Bug#827160: jessie-pu: package dosfstools/3.0.27-1+deb8u1
[Andreas Bombe]
> Yes, please go ahead after taking into account the remark below. Thank
> you.
I will. But the comment below seem to indicate that the update in
Wheezy was incomplete?
> This is commit 39ce90fe7 [*] which fixed a possible read access one
> byte beyond the end of an array, pretty harmless since the value
> wouldn't be used when the read shouldn't have happened. The following
> commit 079081248 is the meatier of the fixes and the one actually
> fixing the CVE (and the one referenced in the URL above). It needs to
> be integrated here.
I'll prepare a new patch and package. OK to push it to the collab-maint
git repo before upload, or should I wait until it is accepted?
--
Happy hacking
Petter Reinholdtsen
Reply to: