ELSA-2024-12730

ELSA-2024-12730 - e2fsprogs security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-10-10

Description

[1.45.4-3.0.7.el7]
- libext2fs: add sanity check to extent manipulation (Srivathsa Dara) [Orabug:
37095032] {CVE-2022-1304}

[1.45.4-3.0.5.el7]
- e2fsprogs: bump version to 1.45.4-3.0.5

[1.45.4-3.0.5]
- Fix missing changelog entries to match the latest RHEL8 packages

[1.45.4-3.0.3]
- Fix build scripts to generate i386 builds
- Re-integrate ext2_types.h multiarch compatibility fixes.

[1.45.4-3.0.1]
- Integrate patches from the 'upstream' 1.45.4 package.
- Fix the version number to match Oracle standards.
- Re-integrate the multiarch build kludge from RH.
- Enable e2scrub package for OL8 only
- Start building newer package for UEK6

[1.45.4-3]
- Fix clang warning introduced in previous release (#1783777)

[1.45.4-2]
- Fix ABI breakage introduced in previous release (#1783777)

[1.45.4-1]
- Rebase to the release 1.45.4 (#1783777)
- provide rhel6/7 compatible fs_type in mke2fs.conf (#1780279)
- fix crafted ext4 partition leads to out-of-bounds write (#1768709)
- include note about supported rhel8 features and options (#1788573)

[1.44.6-3]
- Backport fixes from 1.45.2 (#1714927)
- Fix errors in rpmdiff (#1714923)

[1.44.6-2]
- Backport fixes from 1.45.1

[1.44.6-1]
- Rebase to the release 1.44.6 (#1695147)
- Backport fixes from 1.45.0
- Add gating.yaml (#1679654)

[1.44.3-2]
- Backport fixes from upstream version 1.44.4 (#1659526)

[1.44.3-1]
- New upstream release

[1.43.8-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[1.43.8-1]
- New upstream release
- Fix build failure swapfs.c on big-endian

[1.43.7-1]
- New upstream release

[1.43.6-1]
- New upstream release

[1.43.5-2]
- Bump and rebuild for an rpm signing issue

[1.43.5-1]
- New upstream release

[1.43.4-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild

[1.43.4-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[1.43.4-2]
- Add missing MIT macro

[1.43.4-1]
- New upstream release

[1.43.3-1]
- New upstream release

[1.43.2-1]
- New upstream release (broken on i686, not built)

[1.43.1-2]
- Fix e2undo endian issues (#1344636)

[1.43.1-1]
- New upstream release

[1.42.13-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

[1.42.13-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

[1.42.13-2]
- Add -fno-strict-aliasing (#1211582)

[1.42.13-1]
- New upstream release

[1.42.12-5]
- Don't trigger full check within time fudge window (#1202024)

[1.42.12-4]
- Fix potential buffer overflow in closefs (#1193947, CVE-2015-1572)
- Fix dumpe2fs segfault with no arguments (#1194063)
- Don't require fsck prior to resize2fs -P (#1170803)

[1.42.12-3]
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code

[1.42.12-2]
- Fix use after free (#1192861)
- Fix time-based fsck if set in superblock (e2fsck.conf, #963283)

[1.42.12-1]
- New upstream release

[1.42.11-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

[1.42.11-2]
- fix license handling

[1.42.11-1]
- New upstream release

[1.42.10-5]
- Rebuilt for buggy rpm 4.12 alpha -
https://lists.fedoraproject.org/pipermail/devel/2014-June/200633.html

[1.42.10-4]
- Add missing dependency info for quota.c - fixes build on s390(x)

[1.42.10-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

[1.42.10-2]
- Fix large file handling on 32-bit builds

[1.42.10-1]
- New upstream release
- Enable userspace quota

Related CVEs

CVE-2022-1304

Updated Packages

Release/Architecture

Filename

sha256

Superseded By Advisory

Channel Label

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team