[SECURITY] [DLA 162-1] e2fsprogs security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Package : e2fsprogs
Version : 1.41.12-4+deb6u2
CVE ID : CVE-2015-1572
Debian Bug : 778948
ose Duart of the Google Security Team discovered a buffer overflow in
in e2fsprogs, a set of utilities for the ext2, ext3, and ext4 file
systems. This issue can possibly lead to arbitrary code execution if
a malicious device is plugged in, the system is configured to
automatically mount it, and the mounting process chooses to run fsck
on the device's malicious filesystem.
CVE-2015-1572
Incomplete fix for CVE-2015-0247.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQJ8BAEBCgBmBQJU8jHxXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH9i0P/A0fz3mGakSRR68qp6IAmepq
+p6xuoGC6GuFO3ZBjnyH+IudSoE5PDmDv4ZZkJ+w+wR4cembwcAmtU7Ec9tYf0E4
VMOdCVRErmqCL91zlDJtBMJ5q4y9oW2Xfby5EovR2nkDH2xoB6gxAbIUp1ENxOLL
iW7l8Cldj+PSl31T+9pt0fygZrPod3H9Hkuzl7trZP0yPBqrAsWsiRH3FNYcFXjf
AsS/n3kFgM1x9chnurYAqTDwEDHLx7E6DhKckmgNMtUtbMtIp+S8JnWAYycRJy6n
bbw+DF3OLOpX2NMkZLVHjyHtMJW8qWrH2Ly6FhlYYBwKxNqUu2Fg2WLAT0hJvYtL
gdETVFxrrsdtXpXfkHMeEwGdBBfMnMJw4v5OBAvTRETWKiJ/r0q3PAabMCpF9xfd
tnr59No5fg47DrBEA+Qq99dyPYrtcgRMQDH2oGQyW+l9u5rDw/8xf2y6fSkh9kY3
MMauMIyccgHx+UEZbLTDOvNUPOFVoTPWyBBWznUCzdKvknC+pSvVnKGtEqsUjSGU
HQGZeDGBMGJ994Hfo2G7bagNOWoMyhIHe4V5numJ5Mip5eWZZCrzzY+Mv5BH4zZ/
HIKFM/5N9KuGn3n1KJSPByELLUp+SaaNtkLToONqSUUIxgWBW7s+r4iAZI79Kpav
lGCIoCut4m9T5pl9rSIC
=QKtj
-----END PGP SIGNATURE-----
Reply to: