vitalif
/
e2fsprogs
mirror of https://github.com/vitalif/e2fsprogs
1
0
Fork 0
Code Issues Releases Wiki Activity
Fork of e2fsprogs with inode table reallocator
2,237 Commits
13 Branches
138 Tags
33 MiB
Gettext Catalog 46.6%
C 40.5%
Roff 6.1%
Makefile 2.6%
TeX 2.3%
Other 1.6%
 
 
 
 
 
 
Go to file
Theodore Ts'o ee01079a17 libext2fs: Add checks to prevent integer overflows passed to malloc() 
This addresses a potential security vulnerability where an untrusted
filesystem can be corrupted in such a way that a program using
libext2fs will allocate a buffer which is far too small.  This can
lead to either a crash or potentially a heap-based buffer overflow
crash.  No known exploits exist, but main concern is where an
untrusted user who possesses privileged access in a guest Xen
environment could corrupt a filesystem which is then accessed by the
pygrub program, running as root in the dom0 host environment, thus
allowing the untrusted user to gain privileged access in the host OS.

Thanks to the McAfee AVERT Research group for reporting this issue.

Addresses CVE-2007-5497.

Signed-off-by: Rafal Wojtczuk <rafal_wojtczuk@mcafee.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
 		2007-12-05 21:01:35 -05:00
config Improve the config/parse_types.sh helper script 2007-07-04 19:55:03 -04:00
contrib Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
debian Update Debian policy compliance to version 3.7.3.0 2007-12-05 20:46:12 -05:00
debugfs Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
doc Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
e2fsck Add Ubuntu-specific e2fsck.conf file to work around Ubuntu issues 2007-12-05 21:01:22 -05:00
ext2ed Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
include/nonunix Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
install-utils Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
intl Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
lib libext2fs: Add checks to prevent integer overflows passed to malloc() 2007-12-05 21:01:35 -05:00
misc e2image in raw-mode appends an extra byte to image-file 2007-11-26 06:26:31 -05:00
po Update Spanish translation and e2fsprogs.pot file for 1.40.3 release 2007-12-05 19:35:20 -05:00
resize Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
tests Add test for the case where s_inode_size is zero 2007-09-07 17:06:25 -04:00
util gen-tarball: Ignore the Meta directory when creating the release tarballs 2007-12-05 20:14:43 -05:00
.gitignore Add .gitignore file 2007-06-30 17:01:42 -04:00
.hgignore Ignore quilt work files 2005-07-19 08:41:27 -05:00
.hgtags Added tag E2FSPROGS-1_40 for changeset 097cd140ac3b 2007-06-29 22:05:59 -04:00
.missing-copyright Many files: 1997-04-29 16:15:03 +00:00
.release-checklist Remove Changelog files since they're not used after the git migration 2007-07-08 08:50:41 -04:00
ABOUT-NLS Update to gettext 0.11.5. We now enable NLS support by default. 2003-05-03 16:35:17 -04:00
COPYING Clarify the copyright licenses used by the various libraries in COPYING 2007-06-23 01:04:53 -04:00
INSTALL Remove the a.out DLL support, since it's been obsolete and unmaintained 2004-11-19 17:06:47 -05:00
INSTALL.elfbin ChangeLog, INSTALL.elfbin: 1999-01-02 04:15:29 +00:00
MCONFIG.in Update WFLAGS to suppress spurious warning messages 2006-11-14 23:40:19 -05:00
Makefile.in Add Makefile production rule for e2fsprogs.spec in case it gets deleted 2007-05-22 16:20:14 -04:00
README Update ChangeLog, README, RELEASE-NOTES for 1.40.2 release 2007-07-14 09:03:17 -04:00
README.subset Update for 1.33 release. 2003-04-21 16:17:09 -04:00
RELEASE-NOTES Update ChangeLog, README, RELEASE-NOTES for 1.40.2 release 2007-07-14 09:03:17 -04:00
SHLIBS Many files: 1997-04-29 16:15:03 +00:00
SUBMITTING-PATCHES Added SUBMITTING-PATCHES file 2005-07-05 22:30:13 -05:00
TODO Update TODO to remove item which is already completed. 2006-05-13 09:28:04 -04:00
aclocal.m4 Update to use gettext 0.14.1 and autoconf 2.50+ 2004-11-30 19:00:19 -05:00
configure Improve the config/parse_types.sh helper script 2007-07-04 19:55:03 -04:00
configure.in Improve the config/parse_types.sh helper script 2007-07-04 19:55:03 -04:00
depfix.sed ChangeLog, depfix.sed: 1999-07-19 15:48:08 +00:00
e2fsprogs.lsm Update Release Notes, Changelogs, version.h, etc. for 1.40 release 2007-06-24 17:32:47 -04:00
e2fsprogs.spec.in Add "make check" to the RPM spec file 2007-08-03 20:12:32 -04:00
version.h Update ChangeLog, README, RELEASE-NOTES for 1.40.2 release 2007-07-14 09:03:17 -04:00
wordwrap.pl ChangeLog, wordwrap.pl: 2001-06-01 23:49:46 +00:00

README 

	This is the new version (1.40.2) of the second extended file
system management programs.

	From time to time, I release new versions of e2fsprogs, to fix
bugs and to make the utilities more robust.  You can always find
information about the latest version at the the e2fsprogs web page,
which is:

	http://e2fsprogs.sourceforge.net

	The INSTALL file has instructions on building and installing
e2fsprogs.  Provisions for building Red Hat RPMs and Debian dpkg files
are supplied as well.

	In case of bugs in these programs, please contact Ted Ts'o at
tytso@thunk.org or tytso@alum.mit.edu.  See the e2fsck man page for
suggestions of what sort of information to include when submitting bug
reports for these programs.