6.5: Update ntfs-3g to 2022.10.3 for CVE-2022-40284
commit 9766c9ea0b319b05c1492ac1c81dbf738d1e0711 (HEAD -> agnau-ntfs-3g-sec-fix-version-bump-6.5, origin/agnau-ntfs-3g-sec-fix-version-bump-6.5)
Author: Andreas Gnau <andreas.gnau@iopsys.eu>
Date: Thu Jan 26 10:46:58 2023 +0100
ntfs-3g: Bump to 2021.8.22 (CVE fixes)
This fixes CVE-2022-40284.
Security release 2022.10.3 (Oct 31, 2022)
* Rejected zero-sized runs
* Avoided merging runlists with no runs
Security version 2022.5.17 (May 26, 2022)
* Improved defence against maliciously tampered NTFS partitions
* Improved defence against improper use of options
* Updated the documentation
Signed-off-by: Andreas Gnau <andreas.gnau@iopsys.eu>
(cherry picked from commit 0417df609916fc0f78990f51b98c5056895894f8)
commit 92e7720241920974681ee585b1ee35798b5fc55d
Author: Eneas U de Queiroz <cotequeiroz@gmail.com>
Date: Thu Oct 28 10:18:57 2021 -0300
ntfs-3g: update config's help syntax
Change ---help--- to plain 'help' in Package/ntfs-3g/config, as newer
versions of kconfig have removed the command's older name.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit d5226e1e6f6e2f8d76b67e3356027cb79469defd)
commit e3f48235875ac8c29c895ad287c325a559473ff3
Author: Sebastian Kemper <sebastian_ml@gmx.net>
Date: Tue Aug 31 12:18:20 2021 +0200
ntfs-3g: bump to 2021.8.22 (CVE fixes)
Upstream announced new release which includes fixes for 21 CVEs (see
[1]).
Upstream changed the symlink "mkfs.ntfs" to respect "--sbin-dir". So
this commit adjusts this likewise in the Makefile.
[1] https://www.openwall.com/lists/oss-security/2021/08/30/1
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 555546e3d335256bf1d82abf16a94f999c248ff5)
commit b4f837f125d9e6bdaa4ce7ac38bb00986cbc4d48
Author: Andreas Gnau <andreas.gnau@iopsys.eu>
Date: Thu Jan 26 11:14:48 2023 +0100
Revert "ntfs-3g: patch CVE-2019-9755"
This reverts commit 40b7ea60646fe34e8c817c9c81b4f8722ac5a159. Will be
added by future cherry-picked version bumps.