openSUSE Security Update : e2fsprogs (openSUSE-2015-400)
Medium Nessus Plugin ID 84013
SynopsisThe remote openSUSE host is missing a security update.
Descriptione2fsprogs was updated to fix two security issues.
The following vulnerabilities were fixed :
- CVE-2015-1572: A local user could have executed arbitrary code by causing a crafted block group descriptor to be marked as dirty. Completes fix for CVE-2015-0247. (boo#918346)
- CVE-2015-0247: A local user could have executed arbitrary code via crafted block group descriptor data in a filesystem image. (boo#915402)
SolutionUpdate the affected e2fsprogs packages.