Advisories ยป MGASA-2015-0088

Updated e2fsprogs packages fix CVE-2015-1572

Publication date: 26 Feb 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-1572

Description

Updated e2fsprogs packages fix security vulnerability:

The libext2fs library, part of e2fsprogs and utilized by its utilities, is
affected by a boundary check error on block group descriptor information,
leading to a heap based buffer overflow. A specially crafted filesystem image
can be used to trigger the vulnerability. This is due to an incomplete fix
for CVE-2015-0247 (CVE-2015-1572).
                

References

SRPMS

4/core