OPENSUSE-SU-2021:1244-1
Vulnerability Summary
Timeline
Description
Security update for ntfs-3g_ntfsprogs This update for ntfs-3g_ntfsprogs fixes the following issues: Update to version 2021.8.22 (bsc#1189720): * Fixed compile error when building with libfuse < 2.8.0 * Fixed obsolete macros in configure.ac * Signalled support of UTIME_OMIT to external libfuse2 * Fixed an improper macro usage in ntfscp.c * Updated the repository change in the README * Fixed vulnerability threats caused by maliciously tampered NTFS partitions * Security fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE_2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263. - Library soversion is now 89 * Changes in version 2017.3.23 * Delegated processing of special reparse points to external plugins * Allowed kernel cacheing by lowntfs-3g when not using Posix ACLs * Enabled fallback to read-only mount when the volume is hibernated * Made a full check for whether an extended attribute is allowed * Moved secaudit and usermap to ntfsprogs (now ntfssecaudit and ntfsusermap) * Enabled encoding broken UTF-16 into broken UTF-8 * Autoconfigured selecting <sys/sysmacros.h> vs <sys/mkdev> * Allowed using the full library API on systems without extended attributes support * Fixed DISABLE_PLUGINS as the condition for not using plugins * Corrected validation of multi sector transfer protected records * Denied creating/removing files from $Extend * Returned the size of locale encoded target as the size of symlinks This update was imported from the SUSE:SLE-15:Update update project.
Affected Systems
- opensuse•ntfs-3g_ntfsprogs&distro=openSUSE Leap 15.2
< 2021.8.22-lp152.5.3.1
References (23)
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6I22R7EMWP6WBQIXDCKB4KJMMB67TMZK/
- https://bugzilla.suse.com/1189720
- https://www.suse.com/security/cve/CVE-2019-9755
- https://www.suse.com/security/cve/CVE-2021-33285
- https://www.suse.com/security/cve/CVE-2021-33286
- https://www.suse.com/security/cve/CVE-2021-33287
- https://www.suse.com/security/cve/CVE-2021-33289
- https://www.suse.com/security/cve/CVE-2021-35266
- https://www.suse.com/security/cve/CVE-2021-35267
- https://www.suse.com/security/cve/CVE-2021-35268
- https://www.suse.com/security/cve/CVE-2021-35269
- https://www.suse.com/security/cve/CVE-2021-39251
- https://www.suse.com/security/cve/CVE-2021-39252
- https://www.suse.com/security/cve/CVE-2021-39253
- https://www.suse.com/security/cve/CVE-2021-39255
- https://www.suse.com/security/cve/CVE-2021-39256
- https://www.suse.com/security/cve/CVE-2021-39257
- https://www.suse.com/security/cve/CVE-2021-39258
- https://www.suse.com/security/cve/CVE-2021-39259
- https://www.suse.com/security/cve/CVE-2021-39260
- https://www.suse.com/security/cve/CVE-2021-39261
- https://www.suse.com/security/cve/CVE-2021-39262
- https://www.suse.com/security/cve/CVE-2021-39263