-
e2fsprogs (1.44.1-1ubuntu1.4) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds read/write vulnerability
Issue leads to segmentation fault and possibly arbitrary code
execution via a specially crafted filesystem.
- debian/patches/CVE-2022-1304.patch: checks that all leaf nodes of
file system contain at least one extent.
- CVE-2022-1304
-- Mark Esler <email address hidden> Thu, 02 Jun 2022 09:37:00 -0500
-
e2fsprogs (1.44.1-1ubuntu1.3) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds write
- debian/patches/CVE-2019-5188-*.patch: abort if there is a corrupted
directory block when rehashing and don't try to rehash a deleted directory
in e2fsck/rehash.c, e2fsck/pass1b.c.
- CVE-2019-5188
-- <email address hidden> (Leonidas S. Barbosa) Wed, 22 Jan 2020 11:40:45 -0300
-
e2fsprogs (1.44.1-1ubuntu1.2) bionic-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds write on the heap
- debian/patches/CVE-2019-5094.patch: add checks to prevent
buffer overrun in quota code in lib/support/quotaio_tree.c,
lib/support/quotaio_v2.c, lib/support/mkquota.c.
- CVE-2019-5094
-- <email address hidden> (Leonidas S. Barbosa) Thu, 26 Sep 2019 15:01:58 -0300
-
e2fsprogs (1.44.1-1ubuntu1.1) bionic; urgency=medium
* d/patches/0001-resize2fs-update-checksums-in-the-extent-tree-s-relo.patch:
do the checksum update later in extent tree relocated block to denote the
inode number change, otherwise the checksum update might be done in the old
copy of the block. (LP: #1798562)
-- Mathieu Trudel-Lapierre <email address hidden> Thu, 24 Jan 2019 18:11:28 -0500
-
e2fsprogs (1.44.1-1ubuntu1) bionic; urgency=medium
* debian/patches/0001-libext2fs-fix-regression-so-we-are-correctly-
transla.patch: cherry-pick upstream fix so we are correctly translating
acls in mkfs.ext4. Closes LP: #1807288.
-- Steve Langasek <email address hidden> Tue, 11 Dec 2018 10:39:48 -0800
-
e2fsprogs (1.44.1-1) unstable; urgency=medium
* New upstream release
* Fix FTBFS problem on Hurd (Closes: #893590)
* Fix e2fsck support of HTree directories on big-endian systems
* Fix miscellaneous e2image image handling for file systems with bigalloc
and meta_bg features enabled.
* Fix orphan list handling of inodes on bigalloc file systems (and other
situations where inodes need to be deleted or truncated) in e2fsck.
* Update Sweedish translation.
* Add Vcs-* headers in Debian packaging (Closes: #887512)
* Speed up reading bitmap blocks in debugfs when opening large file
systems.
* Add clarifications to chattr's man page. (Closes: #890390)
-- Theodore Y. Ts'o <email address hidden> Sat, 24 Mar 2018 15:13:28 -0400
-
e2fsprogs (1.44.0-1) unstable; urgency=medium
* New upstream release
* Update Czech, Spanish, French, Malay, and Ukrainian translations.
-- Theodore Y. Ts'o <email address hidden> Wed, 07 Mar 2018 14:39:52 -0500
-
e2fsprogs (1.43.9-2) unstable; urgency=medium
* Fix upgrade when there are two installations of a library (for
different architectures) that we are transitioning to the new package
name. (Closes: #890590)
* Add support for libreadline.so.7 to libss
* Fix tune2fs's journal recovery support
* Fix tune2fs to require a freshly checked file system if turning off
the metadata_csum feature and UUID has been changed.
-- Theodore Y. Ts'o <email address hidden> Sat, 24 Feb 2018 20:48:29 -0500
-
e2fsprogs (1.43.9-1ubuntu1) bionic; urgency=medium
* Make transitional library packages be Arch: any and Multi-Arch: same
so that upgrades actually function correctly when two or more exist.
