Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 563936 (CVE-2015-8026)

Summary: <sys-fs/exfat-utils-1.2.1: Heap overflow and endless loop (CVE-2015-8026)
Product: Gentoo Security Reporter: Hanno Böck <hanno>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: base-system, ssuominen
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa cve]
Package list:
Runtime testing required: ---

Description Hanno Böck gentoo-dev 2015-10-24 08:28:19 UTC
The release of exfat-utils 1.2.1 fixes two potential security bugs I discovered. One of them is a bit more severe (a write heap overflow), therefore I think this deserves security handling.

The update is already in the tree, so stabilization would be next.
Comment 1 Agostino Sarubbo gentoo-dev 2015-10-27 16:17:30 UTC
amd64 stable
Comment 2 Agostino Sarubbo gentoo-dev 2015-10-27 16:17:53 UTC
x86 stable
Comment 3 Agostino Sarubbo gentoo-dev 2015-10-28 08:11:28 UTC
Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 4 Yury German Gentoo Infrastructure gentoo-dev 2015-12-31 02:23:29 UTC
Arches, Thank you for your work.
New GLSA Request filed.

Maintainer(s), please drop the vulnerable version(s).
Comment 5 Mike Gilbert gentoo-dev 2016-09-21 01:59:00 UTC
Cleanup done.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2016-12-12 00:18:10 UTC
This issue was resolved and addressed in
 GLSA 201612-31 at
by GLSA coordinator Kristian Fiskerstrand (K_F).