse", NULL);
++			execle(cmd, cmd, "fuse", NULL, &env);
+ 			_exit(1);
+ 		} else if (pid != -1)
+ 			waitpid(pid, NULL, 0);
+--- ntfs-3g/src/ntfs-3g.c.ref	2016-12-31 08:56:59.022518700 +0100
++++ ntfs-3g/src/ntfs-3g.c	2017-01-05 15:45:45.912499400 +0100
+@@ -3885,13 +3885,14 @@
+ 	struct stat st;
+ 	pid_t pid;
+ 	const char *cmd = "/sbin/modprobe";
++	char *env = (char*)NULL;
+ 	struct timespec req = { 0, 100000000 };   /* 100 msec */
+ 	fuse_fstype fstype;
+ 	
+ 	if (!stat(cmd, &st) && !geteuid()) {
+ 		pid = fork();
+ 		if (!pid) {
+-			execl(cmd, cmd, "fuse", NULL);
++			execle(cmd, cmd, "fuse", NULL, &env);
+ 			_exit(1);
+ 		} else if (pid != -1)
+ 			waitpid(pid, NULL, 0);
diff -Nru ntfs-3g-2016.2.22AR.1/debian/patches/series ntfs-3g-2016.2.22AR.1/debian/patches/series
--- ntfs-3g-2016.2.22AR.1/debian/patches/series	2016-04-20 15:51:16.000000000 +0000
+++ ntfs-3g-2016.2.22AR.1/debian/patches/series	2017-02-01 06:23:28.000000000 +0000
@@ -1,2 +1,3 @@
 0001-link-with-gpg-error.patch
 0002-kFreeBSD_ELIBBAD.patch
+0003-CVE-2017-0358.patch

Reply to:

Follow-Ups:
- Bug#854968: unblock: ntfs-3g
  - From: Emilio Pozuelo Monfort <pochu@debian.org>
- Bug#854968: marked as done (unblock: ntfs-3g)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#854953: unblock: dustmite/0~20170126.e95dff8-2
Next by Date: Bug#854970: unblock: ruby-uuidtools/2.1.5-2
Previous by thread: Bug#854953: marked as done (unblock: dustmite/0~20170126.e95dff8-2)
Next by thread: Bug#854968: unblock: ntfs-3g
Index(es):
- Date
- Thread