* [Buildroot] [PATCH 1/1] package/ntfs-3g: security bump to version 2021.8.22
@ 2021-09-25 8:45 Fabrice Fontaine
2021-09-26 19:46 ` Arnout Vandecappelle
2021-10-06 6:03 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Fabrice Fontaine @ 2021-09-25 8:45 UTC (permalink / raw)
To: buildroot; +Cc: Fabrice Fontaine
- Fixed vulnerability threats caused by maliciously tampered NTFS
partitions (CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, etc.):
https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
- Drop patch (already in version)
https://github.com/tuxera/ntfs-3g/wiki/NTFS-3G-Release-History
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
...an-error-when-failed-to-build-the-mo.patch | 72 -------------------
package/ntfs-3g/ntfs-3g.hash | 2 +-
package/ntfs-3g/ntfs-3g.mk | 5 +-
3 files changed, 2 insertions(+), 77 deletions(-)
delete mode 100644 package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
diff --git a/package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch b/package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
deleted file mode 100644
index 9ba8aae50c..0000000000
--- a/package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From 85c1634a26faa572d3c558d4cf8aaaca5202d4e9 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
-Date: Wed, 19 Dec 2018 15:57:50 +0100
-Subject: [PATCH] Fixed reporting an error when failed to build the mountpoint
-
-The size check was inefficient because getcwd() uses an unsigned int
-argument.
-
-Fixes CVE-2019-9755: An integer underflow issue exists in ntfs-3g 2017.3.23.
-A local attacker could potentially exploit this by running /bin/ntfs-3g with
-specially crafted arguments from a specially crafted directory to cause a
-heap buffer overflow, resulting in a crash or the ability to execute
-arbitrary code. In installations where /bin/ntfs-3g is a setuid-root
-binary, this could lead to a local escalation of privileges.
-
-Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
----
- src/lowntfs-3g.c | 6 +++++-
- src/ntfs-3g.c | 6 +++++-
- 2 files changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/src/lowntfs-3g.c b/src/lowntfs-3g.c
-index 993867fa..0660439b 100644
---- a/src/lowntfs-3g.c
-+++ b/src/lowntfs-3g.c
-@@ -4411,7 +4411,8 @@ int main(int argc, char *argv[])
- else {
- ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
- if (ctx->abs_mnt_point) {
-- if (getcwd(ctx->abs_mnt_point,
-+ if ((strlen(opts.mnt_point) < PATH_MAX)
-+ && getcwd(ctx->abs_mnt_point,
- PATH_MAX - strlen(opts.mnt_point) - 1)) {
- strcat(ctx->abs_mnt_point, "/");
- strcat(ctx->abs_mnt_point, opts.mnt_point);
-@@ -4419,6 +4420,9 @@ int main(int argc, char *argv[])
- /* Solaris also wants the absolute mount point */
- opts.mnt_point = ctx->abs_mnt_point;
- #endif /* defined(__sun) && defined (__SVR4) */
-+ } else {
-+ free(ctx->abs_mnt_point);
-+ ctx->abs_mnt_point = (char*)NULL;
- }
- }
- }
-diff --git a/src/ntfs-3g.c b/src/ntfs-3g.c
-index 6ce89fef..4e0912ae 100644
---- a/src/ntfs-3g.c
-+++ b/src/ntfs-3g.c
-@@ -4148,7 +4148,8 @@ int main(int argc, char *argv[])
- else {
- ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
- if (ctx->abs_mnt_point) {
-- if (getcwd(ctx->abs_mnt_point,
-+ if ((strlen(opts.mnt_point) < PATH_MAX)
-+ && getcwd(ctx->abs_mnt_point,
- PATH_MAX - strlen(opts.mnt_point) - 1)) {
- strcat(ctx->abs_mnt_point, "/");
- strcat(ctx->abs_mnt_point, opts.mnt_point);
-@@ -4156,6 +4157,9 @@ int main(int argc, char *argv[])
- /* Solaris also wants the absolute mount point */
- opts.mnt_point = ctx->abs_mnt_point;
- #endif /* defined(__sun) && defined (__SVR4) */
-+ } else {
-+ free(ctx->abs_mnt_point);
-+ ctx->abs_mnt_point = (char*)NULL;
