ubuntu/+source/dosfstools:applied/ubuntu/xenial-security

Last commit made on 2016-05-31
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/dosfstools
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-security
Repository:
lp:ubuntu/+source/dosfstools

Recent commits

d12a0ad... by Marc Deslauriers on 2016-05-25

Import patches-applied version 3.0.28-2ubuntu0.1 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 55120294db1571241bc7e3193b980296e0e70cf0
Unapplied parent: aaad586267ad9dbbb8048015f08d7ef92e85c93c

New changelog entries:
  * SECURITY UPDATE: out of bounds read denial of service
    - debian/patches/date_oob_read.patch: prevent out of bounds array read
      in src/check.c.
    - No CVE number
  * SECURITY UPDATE: memory corruption via off-by-2 in FAT12
    - debian/patches/CVE-2015-8872.patch: fix FAT12 logic in src/fat.c.
    - CVE-2015-8872
  * SECURITY UPDATE: heap overflow via excessive FAT size specifications
    - debian/patches/CVE-2016-4804.patch: change size and perform checks in
      src/boot.c, src/fsck.fat.h.
    - CVE-2016-4804

aaad586... by Marc Deslauriers on 2016-05-25

[PATCH] read_boot(): Handle excessive FAT size specifications

Gbp-Pq: CVE-2016-4804.patch.

e787bc4... by Marc Deslauriers on 2016-05-25

fix memory corruption via off-by-2 in FAT12

Gbp-Pq: CVE-2015-8872.patch.

f955628... by Marc Deslauriers on 2016-05-25

[PATCH] Prevent out of bound array read in date_dos2unix()

Gbp-Pq: date_oob_read.patch.

3a42b19... by Marc Deslauriers on 2016-05-25

Import patches-unapplied version 3.0.28-2ubuntu0.1 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: a4c94d09f36d0d7f047238bdd26cd959e3be1b51

New changelog entries:
  * SECURITY UPDATE: out of bounds read denial of service
    - debian/patches/date_oob_read.patch: prevent out of bounds array read
      in src/check.c.
    - No CVE number
  * SECURITY UPDATE: memory corruption via off-by-2 in FAT12
    - debian/patches/CVE-2015-8872.patch: fix FAT12 logic in src/fat.c.
    - CVE-2015-8872
  * SECURITY UPDATE: heap overflow via excessive FAT size specifications
    - debian/patches/CVE-2016-4804.patch: change size and perform checks in
      src/boot.c, src/fsck.fat.h.
    - CVE-2016-4804

5512029... by Andreas Bombe <email address hidden> on 2015-08-21

Import patches-applied version 3.0.28-2 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 8bf75cfe2f5b504d2e14928ddf896bd1c91de05a
Unapplied parent: a4c94d09f36d0d7f047238bdd26cd959e3be1b51

New changelog entries:
  * Enable checking of PGP signatures on upstream tarballs in debian/watch
  * Notify users about the default mode change for fsck in NEWS file

a4c94d0... by Andreas Bombe <email address hidden> on 2015-08-21

Import patches-unapplied version 3.0.28-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: f6b19a47637424a9286b24b8ac4e674c469283a7

New changelog entries:
  * Enable checking of PGP signatures on upstream tarballs in debian/watch
  * Notify users about the default mode change for fsck in NEWS file

8bf75cf... by Andreas Bombe <email address hidden> on 2015-06-01

Import patches-applied version 3.0.28-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: fb48545dbf8e108c27a6c78087493ad8abadbdca
Unapplied parent: f6b19a47637424a9286b24b8ac4e674c469283a7

New changelog entries:
  * New upstream version 3.0.28
    - interactive repair mode is now the default for fsck.fat, ending
      confusion about the previous default mode that looked like interactive
      repair but never offered the option at the end to actually modify the
      filesystem (Closes: #417639)
    - fsck.fat now checks that the first cluster of a file is not 1, thereby
      also preventing a possible segfault (Closes: #773885)
    - 0xF0 is now allowed to be specified as media type for mkfs.fat
      (Closes: #753951)

f6b19a4... by Andreas Bombe <email address hidden> on 2015-06-01

Import patches-unapplied version 3.0.28-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4478866eb368fb322f9c3728b6220d12e2fb463d

New changelog entries:
  * New upstream version 3.0.28
    - interactive repair mode is now the default for fsck.fat, ending
      confusion about the previous default mode that looked like interactive
      repair but never offered the option at the end to actually modify the
      filesystem (Closes: #417639)
    - fsck.fat now checks that the first cluster of a file is not 1, thereby
      also preventing a possible segfault (Closes: #773885)
    - 0xF0 is now allowed to be specified as media type for mkfs.fat
      (Closes: #753951)

fb48545... by Andreas Bombe <email address hidden> on 2014-11-12

Import patches-applied version 3.0.27-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 93f88c64feae433e47dd2174dd1a022884c62a94
Unapplied parent: 4478866eb368fb322f9c3728b6220d12e2fb463d

New changelog entries:
  * New upstream version 3.0.27
    - fixes fatlabel mangling long file names in root directory
      (Closes: #768909)
    - fixes spurious uncorrectable empty file name error reported by
      fsck.fat (thanks to AlexisM for finding the cause)
      (Closes: #764992)
  * New maintainer
  * New upstream, change debian/watch and fields in debian/control and
    debian/copyright accordingly
  * Remove 0001-LFN-is-no-volume-entry.patch, already fixed in upstream