ELSA-2024-12730

ULN >
Oracle Linux Errata repository >
ELSA-2024-12730

ELSA-2024-12730 - e2fsprogs security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-10-10

Description

[1.45.4-3.0.7.el7]
- libext2fs: add sanity check to extent manipulation (Srivathsa Dara) [Orabug:
37095032] {CVE-2022-1304}

[1.45.4-3.0.5.el7]
- e2fsprogs: bump version to 1.45.4-3.0.5

[1.45.4-3.0.5]
- Fix missing changelog entries to match the latest RHEL8 packages

[1.45.4-3.0.3]
- Fix build scripts to generate i386 builds
- Re-integrate ext2_types.h multiarch compatibility fixes.

[1.45.4-3.0.1]
- Integrate patches from the 'upstream' 1.45.4 package.
- Fix the version number to match Oracle standards.
- Re-integrate the multiarch build kludge from RH.
- Enable e2scrub package for OL8 only
- Start building newer package for UEK6

[1.45.4-3]
- Fix clang warning introduced in previous release (#1783777)

[1.45.4-2]
- Fix ABI breakage introduced in previous release (#1783777)

[1.45.4-1]
- Rebase to the release 1.45.4 (#1783777)
- provide rhel6/7 compatible fs_type in mke2fs.conf (#1780279)
- fix crafted ext4 partition leads to out-of-bounds write (#1768709)
- include note about supported rhel8 features and options (#1788573)

[1.44.6-3]
- Backport fixes from 1.45.2 (#1714927)
- Fix errors in rpmdiff (#1714923)

[1.44.6-2]
- Backport fixes from 1.45.1

[1.44.6-1]
- Rebase to the release 1.44.6 (#1695147)
- Backport fixes from 1.45.0
- Add gating.yaml (#1679654)

[1.44.3-2]
- Backport fixes from upstream version 1.44.4 (#1659526)

[1.44.3-1]
- New upstream release

[1.43.8-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.43.8-1]
- New upstream release
- Fix build failure swapfs.c on big-endian

[1.43.7-1]
- New upstream release

[1.43.6-1]
- New upstream release

[1.43.5-2]
- Bump and rebuild for an rpm signing issue

[1.43.5-1]
- New upstream release

[1.43.4-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

[1.43.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[1.43.4-2]
- Add missing MIT macro

[1.43.4-1]
- New upstream release

[1.43.3-1]
- New upstream release

[1.43.2-1]
- New upstream release (broken on i686, not built)

[1.43.1-2]
- Fix e2undo endian issues (#1344636)

[1.43.1-1]
- New upstream release

[1.42.13-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

[1.42.13-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

[1.42.13-2]
- Add -fno-strict-aliasing (#1211582)

[1.42.13-1]
- New upstream release

[1.42.12-5]
- Don't trigger full check within time fudge window (#1202024)

[1.42.12-4]
- Fix potential buffer overflow in closefs (#1193947, CVE-2015-1572)
- Fix dumpe2fs segfault with no arguments (#1194063)
- Don't require fsck prior to resize2fs -P (#1170803)

[1.42.12-3]
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code

[1.42.12-2]
- Fix use after free (#1192861)
- Fix time-based fsck if set in superblock (e2fsck.conf, #963283)

[1.42.12-1]
- New upstream release

[1.42.11-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

[1.42.11-2]
- fix license handling

[1.42.11-1]
- New upstream release

[1.42.10-5]
- Rebuilt for buggy rpm 4.12 alpha -
https://lists.fedoraproject.org/pipermail/devel/2014-June/200633.html

[1.42.10-4]
- Add missing dependency info for quota.c - fixes build on s390(x)

