[Secure-testing-team] Bug#786475: ntfs-3g: CVE-2015-3202
Salvatore Bonaccorso
carnil at debian.org
Fri May 22 04:48:36 UTC 2015
Source: ntfs-3g
Version: 1:2013.1.13AR.3-2
Severity: grave
Tags: security patch upstream
Justification: user security hole
Hi Laszlo
ntfs-3g in jessie and above is similarly affected by CVE-2015-3202
since ntfs-3g since 1:2013.1.13AR.3-2 builds with internal fuse copy.
The patch I have used to prepare the updates for jessie is attached.
ntfs-3g though should try to use the system fuse and not the embedded
copy, could you check to switch this back?
Regards,
Salvatore
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-CVE-2015-3202.patch
Type: text/x-diff
Size: 2372 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20150522/43569f4b/attachment.patch>
More information about the Secure-testing-team
mailing list