-- Adam Conrad <email address hidden> Mon, 19 Feb 2018 06:05:49 -0700
-
e2fsprogs (1.43.9-1) unstable; urgency=medium
* Remove some obsolete flags and add document new flags in the chattr
man page
* Remove misplaced "MNP is unsupported" message from debugfs
* Suppress false positive lintian warning about "new essential
package" (caused by preparatory work to make the e2fsprogs
package no longer essential)
* Fixing missing "General" in "GNU General Public License" in
copyright files.
* Fix whitespace issue in the debian control file
* Update the Hungarian translation.
* Rename the packages e2fslibs* to libext2fs* and libcomerr2* to
libcom-err2* to conform with the standard Debian library package
naming conventions. (Closes: #269569)
-- Theodore Y. Ts'o <email address hidden> Thu, 08 Feb 2018 13:09:49 -0500
-
e2fsprogs (1.43.8-2) unstable; urgency=medium
* Update debian policy version to 4.1.3
* Mark library packages as priority: optional
* Simplify the debian/rules file and don't build e2fsprogs-l10n
unnecessarily
* Fix FTBFS on big-endian systems (Closes: #886119)
* Add support for the build profile: noudeb
* Add support for the build profile: pkg.e2fsprogs.no-fuse2fs
* Add support for the build profile: pkg.e2fsprogs.no-static-e2fsck
-- Theodore Y. Ts'o <email address hidden> Wed, 03 Jan 2018 16:18:40 -0500
-
e2fsprogs (1.43.8-1ubuntu1) bionic; urgency=medium
* Add missing private include, for big-endian builds, to resolve FTBFS.
* Fix broken sizeof call.
-- Dimitri John Ledkov <email address hidden> Tue, 02 Jan 2018 15:31:21 +0000
-
e2fsprogs (1.43.8-1) unstable; urgency=medium
* New upstream version
* Fix a bug where updated bitmap checks might not be written to disk.
(Closes: #883869)
* Add missing byte swaps for newly added fields in the superbloc
* Fix a potential use after free bug in e2fsck when fixing a corrupted
root node in directory hash tree.
* Fix a bug in e2fsck where a badly/maliciously corrupted superblock
(which is not fixed due to the -n option, for example) can cause a
floating point exception when printing the summary statistics.
(Closes: #879220)
* Fix debugfs's ncheck command so that it correctly prints the inode
number when printing an error message.
* Fix a bug in e2freefrag where it could print an incorrect free blocks
count on a file system with the 64-bit block number feature.
* Update the German, Serbian, Spanish, and Ukrainian translations.
* Fix a bug where resize2fs's free blocks sanity check could fail with a
false positive and refuse to check a file system with the 64-bit block
number feature.
* Fix and clarify various man pages and documentations. Also fixed up
some random usage texts that were incorrect. (Closes: #880483)
* Add missing copyright file for the e2fsprogs-l10 package. (Closes:
#880207)
* Add missing Multi-arch hints (Closes: #881408, #881590, #881591)
-- Theodore Y. Ts'o <email address hidden> Mon, 01 Jan 2018 19:44:41 -0500
-
e2fsprogs (1.43.7-1) unstable; urgency=medium
* New upstream version
* Fix error handling in debugfs, fuse2fs, and tune2fs so errors while
replaying the journal will not cause a segfault in some corner cases
* Fix resize2fs to avoid it from either failing or corrupting the file
system image in certain corner cases when doing an off-line resize
* Fix many spelling mistakes in various man pages, code comments, and
program messages.
