Register | Log in

f2fs-tools

Tools for Flash-Friendly File System

Choose email to subscribe with

general

source: f2fs-tools (main)
version: 1.14.0-2
maintainer: Filesystems Group (archive) (DMD)
uploaders: Theodore Y. Ts'o [DMD] – Vincent Cheng [DMD]
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.4.0-2
oldstable: 1.7.0-1.1
old-bpo: 1.11.0-1~bpo9+1
stable: 1.11.0-1.1
testing: 1.14.0-2
unstable: 1.14.0-2

versioned links

1.4.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.7.0-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.11.0-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.11.0-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.14.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

f2fs-tools (3 bugs: 0, 2, 1, 0)
f2fs-tools-udeb
libf2fs-dev
libf2fs-format-dev

action needed

6 security issues in stretch high

There are 6 open security issues in stretch.

6 important issues:

CVE-2020-6070: An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6104: An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6105: An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6106: An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6107: An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6108: An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.

Please fix them.

Created: 2020-07-31 Last update: 2021-01-09 05:31

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 1.14.0-3, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Created: 2021-01-04 Last update: 2021-01-12 19:06

lintian reports 7 warnings normal

Lintian reports 7 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-08-22 06:03

6 ignored security issues in buster low

There are 6 open security issues in buster.

6 issues skipped by the security teams:

CVE-2020-6070: An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6104: An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure resulting in a information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6105: An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6106: An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose information. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6107: An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause an uninitialized read resulting in an information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-6108: An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.

Please fix them.

Created: 2020-07-31 Last update: 2021-01-09 05:31

news

[2021-01-09] f2fs-tools 1.14.0-2 MIGRATED to testing (Debian testing watch)
[2021-01-04] Accepted f2fs-tools 1.14.0-2 (source) into unstable (Theodore Y. Ts'o) (signed by: Theodore Ts'o)
[2021-01-03] Accepted f2fs-tools 1.14.0-1 (source) into unstable (Theodore Y. Ts'o) (signed by: Theodore Ts'o)
[2020-12-27] f2fs-tools 1.11.0-1.2 MIGRATED to testing (Debian testing watch)
[2020-12-21] Accepted f2fs-tools 1.11.0-1.2 (source) into unstable (Paul Gevers)
[2018-12-17] f2fs-tools 1.11.0-1.1 MIGRATED to testing (Debian testing watch)
[2018-12-06] Accepted f2fs-tools 1.11.0-1.1 (source) into unstable (gregor herrmann)
[2018-10-29] Accepted f2fs-tools 1.11.0-1~bpo9+1 (source amd64) into stretch-backports, stretch-backports (Theodore Y. Ts'o) (signed by: Theodore Ts'o)
[2018-09-01] f2fs-tools 1.11.0-1 MIGRATED to testing (Debian testing watch)
[2018-08-27] Accepted f2fs-tools 1.11.0-1 (source amd64) into unstable, unstable (Theodore Y. Ts'o) (signed by: Theodore Ts'o)
[2018-05-07] Accepted f2fs-tools 1.10.0-1~bpo9+1 (source i386) into stretch-backports, stretch-backports (Theodore Y. Ts'o) (signed by: Theodore Ts'o)
[2018-03-05] f2fs-tools 1.10.0-1 MIGRATED to testing (Debian testing watch)
[2018-02-28] Accepted f2fs-tools 1.10.0-1 (source) into unstable (Vincent Cheng)
[2017-01-09] Accepted f2fs-tools 1.7.0-1.1~bpo8+1 (source i386) into jessie-backports, jessie-backports (Theodore Y. Ts'o) (signed by: Theodore Ts'o)
[2017-01-06] f2fs-tools 1.7.0-1.1 MIGRATED to testing (Debian testing watch)
[2016-12-26] Accepted f2fs-tools 1.7.0-1.1 (source amd64) into unstable, unstable (Adam Borowski)
[2016-09-07] f2fs-tools 1.7.0-1 MIGRATED to testing (Debian testing watch)
[2016-09-02] Accepted f2fs-tools 1.7.0-1 (source) into unstable (Vincent Cheng)
[2016-04-09] f2fs-tools 1.6.1-1 MIGRATED to testing (Debian testing watch)
[2016-04-04] Accepted f2fs-tools 1.6.1-1 (source) into unstable (Vincent Cheng)
[2016-01-03] f2fs-tools 1.6.0-2 MIGRATED to testing (Debian testing watch)
[2015-12-29] f2fs-tools 1.6.0-1 MIGRATED to testing (Debian testing watch)
[2015-12-29] Accepted f2fs-tools 1.6.0-2 (source) into unstable (Vincent Cheng)
[2015-12-23] Accepted f2fs-tools 1.6.0-1 (source amd64) into unstable, unstable (Vincent Cheng)
[2015-05-05] f2fs-tools 1.4.1-1 MIGRATED to testing (Britney)
[2015-04-29] Accepted f2fs-tools 1.4.1-1 (source) into unstable (Vincent Cheng)
[2014-09-30] f2fs-tools 1.4.0-2 MIGRATED to testing (Britney)
[2014-09-24] Accepted f2fs-tools 1.4.0-2 (source) into unstable (Vincent Cheng)
[2014-09-20] Accepted f2fs-tools 1.4.0-1 (source) into unstable (Vincent Cheng)
[2014-04-26] f2fs-tools 1.3.0-1 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 4
RC: 0
I&N: 3
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (0, 7)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.11.0-1.2
2 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing