1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5160-1] ntfs-3g security update

    From Salvatore Bonaccorso@21:1/5 to All on Fri Jun 10 23:20:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5160-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    June 10, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : ntfs-3g
    CVE ID : CVE-2021-46790 CVE-2022-30783 CVE-2022-30784 CVE-2022-30785
    CVE-2022-30786 CVE-2022-30787 CVE-2022-30788 CVE-2022-30789 Debian Bug : 1011770

    Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS
    driver for FUSE. A local user can take advantage of these flaws for
    local root privilege escalation.

    For the oldstable distribution (buster), these problems have been fixed
    in version 1:2017.3.23AR.3-3+deb10u2.

    For the stable distribution (bullseye), these problems have been fixed in version 1:2017.3.23AR.3-4+deb11u2.

    We recommend that you upgrade your ntfs-3g packages.

    For the detailed security status of ntfs-3g please refer to its security tracker page at:
    https://security-tracker.debian.org/tracker/ntfs-3g

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmKjtPJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QOHA//XaiDOpHPq/z1IF6b7og9UEDOfvV7+D8bihCLKBqe2kwf/lEfbAoJ15/d CgySvMnde4dwj4nxTYlY6tdIFRnJ3DVohmCi6VR0cX+L7JzQ2VWjL5S6ji4NKk85 2ZSrSaansDrjUHteOqmW13Z7BLgm04MK47dBR7oF1fN6ZURghwHEHCTbBFunlzJu 1JCyyI7q36iwpcXSk2BUjhB7NgPM1vl+FHdlaPemLvI97mG1PWPqKG1FmQbKx0ZH gNZ8pRfGpsKKzEQJ+jVZUUjSKLclE6Jbe/87HQv3qlEnjtHtyXGvKifPAyVZ+/Zh 76C5sMrkaPG+FmFSo0LEDCn2fFputfwP6O+QbraaTtmwrv3EfH4su+jULHxyCuHB ZcvtCzgrox1lfvnVjcvFPQIncb4OYYsmSxNe8D3meYCRYFuS0EOroBukbvyzW1MG AB80JztFMcJX5VjEKpaeT4luH4EQ29YoExqF84Cni+yXCvqZewZsoTo8+4ITnWlj zpwYh1oh+uTK+yGBYyHCuPAJoUdsw82TMCWTSWoRduzV5/geo/F07zkF5tEAQDxH w9dKN5LNBC8nGElhMzvvS12hzVMJpCp1tuiHcUfsYEEvfj/UddVOiTGNd5O6pfzK VEmrULxk3thNNQHuczslLmfVzn1pwHgaCc4T5QloMlrXV8cuBZY=
    =QNTr
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)