- }
- }
- }
---
-2.20.1
-
diff --git a/package/ntfs-3g/ntfs-3g.hash b/package/ntfs-3g/ntfs-3g.hash
index 63c999f253..668e11a800 100644
--- a/package/ntfs-3g/ntfs-3g.hash
+++ b/package/ntfs-3g/ntfs-3g.hash
@@ -1,4 +1,4 @@
# Locally calculated
-sha256 3e5a021d7b761261836dcb305370af299793eedbded731df3d6943802e1262d5 ntfs-3g_ntfsprogs-2017.3.23.tgz
+sha256 55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb ntfs-3g_ntfsprogs-2021.8.22.tgz
sha256 231f7edcc7352d7734a96eef0b8030f77982678c516876fcb81e25b32d68564c COPYING
sha256 d7bf9d064ac3e5840f9dd02422b7eeec4f1fd03f37fadbd043602be5e882304f COPYING.LIB
diff --git a/package/ntfs-3g/ntfs-3g.mk b/package/ntfs-3g/ntfs-3g.mk
index 1a388af761..21f7cfc46d 100644
--- a/package/ntfs-3g/ntfs-3g.mk
+++ b/package/ntfs-3g/ntfs-3g.mk
@@ -4,7 +4,7 @@
#
################################################################################
-NTFS_3G_VERSION = 2017.3.23
+NTFS_3G_VERSION = 2021.8.22
NTFS_3G_SOURCE = ntfs-3g_ntfsprogs-$(NTFS_3G_VERSION).tgz
NTFS_3G_SITE = http://tuxera.com/opensource
NTFS_3G_CONF_OPTS = --disable-ldconfig
@@ -14,9 +14,6 @@ NTFS_3G_LICENSE = GPL-2.0+, LGPL-2.0+
NTFS_3G_LICENSE_FILES = COPYING COPYING.LIB
NTFS_3G_CPE_ID_VENDOR = tuxera
-# 0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
-NTFS_3G_IGNORE_CVES += CVE-2019-9755
-
ifeq ($(BR2_PACKAGE_LIBFUSE),y)
NTFS_3G_CONF_OPTS += --with-fuse=external
NTFS_3G_DEPENDENCIES += libfuse
--
2.33.0
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/ntfs-3g: security bump to version 2021.8.22
2021-09-25 8:45 [Buildroot] [PATCH 1/1] package/ntfs-3g: security bump to version 2021.8.22 Fabrice Fontaine
@ 2021-09-26 19:46 ` Arnout Vandecappelle
2021-10-06 6:03 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Arnout Vandecappelle @ 2021-09-26 19:46 UTC (permalink / raw)
To: Fabrice Fontaine, buildroot
On 25/09/2021 10:45, Fabrice Fontaine wrote:
> - Fixed vulnerability threats caused by maliciously tampered NTFS
> partitions (CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, etc.):
> https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
> - Drop patch (already in version)
>
> https://github.com/tuxera/ntfs-3g/wiki/NTFS-3G-Release-History
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Applied to master, thanks.
Regards,
Arnout
> ---
> ...an-error-when-failed-to-build-the-mo.patch | 72 -------------------
> package/ntfs-3g/ntfs-3g.hash | 2 +-
> package/ntfs-3g/ntfs-3g.mk | 5 +-
> 3 files changed, 2 insertions(+), 77 deletions(-)
> delete mode 100644 package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
>
> diff --git a/package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch b/package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
> deleted file mode 100644
> index 9ba8aae50c..0000000000
> --- a/package/ntfs-3g/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
> +++ /dev/null
> @@ -1,72 +0,0 @@
> -From 85c1634a26faa572d3c558d4cf8aaaca5202d4e9 Mon Sep 17 00:00:00 2001
> -From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
> -Date: Wed, 19 Dec 2018 15:57:50 +0100
> -Subject: [PATCH] Fixed reporting an error when failed to build the mountpoint
> -
> -The size check was inefficient because getcwd() uses an unsigned int
> -argument.
> -
> -Fixes CVE-2019-9755: An integer underflow issue exists in ntfs-3g 2017.3.23.
> -A local attacker could potentially exploit this by running /bin/ntfs-3g with
> -specially crafted arguments from a specially crafted directory to cause a
> -heap buffer overflow, resulting in a crash or the ability to execute
> -arbitrary code. In installations where /bin/ntfs-3g is a setuid-root
> -binary, this could lead to a local escalation of privileges.
