From ${URL} : https://blog.fuzzing-project.org/44-dosfstools-fsck.vfat-Several-invalid-memory-accesses.html I lately fuzzed various filesystem check tools. This uncovered a number of issues in dosfstools / fsck.fat that have now been fixed in the new version 4.0. All issues were found with american fuzzy lop and address sanitizer. https://github.com/dosfstools/dosfstools/issues/11 Global out of bounds read file_stat() / check_dir() https://github.com/dosfstools/dosfstools/commit/2aad1c83c7d010de36afbe79c9fde22c50aa2f74 Git commit / fix https://github.com/dosfstools/dosfstools/issues/12 Unclear invalid memory access in get_fat() https://github.com/dosfstools/dosfstools/commit/07908124838afcc99c577d1d3e84cef2dbd39cb7 Git commit / fix https://github.com/dosfstools/dosfstools/issues/25 Heap overflow in read_fat() https://github.com/dosfstools/dosfstools/issues/26 Heap out of bounds read in get_fat() https://github.com/dosfstools/dosfstools/commit/e8eff147e9da1185f9afd5b25948153a3b97cf52 Git commit / fix for both issues These bugs can pose a security risk if a system automatically checks attached storage media with fsck or in situations where filesystems on untrusted devices get checked. The new version dosfstools 4.0 fixes all four bugs. @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
these are all in the 4.0 release which is already in the tree. should be fine for stable.
Since SpanKY is ok with it, can this be stabilized? Bug 574654 would be fixed at the same time.
Arches please test and mark stable =sys-fs/dosfstools-r1 with target KEYWORDS: alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~arm-linux ~x86-linux
Whoops, typo... Arches please test and mark stable =sys-fs/dosfstools-4.0-r1 with target KEYWORDS: alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-linux ~arm-linux ~x86-linux
Stable on alpha
amd64 stable
Stable for HPPA PPC64.
arm stable
x86 stable
done the rest now
Downgraded to B3 as both CVE's identify a DoS. GLSA Vote: No @maintainer(s), please clean the vulnerable version from the tree.
Cleanup PR: https://github.com/gentoo/gentoo/pull/3393
Cleaned up via a1df44e19222491817ca271bd98a6ccdcd291b06.