* Fix e2fsck and debugfs so that maliciously corrupted file systems will
not cause buffer overflows (Closes: #873757, #878104)
* Update German translation (Closes: #833514)
* Update debian policy version to 4.1.1
* Fix FTBFS caused by debhelper/10.9 and references to obsolete packages
in the rules file (Closes: #876551)
* Promote e2fsprogs-l10n from suggests to recommends (Closes: #873812)
* Make e2fsprogs-l10n be arch:all (Closes: #873813)
-- Theodore Y. Ts'o <email address hidden> Mon, 16 Oct 2017 01:20:54 -0400
-
e2fsprogs (1.43.5-1) unstable; urgency=medium
* New upstream version
* Fix ext2fs_sync_device() so it returns the proper error code if the
BLKFLSBUF ioctl fails for some reason.
* Fix a potential crash in tune2fs when enabling project quota when the
file system has no inodes by fixing error handling in the
quota_write_inode() in libsupport.
* Fix a bug in debugfs's "ls -p" handling which could cause it to print
garbage after a file name in a directory entry.
* Fix a number of bugs in debugfs, dumpe2fs, e2fsck, tune2fs, and
resize2fs where a carefully/maliciously corrupted file systems (found
by American Fuzzy Lop) could these programs to crash or hang.
(Closes: #868489)
* E2fsck no longer issues some harmless bitmap warnings caused by a
corrupted file system; since those corruptions will be fixed up by
e2fsck later, there's no point issuing these internal warnings.
* E2fsck will now notice invalid quota inode numbers, and offer to fix
them.
* Fix a regression introduced in e2fsprogs 1.43 which broke mke2fs's
hugefile creation so that they aren't contiguous.
* Fix how backup superblocks are written in big endian systems so they
are all correctly byte swapped.
* Fixed tune2fs's support for enabling and disabling project quota.
* The badblock program now properly handles languages which have
multi-column wide character such as Chinese. (Closes: #860926)
* The mke2fs -U option now accepts "null", "clear", "random", or "time"
just as tune2fs's -U option.
* Fix e2fsck's -E bmap2extent feature (which converts a file to use
extents from indirect block maps) so that it handles sparse files
correctly.
* Fix libext2fs to correctly handle accounting for an external xattr
block on bigalloc file systems.
* Fix e2fsck to correctly handle quota accounting when deleting files
that have mnultiply-claimed blocks pass 1b.
* Fix potential buffer overrun bug in e2fsck when using 128 byte inodes.
* E2fsck's extent tree optimization can now be disabled via an
command-line extended option or via an e2fsck.conf configuration
parameter.
* The e2fsck program now properly updates the quota accounting when
optimizing the extent tree.
* Fix some error handling in e4crypt when operating on keyring ID's.
* Fix e2fsck's quota handling when the bigalloc feature is enabled.
* The libext2fs file system now uses readahead when opening file systems
to speed up opening very large file systems with the meta_bg option.
* If e2fsck logging is enabled, e2fsck will report the exit code in the
last line of the log file.
* Debugfs can now open file systems with a bad sueprblock checksum, and
the show_super_stats command will print the expected checksum.
* Fix a regression introduced in e2fsprogs 1.43.4 where tune2fs was not
able to correctly enable the quota feature. (Closes: #855417)
* E2fsck will only return an exit status code of 1 if it has fixed a
file system corruption. If it only performed an optimal optimization
of internal file system metadata, it will now return 0.
* Fix e2fsck so it won't check inode fields of deleted inodes.
* Removed a debugging printf in libsupport which could result to some
extraneous and confusing output if the user specifies a quota type.
* The debugfs logdump command now accepts a new -S option which will
cause it to print information about the journal superblock.
* Added a missing space in debugfs's ls -l output to separate the size
and date fields.
* Update the Czech, Danish, Dutch, French, Hungarian, Polish, Serbian,
Spanish, Swedish, Ukrainian, and Vietnamese translations. (Closes: #862482)
* Update various man pages. (Closes: #867895, #865584)
* Fix various compiler and UBSAN warnings.
* Remove obsolete Conflict/Replaces headers in control file (Closes: #866623)
* Remove obsolete mips libraries used to build arcboot (Closes: #864144)
-- Theodore Y. Ts'o <email address hidden> Fri, 04 Aug 2017 01:13:34 -0400
