Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1

To: Andreas Bombe <aeb@debian.org>, 827160@bugs.debian.org
Subject: Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
From: Petter Reinholdtsen <pere@hungry.com>
Date: Fri, 17 Jun 2016 08:10:29 +0200
Message-id: <[🔎] 2flvb18l50q.fsf@diskless.uio.no>
Reply-to: Petter Reinholdtsen <pere@hungry.com>, 827160@bugs.debian.org
In-reply-to: <[🔎] 20160617030018.GA4628@amos.fritz.box>
References: <[🔎] 2flh9cxtupv.fsf@diskless.uio.no> <[🔎] 20160617030018.GA4628@amos.fritz.box>

[Andreas Bombe]
> Yes, please go ahead after taking into account the remark below. Thank
> you.

I will.  But the comment below seem to indicate that the update in
Wheezy was incomplete?

> This is commit 39ce90fe7 [*] which fixed a possible read access one
> byte beyond the end of an array, pretty harmless since the value
> wouldn't be used when the read shouldn't have happened. The following
> commit 079081248 is the meatier of the fixes and the one actually
> fixing the CVE (and the one referenced in the URL above). It needs to
> be integrated here.

I'll prepare a new patch and package.  OK to push it to the collab-maint
git repo before upload, or should I wait until it is accepted?

-- 
Happy hacking
Petter Reinholdtsen

Reply to:

Follow-Ups:
- Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
  - From: Petter Reinholdtsen <pere@hungry.com>
- Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
  - From: Petter Reinholdtsen <pere@hungry.com>

References:
- Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
  - From: Petter Reinholdtsen <pere@hungry.com>
- Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
  - From: Andreas Bombe <aeb@debian.org>

Prev by Date: Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
Next by Date: Processed: tagging 827160
Previous by thread: Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
Next by thread: Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
Index(es):
- Date
- Thread