Opened 9 years ago

Closed 9 years ago

#6765 closed enhancement (fixed)

xfsprogs-3.2.4

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.8
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description (last modified by Fernando de Oliveira)

CVE-2012-2150 https://marc.info/?l=oss-security&m=143766249112576&w=2

ftp://oss.sgi.com/projects/xfs/cmd_tars/xfsprogs-3.2.4.tar.gz

ftp://oss.sgi.com/projects/xfs/cmd_tars/xfsprogs-3.2.4.tar.gz.sig

http://oss.sgi.com/cgi-bin/gitweb.cgi?p=xfs/cmds/xfsprogs.git;a=blob_plain;f=doc/CHANGES

or

http://oss.sgi.com/pipermail/xfs/2015-July/042726.html 

[ANNOUNCE] xfsprogs: v3.2.4 released
Dave Chinner david at fromorbit.com
Wed Jul 29 20:36:26 CDT 2015

xfsprogs v3.2.4 has just been released. This release contains only
changes to xfs_metadump to address the information leaks disclosed
in CVE-2012-2150 here:

https://marc.info/?l=oss-security&m=143766249112576&w=2

Many thanks go to Eric Sandeen for doing all the work to address
these issues, and to Brian Foster, Christoph Hellwig and Darrick
Wong for reviewing the changes.

... the release is tagged with the "v3.2.4" tag to make it easy to
check out the exact source used for the release.

-Dave.

The new head of the master branch is commit:

4a2f31a xfsprogs: Release v3.2.4

New Commits:

Dave Chinner (1):
      [4a2f31a] xfsprogs: Release v3.2.4

Eric Sandeen (19):
      [7ac353a] libxlog: add xlog_is_empty() helper
      [ffc56f1] metadump: rename dont_obfuscate variable
      [190df61] metadump: zero out clean log
      [37a7818] xfs_metadump: don't zero log if not obfuscating
      [80917c1] xfs_metadump: obfuscate remote symlinks on CRC
                              filesystems
      [8085336] metadump: obfuscate attrs on CRC fs
      [1941482] metadump: Fill attribute values with 'v' rather than NUL
      [8927d44] metadump: Obfuscate the filesystem label
      [aad766a] metadump: handle multi-block directories
      [b09e839] metadump: Add option to copy metadata blocks intact
      [75333d2] metadump: Copy the log if not obfuscating or zeroing
      [18cdb61] metadump: Zero out unused portion of the AGFL
      [27499a0] metadump: Zero literal area of unused inodes
      [87c955c] metadump: Zero unused portions of inode literal area
      [6d34e8b] metadump: Zero sparse/unused regions of dir2
      [23b2ae2] metadump: Zero unused tail of symlink blocks
      [70099c8] metadump: Zero unused portions of attribute blocks
      [c83c169] metadump: Zero unused portions of DA_NODE blocks
      [20f35ef] metadump: Zero unused portions of inode, BMAP, and
                          allocation btree blocks
-- 
Dave Chinner
david at fromorbit.com

Change History (4)

comment:1 by Fernando de Oliveira, 9 years ago

Description: modified (diff)

comment:2 by Fernando de Oliveira, 9 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira

comment:3 by Fernando de Oliveira, 9 years ago

Status: newassigned

comment:4 by Fernando de Oliveira, 9 years ago

Resolution: fixed
Status: assignedclosed
  • Update to xfsprogs-3.2.4.
  • Update to whois_5.2.10.
  • Update to sqlite-3.8.11.1.

Fixed at r16303.

Note: See TracTickets for help on using tickets.