Bug 918346 - (CVE-2015-1572) VUL-1: CVE-2015-1572: e2fsprogs: potential buffer overflow in closefs()
(CVE-2015-1572)
VUL-1: CVE-2015-1572: e2fsprogs: potential buffer overflow in closefs()
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Jan Kara
Security Team bot
https://smash.suse.de/issue/113931/
maint:released:sle10-sp3:62123 CVSSv2...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2015-02-18 09:36 UTC by Johannes Segitz
Modified: 2019-03-28 00:15 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Swamp Workflow Management 2015-02-18 23:00:33 UTC
bugbot adjusting priority
Comment 3 Bernhard Wiedemann 2015-05-27 07:00:13 UTC
This is an autogenerated message for OBS integration:
This bug (918346) was mentioned in
https://build.opensuse.org/request/show/308845 13.2 / e2fsprogs
https://build.opensuse.org/request/show/308846 13.1 / e2fsprogs
Comment 6 Swamp Workflow Management 2015-06-05 10:04:56 UTC
openSUSE-SU-2015:1002-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 918346
CVE References: CVE-2015-1572
Sources used:
openSUSE 13.2 (src):    e2fsprogs-1.42.12-7.1
Comment 7 Swamp Workflow Management 2015-06-05 10:05:58 UTC
openSUSE-SU-2015:1006-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 915402,918346
CVE References: CVE-2015-0247,CVE-2015-1572
Sources used:
openSUSE 13.1 (src):    e2fsprogs-1.42.8-2.8.1
Comment 8 Swamp Workflow Management 2015-06-23 14:03:25 UTC
SUSE-SU-2015:1103-1: An update that contains security fixes can now be installed.

Category: security (important)
Bug References: 915402,918346
CVE References: 
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    e2fsprogs-1.41.9-2.14.2
SUSE Linux Enterprise Server 11-SP4 (src):    e2fsprogs-1.41.9-2.14.2
SUSE Linux Enterprise Desktop 11-SP4 (src):    e2fsprogs-1.41.9-2.14.2
Comment 9 Swamp Workflow Management 2015-06-25 21:02:48 UTC
An update workflow for this issue was started.
This issue was rated as low.
Please submit fixed packages until 2015-07-23.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62121
Comment 14 Swamp Workflow Management 2015-08-04 08:09:51 UTC
SUSE-SU-2015:1341-1: An update that fixes two vulnerabilities is now available.

Category: security (low)
Bug References: 915402,918346
CVE References: CVE-2015-0247,CVE-2015-1572
Sources used:
SUSE Linux Enterprise Software Development Kit 12 (src):    e2fsprogs-1.42.11-7.1
SUSE Linux Enterprise Server 12 (src):    e2fsprogs-1.42.11-7.1
SUSE Linux Enterprise Desktop 12 (src):    e2fsprogs-1.42.11-7.1
Comment 15 Marcus Meissner 2015-08-07 14:46:13 UTC
released
Comment 16 Swamp Workflow Management 2015-08-07 19:13:30 UTC
SUSE-SU-2015:1364-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (low)
Bug References: 915402,918346,932539
CVE References: CVE-2015-0247,CVE-2015-1572
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7
SUSE Linux Enterprise Server 11 SP3 (src):    e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7
SUSE Linux Enterprise Desktop 11 SP3 (src):    e2fsprogs-1.41.9-2.10.11.1, util-linux-2.19.1-6.62.7
Comment 19 Swamp Workflow Management 2018-07-19 13:09:12 UTC
SUSE-SU-2018:1987-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (moderate)
Bug References: 1009532,1038194,915402,918346,960273
CVE References: CVE-2015-0247,CVE-2015-1572
Sources used:
SUSE Linux Enterprise Module for Basesystem 15 (src):    e2fsprogs-1.43.8-4.3.1
Comment 20 Swamp Workflow Management 2018-07-28 14:06:11 UTC
openSUSE-SU-2018:2133-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (moderate)
Bug References: 1009532,1038194,915402,918346,960273
CVE References: CVE-2015-0247,CVE-2015-1572
Sources used:
openSUSE Leap 15.0 (src):    e2fsprogs-1.43.8-lp150.3.3.1