FYI There will be upstream stable release in a few hours fixing this.
If you are going to only backport the fix for this CVE, these master branch
git commits should be backported (the fix with followed simplification
of the validation code).
52f5cb8cedf22fb3e14c744814ec8af7614146c7
On Thu, 03 Sep 2020 at 17:28:27 +0200, Salvatore Bonaccorso wrote:
> The following vulnerability was published for cryptsetup.
>
> CVE-2020-14382[0]:
> | Out-of-bounds write when validating segments
Oh, thanks Salvatore! Missed that somehow :-( Will get to this
tonight.
--
Guilhem.
Source: cryptsetup
Version: 2:2.3.3-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: car...@debian.org, Debian Security Team
Hi,
The following vulnerability was published for cryptsetup.
CVE-2020-14382[0]:
| Out-of-bounds write when validating segments
If you fix the vulnerability
3 matches
Mail list logo