[ MDVSA-2015:045 ] e2fsprogs

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:045
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : e2fsprogs
 Date    : February 12, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated e2fsprogs packages fix security vulnerability:
 
 The libext2fs library, part of e2fsprogs and utilized by its utilities,
 is affected by a boundary check error on block group descriptor
 information, leading to a heap based buffer overflow. A specially
 crafted filesystem image can be used to trigger the vulnerability
 (CVE-2015-0247).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0247
 http://advisories.mageia.org/MGAS

007 Software

[ MDVSA-2015:045 ] e2fsprogs

Leave a Reply Cancel reply

Software and Security Information