Hello community, here is the log from the commit of package patchinfo.3807 for openSUSE:13.1:Update checked in at 2015-06-05 11:40:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/patchinfo.3807 (Old) and /work/SRC/openSUSE:13.1:Update/.patchinfo.3807.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.3807" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="3807"> <packager>jankara</packager> <issue tracker="cve" id="CVE-2015-0247"></issue> <issue tracker="cve" id="CVE-2015-1572"></issue> <issue tracker="bnc" id="915402">VUL-1: CVE-2015-0247: e2fsprogs: couple of heap overflows in e2fsprogs (fsck, dumpe2fs, e2image...)</issue> <issue tracker="bnc" id="918346">VUL-1: CVE-2015-1572: e2fsprogs: potential buffer overflow in closefs()</issue> <category>security</category> <rating>moderate</rating> <summary>Security update for e2fsprogs</summary> <description>e2fsprogs was updated to fix two security issues. The following vulnerabilities were fixed: * CVE-2015-1572: A local user could have executed arbitrary code by causing a crafted block group descriptor to be marked as dirty. Completes fix for CVE-2015-0247. (boo#918346) * CVE-2015-0247: A local user could have executed arbitrary code via crafted block group descriptor data in a filesystem image. (boo#915402) </description> </patchinfo>
