-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 09 Jun 2022 14:43:42 +0200 Source: ntfs-3g Architecture: source Version: 1:2017.3.23AR.3-3+deb10u2 Distribution: buster-security Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 1011770 Changes: ntfs-3g (1:2017.3.23AR.3-3+deb10u2) buster-security; urgency=high . * Non-maintainer upload by the Security Team. * Fix multiple issues (Closes: #1011770) - Used a default usn when the former one cannot be retrieved (CVE-2022-30788) - Made sure there is no null character in an attribute name (CVE-2022-30786) - Avoided allocating and reading an attribute beyond its full size (CVE-2022-30784) - Made sure the client log data does not overflow from restart page (CVE-2022-30789) - Made sure there is no null character in an attribute name (bis) (CVE-2022-30786) - Fixed possible out-of-buffer condition in ntfsck (CVE-2021-46790) - Fixed operation on little endian data (CVE-2022-30788) - Returned an error code when the --help or --version options are used (CVE-2022-30783) - Hardened the checking of directory offset requested by a readdir (CVE-2022-30785, CVE-2022-30787) Checksums-Sha1: 48fa15b9053ed56157ea81014d7e06c36350af21 2363 ntfs-3g_2017.3.23AR.3-3+deb10u2.dsc 4451d8e31a3031f53547b9c7f27d6e3c317c3594 39240 ntfs-3g_2017.3.23AR.3-3+deb10u2.debian.tar.xz Checksums-Sha256: dfa1a20bae7bcbc69f776e094853c324b1bd031bf1f9d44f33429ae516dffcdd 2363 ntfs-3g_2017.3.23AR.3-3+deb10u2.dsc faf80a26cc3c6e3a61310e07864fd9c7425f5714064dda4a5ea519044b726956 39240 ntfs-3g_2017.3.23AR.3-3+deb10u2.debian.tar.xz Files: de8184b16c9b30a1d4e44190ed9f59a5 2363 otherosfs optional ntfs-3g_2017.3.23AR.3-3+deb10u2.dsc 6f26c3ba043bd8d6f6650ec05cb2d420 39240 otherosfs optional ntfs-3g_2017.3.23AR.3-3+deb10u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmKh62xfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EOrcP/04Qqq2xVN80SNop6agjBB9P6OcgCkPf 7qDAFnWajhsX5Pv7jzwIeg+x5giuyeDnFDhmFUag4BJ3KZf1LZJJRcB7dBa7DKYI bYT/ubW9Z2uWYLCy6Z9DhaqdT98vv0TeQgTvpiiRJ7bfCT6Ttjx8xbvmMAU1DkY4 jo+rwyqZbA/qgeoS/smE5SWSnGnfNCyUhEHFDHq37jGJH/fkvjsnUsbVzPbjsCFI 4xSJhOhjHyLASM9UlJ27N7jgr0Fg1NLpSbs28RYEv0GFqZk3Qo9FLQPLgmvb+nU1 D1B5UdoMDUmAy42QyfOmZb4Iv5ZdwrNg6f0ok9mRCLViYELnEpop5vzO+1OrP66w VxSaH93Dc/pcwZxZd5I0rsE8HhkU+hgP4hasNiixIg01O+EOzx9J0lOqRehdGm31 LaHFWJjLU5BH6yaZ+23C6YPt3KG1IguhZCxM8XABBGaXsJEkt//2ZuNxOKh2Y35s 4twPplXC2kc38dHYHMvmJofrEVnMzRZmxS/XedwMMCPRWQv8iDR4QLRgyu2J0XoC qkhx7nLrxVNUi/kL4JtWQZj+nrVOMQe8GJCCSOACm8N7Azpv6xDwdinfeu8PFA3b o3zo2B86LD9IJ5Ac7dk3qxKDKzuy7ayYGBoIswT5zkksYGRjEn/uo9W5U3yVVbVj bJrlXTKPOzgC =oZ37 -----END PGP SIGNATURE-----