Bugzilla – Bug 918346
VUL-1: CVE-2015-1572: e2fsprogs: potential buffer overflow in closefs()
Last modified: 2019-03-28 00:15:46 UTC
CVE-2015-1572 Described in https://git.kernel.org/cgit/fs/ext2/e2fsprogs.git/commit/?id=49d0fe2a14f2a23da2fe299643379b8c1d37df73 Patch for bnc#915402 is needed before this one applies. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1572 http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1572.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1572
bugbot adjusting priority
This is an autogenerated message for OBS integration: This bug (918346) was mentioned in https://build.opensuse.org/request/show/308845 13.2 / e2fsprogs https://build.opensuse.org/request/show/308846 13.1 / e2fsprogs
openSUSE-SU-2015:1002-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 918346 CVE References: CVE-2015-1572 Sources used: openSUSE 13.2 (src): e2fsprogs-1.42.12-7.1
openSUSE-SU-2015:1006-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 915402,918346 CVE References: CVE-2015-0247,CVE-2015-1572 Sources used: openSUSE 13.1 (src): e2fsprogs-1.42.8-2.8.1
SUSE-SU-2015:1103-1: An update that contains security fixes can now be installed. Category: security (important) Bug References: 915402,918346 CVE References: Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): e2fsprogs-1.41.9-2.14.2 SUSE Linux Enterprise Server 11-SP4 (src): e2fsprogs-1.41.9-2.14.2 SUSE Linux Enterprise Desktop 11-SP4 (src): e2fsprogs-1.41.9-2.14.2
An update workflow for this issue was started. This issue was rated as low. Please submit fixed packages until 2015-07-23. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62121
SUSE-SU-2015:1341-1: An update that fixes two vulnerabilities is now available. Category: security (low) Bug References: 915402,918346 CVE References: CVE-2015-0247,CVE-2015-1572 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): e2fsprogs-1.42.11-7.1 SUSE Linux Enterprise Server 12 (src): e2fsprogs-1.42.11-7.1 SUSE Linux Enterprise Desktop 12 (src): e2fsprogs-1.42.11-7.1
released
SUSE-SU-2015:1364-1: An update that solves two vulnerabilities and has one errata is now available. Category: security (low) Bug References: 915402,918346,932539 CVE References: CVE-2015-0247,CVE-2015-1572 Sources used: SUSE Linux Enterprise Software Development Kit 11 SP3 (src): e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7 SUSE Linux Enterprise Server 11 SP3 for VMware (src): e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7 SUSE Linux Enterprise Server 11 SP3 (src): e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7 SUSE Linux Enterprise Desktop 11 SP3 (src): e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7
SUSE-SU-2018:1987-1: An update that solves two vulnerabilities and has three fixes is now available. Category: security (moderate) Bug References: 1009532,1038194,915402,918346,960273 CVE References: CVE-2015-0247,CVE-2015-1572 Sources used: SUSE Linux Enterprise Module for Basesystem 15 (src): e2fsprogs-1.43.8-4.3.1
openSUSE-SU-2018:2133-1: An update that solves two vulnerabilities and has three fixes is now available. Category: security (moderate) Bug References: 1009532,1038194,915402,918346,960273 CVE References: CVE-2015-0247,CVE-2015-1572 Sources used: openSUSE Leap 15.0 (src): e2fsprogs-1.43.8-lp150.3.3.1