Oval Definition:oval:org.opensuse.security:def:108759
Revision Date:2021-09-07Version:1
Title:Security update for ntfs-3g_ntfsprogs (Important)
Description:

This update for ntfs-3g_ntfsprogs fixes the following issues:

Update to version 2021.8.22 (bsc#1189720):

Fixed compile error when building with libfuse < 2.8.0 * Fixed obsolete macros in configure.ac * Signalled support of UTIME_OMIT to external libfuse2 * Fixed an improper macro usage in ntfscp.c * Updated the repository change in the README * Fixed vulnerability threats caused by maliciously tampered NTFS partitions * Security fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE_2021-39254, CVE-2021-39255, CVE-2021-39256, CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261, CVE-2021-39262, CVE-2021-39263.

- Library soversion is now 89

Changes in version 2017.3.23 * Delegated processing of special reparse points to external plugins * Allowed kernel cacheing by lowntfs-3g when not using Posix ACLs * Enabled fallback to read-only mount when the volume is hibernated * Made a full check for whether an extended attribute is allowed * Moved secaudit and usermap to ntfsprogs (now ntfssecaudit and ntfsusermap) * Enabled encoding broken UTF-16 into broken UTF-8 * Autoconfigured selecting vs * Allowed using the full library API on systems without extended attributes support * Fixed DISABLE_PLUGINS as the condition for not using plugins * Corrected validation of multi sector transfer protected records * Denied creating/removing files from $Extend * Returned the size of locale encoded target as the size of symlinks
Family:unixClass:patch
Status:Reference(s):1189720
CVE-2019-9755
CVE-2021-33285
CVE-2021-33286
CVE-2021-33287
CVE-2021-33289
CVE-2021-35266
CVE-2021-35267
CVE-2021-35268
CVE-2021-35269
CVE-2021-39251
CVE-2021-39252
CVE-2021-39253
CVE-2021-39255
CVE-2021-39256
CVE-2021-39257
CVE-2021-39258
CVE-2021-39259
CVE-2021-39260
CVE-2021-39261
CVE-2021-39262
CVE-2021-39263
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
Product(s):
BACK