--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-e2d635cbf8
2016-05-20 17:33:01.138489
--------------------------------------------------------------------------------
Name : dosfstools
Product : Fedora 23
Version : 3.0.28
Release : 3.fc23
URL :
http://github.com/dosfstools/dosfstools
Summary : Utilities for making and checking MS-DOS FAT filesystems on Linux
Description :
The dosfstools package includes the mkdosfs and dosfsck utilities,
which respectively make and check MS-DOS FAT filesystems on hard
drives or on floppies.
--------------------------------------------------------------------------------
Update Information:
This is an update fixing off-by-2 error leading to corruption in FAT12 (
CVE-2015-8872) and heap-buffer-overflows in read_fat() and get_fat() functions
(CVE-2016-4804).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1336745 - CVE-2016-4804 dosfstools: Heap-buffer-overflows in read_fat() and
get_fat() functions
https://bugzilla.redhat.com/show_bug.cgi?id=1336745
[ 2 ] Bug #1336739 - CVE-2015-8872 dosfstools: Off-by-2 error leading to corruption in
FAT12
https://bugzilla.redhat.com/show_bug.cgi?id=1336739
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update dosfstools' at the command line.
For more information, refer to "Managing Software with yum",
available at
https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------