Mandriva Linux Security Advisory : e2fsprogs (MDVSA-2015:068)
Medium Nessus Plugin ID 82321
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated e2fsprogs packages fix security vulnerability :
The libext2fs library, part of e2fsprogs and utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix for CVE-2015-0247 (CVE-2015-1572).
SolutionUpdate the affected e2fsprogs, lib64ext2fs-devel and / or lib64ext2fs2 packages.