847598 – (CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789) <sys-fs/ntfs3g-2022.5.17: multiple vulnerabilities

Bug 847598 (CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789) - <sys-fs/ntfs3g-2022.5.17: multiple vulnerabilities

Summary: <sys-fs/ntfs3g-2022.5.17: multiple vulnerabilities

Status:	RESOLVED FIXED

Alias:	CVE-2022-30783, CVE-2022-30784, CVE-2022-30785, CVE-2022-30786, CVE-2022-30787, CVE-2022-30788, CVE-2022-30789

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Security

URL:
Whiteboard:	A2 [glsa+]
Keywords:

Depends on:	847823
Blocks:
	Show dependency tree

Reported:	2022-05-26 18:11 UTC by Michael
Modified:	2023-01-11 05:26 UTC (History)
CC List:	3 users (show)

See Also:	CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michael 2022-05-26 18:11:42 UTC

https://github.com/tuxera/ntfs-3g/releases/tag/2022.5.17

Comment 1 Jonas Stein gentoo-dev

2022-05-27 08:25:39 UTC

https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-6mv4-4v73-xw58

Comment 2 Larry the Git Cow gentoo-dev

2022-05-27 16:06:13 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=11a9a9dae6476c69f140bbf2938e75b6b11c3959

commit 11a9a9dae6476c69f140bbf2938e75b6b11c3959
Author:     Mike Gilbert <floppym@gentoo.org>
AuthorDate: 2022-05-27 16:05:09 +0000
Commit:     Mike Gilbert <floppym@gentoo.org>
CommitDate: 2022-05-27 16:05:50 +0000

    sys-fs/ntfs3g: add 2022.5.17
    
    Bug: https://bugs.gentoo.org/847598
    Signed-off-by: Mike Gilbert <floppym@gentoo.org>

 sys-fs/ntfs3g/Manifest                |  1 +
 sys-fs/ntfs3g/ntfs3g-2022.5.17.ebuild | 83 +++++++++++++++++++++++++++++++++++
 2 files changed, 84 insertions(+)

Comment 3 John Helmert III archtester

2022-11-22 16:42:44 UTC

GLSA request filed

Comment 4 Larry the Git Cow gentoo-dev

2023-01-11 05:22:57 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=0b323c3c4c76d17342e03e1b9c0abd5a2e564341

commit 0b323c3c4c76d17342e03e1b9c0abd5a2e564341
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2023-01-11 05:15:14 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2023-01-11 05:22:03 +0000

    [ GLSA 202301-01 ] NTFS-3G: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/811156
    Bug: https://bugs.gentoo.org/847598
    Bug: https://bugs.gentoo.org/878885
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202301-01.xml | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)

Comment 5 John Helmert III archtester

2023-01-11 05:26:16 UTC

GLSA released, all done!