-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-f3262abda6 2016-06-02 09:07:35.214300 --------------------------------------------------------------------------------
Name : dosfstools Product : Fedora 22 Version : 3.0.27 Release : 2.fc22 URL : http://github.com/dosfstools/dosfstools Summary : Utilities for making and checking MS-DOS FAT filesystems on Linux Description : The dosfstools package includes the mkdosfs and dosfsck utilities, which respectively make and check MS-DOS FAT filesystems on hard drives or on floppies.
-------------------------------------------------------------------------------- Update Information:
This is an update fixing off-by-2 error leading to corruption in FAT12 ( CVE-2015-8872) and heap-buffer-overflows in read_fat() and get_fat() functions (CVE-2016-4804). -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1336745 - CVE-2016-4804 dosfstools: Heap-buffer-overflows in read_fat() and get_fat() functions https://bugzilla.redhat.com/show_bug.cgi?id=1336745 [ 2 ] Bug #1336739 - CVE-2015-8872 dosfstools: Off-by-2 error leading to corruption in FAT12 https://bugzilla.redhat.com/show_bug.cgi?id=1336739 --------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use su -c 'yum update dosfstools' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org