[Bug 1489066] Re: xfsprogs: xfs_metadump information disclosure
Colin Watson
cjwatson at canonical.com
Fri Nov 27 10:14:40 UTC 2015
This bug was fixed in the package xfsprogs - 4.2.0
---------------
xfsprogs (4.2.0) unstable; urgency=low
* New upstream release
-- Nathan Scott <nathans at debian.org> Mon, 07 Sep 2015 10:13:54 +1000
xfsprogs (3.2.4) unstable; urgency=low
* New upstream release
* Fix xfs_metadump information leak (CVE-2012-2150)
-- Nathan Scott <nathans at debian.org> Wed, 29 Jul 2015 15:31:27 +1000
xfsprogs (3.2.3) unstable; urgency=low
* New upstream release
-- Nathan Scott <nathans at debian.org> Mon, 01 Jun 2015 11:35:02 +1000
xfsprogs (3.2.2) unstable; urgency=low
* New upstream release
* Rework dh-autoreconf invocation (closes: #757455)
* Update licensing words for headers (closes: #751511)
-- Nathan Scott <nathans at debian.org> Mon, 10 Nov 2014 20:35:27 +1100
** Changed in: xfsprogs (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to xfsprogs in Ubuntu.
https://bugs.launchpad.net/bugs/1489066
Title:
xfsprogs: xfs_metadump information disclosure
Status in xfsprogs package in Ubuntu:
Fix Released
Status in xfsprogs source package in Precise:
Triaged
Status in xfsprogs source package in Trusty:
Triaged
Status in xfsprogs source package in Vivid:
Triaged
Status in xfsprogs source package in Wily:
Triaged
Bug description:
Please see http://seclists.org/oss-sec/2015/q3/181 for details.
Fixed upstream in version 3.2.4, see
http://oss.sgi.com/pipermail/xfs/2015-July/042726.html
Also fixed by that version in debian, see https://security-
tracker.debian.org/tracker/CVE-2012-2150
Cheers,
Daniel
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xfsprogs/+bug/1489066/+subscriptions
More information about the foundations-bugs
mailing list