> -
> -Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
> ----
> - src/lowntfs-3g.c | 6 +++++-
> - src/ntfs-3g.c | 6 +++++-
> - 2 files changed, 10 insertions(+), 2 deletions(-)
> -
> -diff --git a/src/lowntfs-3g.c b/src/lowntfs-3g.c
> -index 993867fa..0660439b 100644
> ---- a/src/lowntfs-3g.c
> -+++ b/src/lowntfs-3g.c
> -@@ -4411,7 +4411,8 @@ int main(int argc, char *argv[])
> - else {
> - ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
> - if (ctx->abs_mnt_point) {
> -- if (getcwd(ctx->abs_mnt_point,
> -+ if ((strlen(opts.mnt_point) < PATH_MAX)
> -+ && getcwd(ctx->abs_mnt_point,
> - PATH_MAX - strlen(opts.mnt_point) - 1)) {
> - strcat(ctx->abs_mnt_point, "/");
> - strcat(ctx->abs_mnt_point, opts.mnt_point);
> -@@ -4419,6 +4420,9 @@ int main(int argc, char *argv[])
> - /* Solaris also wants the absolute mount point */
> - opts.mnt_point = ctx->abs_mnt_point;
> - #endif /* defined(__sun) && defined (__SVR4) */
> -+ } else {
> -+ free(ctx->abs_mnt_point);
> -+ ctx->abs_mnt_point = (char*)NULL;
> - }
> - }
> - }
> -diff --git a/src/ntfs-3g.c b/src/ntfs-3g.c
> -index 6ce89fef..4e0912ae 100644
> ---- a/src/ntfs-3g.c
> -+++ b/src/ntfs-3g.c
> -@@ -4148,7 +4148,8 @@ int main(int argc, char *argv[])
> - else {
> - ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
> - if (ctx->abs_mnt_point) {
> -- if (getcwd(ctx->abs_mnt_point,
> -+ if ((strlen(opts.mnt_point) < PATH_MAX)
> -+ && getcwd(ctx->abs_mnt_point,
> - PATH_MAX - strlen(opts.mnt_point) - 1)) {
> - strcat(ctx->abs_mnt_point, "/");
> - strcat(ctx->abs_mnt_point, opts.mnt_point);
> -@@ -4156,6 +4157,9 @@ int main(int argc, char *argv[])
> - /* Solaris also wants the absolute mount point */
> - opts.mnt_point = ctx->abs_mnt_point;
> - #endif /* defined(__sun) && defined (__SVR4) */
> -+ } else {
> -+ free(ctx->abs_mnt_point);
> -+ ctx->abs_mnt_point = (char*)NULL;
> - }
> - }
> - }
> ---
> -2.20.1
> -
> diff --git a/package/ntfs-3g/ntfs-3g.hash b/package/ntfs-3g/ntfs-3g.hash
> index 63c999f253..668e11a800 100644
> --- a/package/ntfs-3g/ntfs-3g.hash
> +++ b/package/ntfs-3g/ntfs-3g.hash
> @@ -1,4 +1,4 @@
> # Locally calculated
> -sha256 3e5a021d7b761261836dcb305370af299793eedbded731df3d6943802e1262d5 ntfs-3g_ntfsprogs-2017.3.23.tgz
> +sha256 55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb ntfs-3g_ntfsprogs-2021.8.22.tgz
> sha256 231f7edcc7352d7734a96eef0b8030f77982678c516876fcb81e25b32d68564c COPYING
> sha256 d7bf9d064ac3e5840f9dd02422b7eeec4f1fd03f37fadbd043602be5e882304f COPYING.LIB
> diff --git a/package/ntfs-3g/ntfs-3g.mk b/package/ntfs-3g/ntfs-3g.mk
> index 1a388af761..21f7cfc46d 100644
> --- a/package/ntfs-3g/ntfs-3g.mk
> +++ b/package/ntfs-3g/ntfs-3g.mk
> @@ -4,7 +4,7 @@
> #
> ################################################################################
>
> -NTFS_3G_VERSION = 2017.3.23
> +NTFS_3G_VERSION = 2021.8.22
> NTFS_3G_SOURCE = ntfs-3g_ntfsprogs-$(NTFS_3G_VERSION).tgz
> NTFS_3G_SITE = http://tuxera.com/opensource
> NTFS_3G_CONF_OPTS = --disable-ldconfig
> @@ -14,9 +14,6 @@ NTFS_3G_LICENSE = GPL-2.0+, LGPL-2.0+
> NTFS_3G_LICENSE_FILES = COPYING COPYING.LIB
> NTFS_3G_CPE_ID_VENDOR = tuxera
>
> -# 0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch
> -NTFS_3G_IGNORE_CVES += CVE-2019-9755
> -
> ifeq ($(BR2_PACKAGE_LIBFUSE),y)
> NTFS_3G_CONF_OPTS += --with-fuse=external
> NTFS_3G_DEPENDENCIES += libfuse
>
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/ntfs-3g: security bump to version 2021.8.22
2021-09-25 8:45 [Buildroot] [PATCH 1/1] package/ntfs-3g: security bump to version 2021.8.22 Fabrice Fontaine
2021-09-26 19:46 ` Arnout Vandecappelle
@ 2021-10-06 6:03 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2021-10-06 6:03 UTC (permalink / raw)
To: Fabrice Fontaine; +Cc: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> - Fixed vulnerability threats caused by maliciously tampered NTFS
> partitions (CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, etc.):
> https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp
> - Drop patch (already in version)
> https://github.com/tuxera/ntfs-3g/wiki/NTFS-3G-Release-History
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2021.02.x, 2021.05.x and 2021.08.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-10-06 6:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-25 8:45 [Buildroot] [PATCH 1/1] package/ntfs-3g: security bump to version 2021.8.22 Fabrice Fontaine
2021-09-26 19:46 ` Arnout Vandecappelle
2021-10-06 6:03 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.