[1.42.10-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

[1.42.10-2]
- Fix large file handling on 32-bit builds

[1.42.10-1]
- New upstream release
- Enable userspace quota

Related CVEs

CVE-2022-1304

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	e2fsprogs-1.45.4-3.0.7.el7.src.rpm	c935e4c741bf6b23fc2246024c8a84b3	-	ol7_aarch64_latest
	e2fsprogs-1.45.4-3.0.7.el7.src.rpm	c935e4c741bf6b23fc2246024c8a84b3	-	ol7_aarch64_optional_latest
	e2fsprogs-1.45.4-3.0.7.el7.src.rpm	c935e4c741bf6b23fc2246024c8a84b3	-	ol7_aarch64_u9_patch
	e2fsprogs-1.45.4-3.0.7.el7.aarch64.rpm	4a0c6c9b6e227350cabf3dd8ba26350d	-	ol7_aarch64_latest
	e2fsprogs-1.45.4-3.0.7.el7.aarch64.rpm	4a0c6c9b6e227350cabf3dd8ba26350d	-	ol7_aarch64_u9_patch
	e2fsprogs-devel-1.45.4-3.0.7.el7.aarch64.rpm	2bd8eeb1ac678e934543251c496b26de	-	ol7_aarch64_latest
	e2fsprogs-devel-1.45.4-3.0.7.el7.aarch64.rpm	2bd8eeb1ac678e934543251c496b26de	-	ol7_aarch64_u9_patch
	e2fsprogs-libs-1.45.4-3.0.7.el7.aarch64.rpm	22a78493c8c5289bb709eab4434ff8f3	-	ol7_aarch64_latest
	e2fsprogs-libs-1.45.4-3.0.7.el7.aarch64.rpm	22a78493c8c5289bb709eab4434ff8f3	-	ol7_aarch64_u9_patch
	e2fsprogs-static-1.45.4-3.0.7.el7.aarch64.rpm	c3702f60d3fdfd2cf2181f9ba1c798b6	-	ol7_aarch64_optional_latest
	libcom_err-1.45.4-3.0.7.el7.aarch64.rpm	fbf5ac77f69ecc95591ac460117e4a56	-	ol7_aarch64_latest
	libcom_err-1.45.4-3.0.7.el7.aarch64.rpm	fbf5ac77f69ecc95591ac460117e4a56	-	ol7_aarch64_u9_patch
	libcom_err-devel-1.45.4-3.0.7.el7.aarch64.rpm	38827000441162ea0f81e0dec3347892	-	ol7_aarch64_latest
	libcom_err-devel-1.45.4-3.0.7.el7.aarch64.rpm	38827000441162ea0f81e0dec3347892	-	ol7_aarch64_u9_patch
	libss-1.45.4-3.0.7.el7.aarch64.rpm	de540b3c4db769873f83a96a71e47651	-	ol7_aarch64_latest
	libss-1.45.4-3.0.7.el7.aarch64.rpm	de540b3c4db769873f83a96a71e47651	-	ol7_aarch64_u9_patch
	libss-devel-1.45.4-3.0.7.el7.aarch64.rpm	d58ff7e30cbe635db32c6967e4f2d1d0	-	ol7_aarch64_optional_latest

