Bug#1010264: CVE-2022-28391

To: Theodore Ts'o <tytso@mit.edu>
Cc: Moritz Muehlenhoff <jmm@debian.org>, 1010264@bugs.debian.org
Subject: Bug#1010264: CVE-2022-28391
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 28 Apr 2022 09:04:52 +0200
Message-id: <[🔎] 20220428070452.GA3010@inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 1010264@bugs.debian.org
In-reply-to: <YmoJ/CSb1Z/gttA0@mit.edu>
References: <165106052732.15361.16329981273607996588.reportbug@hullmann.westfalen.local> <YmoJ/CSb1Z/gttA0@mit.edu> <165106052732.15361.16329981273607996588.reportbug@hullmann.westfalen.local>

On Wed, Apr 27, 2022 at 11:29:00PM -0400, Theodore Ts'o wrote:
> Neither seems to be security related.  Are you sure this was correctly
> filed against e2fsprogs?

Apologies, I reported multiple incoming new issues from the CVE feed
and I must have mis-pasted the wrong Emacs buffer into the report.

The correct references are
https://bugzilla.redhat.com/show_bug.cgi?id=2069726
https://bugzilla.redhat.com/show_bug.cgi?id=2068113

And the proposed patch was already posted at:
https://lore.kernel.org/linux-ext4/20220421173148.20193-1-lczerner@redhat.com/T/#u

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Bug#1010264: CVE-2022-28391
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#1010264: CVE-2022-28391
  - From: "Theodore Ts'o" <tytso@mit.edu>

Prev by Date: Bug#1010264: CVE-2022-28391
Next by Date: Bug#1010264: CVE-2022-28391
Previous by thread: Bug#1010264: CVE-2022-28391
Next by thread: Bug#1010264: CVE-2022-28391
Index(es):
- Date
- Thread