Oracle Linux 7 (x86_64)	e2fsprogs-1.45.4-3.0.7.el7.src.rpm	c935e4c741bf6b23fc2246024c8a84b3	-	ol7_x86_64_UEKR5
	e2fsprogs-1.45.4-3.0.7.el7.src.rpm	c935e4c741bf6b23fc2246024c8a84b3	-	ol7_x86_64_latest
	e2fsprogs-1.45.4-3.0.7.el7.src.rpm	c935e4c741bf6b23fc2246024c8a84b3	-	ol7_x86_64_optional_latest
	e2fsprogs-1.45.4-3.0.7.el7.src.rpm	c935e4c741bf6b23fc2246024c8a84b3	-	ol7_x86_64_u9_patch
	e2fsprogs-1.45.4-3.0.7.el7.i686.rpm	aeaab910d32085c3ebd6847210720594	-	ol7_x86_64_UEKR5
	e2fsprogs-1.45.4-3.0.7.el7.x86_64.rpm	4fc02e947d223b29628db65e004debd0	-	ol7_x86_64_UEKR5
	e2fsprogs-1.45.4-3.0.7.el7.x86_64.rpm	4fc02e947d223b29628db65e004debd0	-	ol7_x86_64_latest
	e2fsprogs-1.45.4-3.0.7.el7.x86_64.rpm	4fc02e947d223b29628db65e004debd0	-	ol7_x86_64_u9_patch
	e2fsprogs-devel-1.45.4-3.0.7.el7.i686.rpm	59b51f32a488b90edf7c151dd496b26d	-	ol7_x86_64_UEKR5
	e2fsprogs-devel-1.45.4-3.0.7.el7.i686.rpm	59b51f32a488b90edf7c151dd496b26d	-	ol7_x86_64_latest
	e2fsprogs-devel-1.45.4-3.0.7.el7.i686.rpm	59b51f32a488b90edf7c151dd496b26d	-	ol7_x86_64_u9_patch
	e2fsprogs-devel-1.45.4-3.0.7.el7.x86_64.rpm	40987b44398c4c3014e8644cd152e45d	-	ol7_x86_64_UEKR5
	e2fsprogs-devel-1.45.4-3.0.7.el7.x86_64.rpm	40987b44398c4c3014e8644cd152e45d	-	ol7_x86_64_latest
	e2fsprogs-devel-1.45.4-3.0.7.el7.x86_64.rpm	40987b44398c4c3014e8644cd152e45d	-	ol7_x86_64_u9_patch
	e2fsprogs-libs-1.45.4-3.0.7.el7.i686.rpm	b43d5384026996d778f5063f642586d8	-	ol7_x86_64_UEKR5
	e2fsprogs-libs-1.45.4-3.0.7.el7.i686.rpm	b43d5384026996d778f5063f642586d8	-	ol7_x86_64_latest
	e2fsprogs-libs-1.45.4-3.0.7.el7.i686.rpm	b43d5384026996d778f5063f642586d8	-	ol7_x86_64_u9_patch
	e2fsprogs-libs-1.45.4-3.0.7.el7.x86_64.rpm	d9380c434aaddbaa113b0a07192d14de	-	ol7_x86_64_UEKR5
	e2fsprogs-libs-1.45.4-3.0.7.el7.x86_64.rpm	d9380c434aaddbaa113b0a07192d14de	-	ol7_x86_64_latest
	e2fsprogs-libs-1.45.4-3.0.7.el7.x86_64.rpm	d9380c434aaddbaa113b0a07192d14de	-	ol7_x86_64_u9_patch
	e2fsprogs-static-1.45.4-3.0.7.el7.i686.rpm	c927bbba98352f21e11761aa76d5fa54	-	ol7_x86_64_UEKR5
	e2fsprogs-static-1.45.4-3.0.7.el7.i686.rpm	c927bbba98352f21e11761aa76d5fa54	-	ol7_x86_64_optional_latest
	e2fsprogs-static-1.45.4-3.0.7.el7.x86_64.rpm	96eda1132e8a0e07ccae5009754f9888	-	ol7_x86_64_UEKR5
	e2fsprogs-static-1.45.4-3.0.7.el7.x86_64.rpm	96eda1132e8a0e07ccae5009754f9888	-	ol7_x86_64_optional_latest
	libcom_err-1.45.4-3.0.7.el7.i686.rpm	7d4fdf7380c5b13e76f85dcbfdecae74	-	ol7_x86_64_UEKR5
	libcom_err-1.45.4-3.0.7.el7.i686.rpm	7d4fdf7380c5b13e76f85dcbfdecae74	-	ol7_x86_64_latest
	libcom_err-1.45.4-3.0.7.el7.i686.rpm	7d4fdf7380c5b13e76f85dcbfdecae74	-	ol7_x86_64_u9_patch
	libcom_err-1.45.4-3.0.7.el7.x86_64.rpm	049ca01d8370b1a662af9a05d7c2bcde	-	ol7_x86_64_UEKR5
	libcom_err-1.45.4-3.0.7.el7.x86_64.rpm	049ca01d8370b1a662af9a05d7c2bcde	-	ol7_x86_64_latest
	libcom_err-1.45.4-3.0.7.el7.x86_64.rpm	049ca01d8370b1a662af9a05d7c2bcde	-	ol7_x86_64_u9_patch
	libcom_err-devel-1.45.4-3.0.7.el7.i686.rpm	2968481a57a5bc80b8fb6cc2d8e2ab5a	-	ol7_x86_64_UEKR5
	libcom_err-devel-1.45.4-3.0.7.el7.i686.rpm	2968481a57a5bc80b8fb6cc2d8e2ab5a	-	ol7_x86_64_latest
	libcom_err-devel-1.45.4-3.0.7.el7.i686.rpm	2968481a57a5bc80b8fb6cc2d8e2ab5a	-	ol7_x86_64_u9_patch
	libcom_err-devel-1.45.4-3.0.7.el7.x86_64.rpm	d079c0a65ceedf15008333fbdf5aa4f0	-	ol7_x86_64_UEKR5
	libcom_err-devel-1.45.4-3.0.7.el7.x86_64.rpm	d079c0a65ceedf15008333fbdf5aa4f0	-	ol7_x86_64_latest
	libcom_err-devel-1.45.4-3.0.7.el7.x86_64.rpm	d079c0a65ceedf15008333fbdf5aa4f0	-	ol7_x86_64_u9_patch
	libss-1.45.4-3.0.7.el7.i686.rpm	4d62f8341fdb47d00922b20c9f3bbb05	-	ol7_x86_64_UEKR5
	libss-1.45.4-3.0.7.el7.i686.rpm	4d62f8341fdb47d00922b20c9f3bbb05	-	ol7_x86_64_latest
	libss-1.45.4-3.0.7.el7.i686.rpm	4d62f8341fdb47d00922b20c9f3bbb05	-	ol7_x86_64_u9_patch
	libss-1.45.4-3.0.7.el7.x86_64.rpm	07441e61aeb026691afb48ff8bc47a05	-	ol7_x86_64_UEKR5
	libss-1.45.4-3.0.7.el7.x86_64.rpm	07441e61aeb026691afb48ff8bc47a05	-	ol7_x86_64_latest
	libss-1.45.4-3.0.7.el7.x86_64.rpm	07441e61aeb026691afb48ff8bc47a05	-	ol7_x86_64_u9_patch
	libss-devel-1.45.4-3.0.7.el7.i686.rpm	fceba863b1352bb135092ba63e01b8e1	-	ol7_x86_64_UEKR5
	libss-devel-1.45.4-3.0.7.el7.i686.rpm	fceba863b1352bb135092ba63e01b8e1	-	ol7_x86_64_optional_latest
	libss-devel-1.45.4-3.0.7.el7.x86_64.rpm	2723dd9ae1b26378eda7ccf602f0ce5e	-	ol7_x86_64_UEKR5
	libss-devel-1.45.4-3.0.7.el7.x86_64.rpm	2723dd9ae1b26378eda7ccf602f0ce5e	-	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

Oracle customers - enter a support request
Vulnerability scanning tools vendors and project maintainers - follow the standard ISV process

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691