Utilities for mounting and managing CIFS mounts
80c65e7eb4
Fixes: rhbz#2080525 - CVE-2022-27239: mount.cifs: fix length check for ip option parsing - CVE-2022-29869: mount.cifs: fix verbose messages on option parsing Description CVE-2022-27239: In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges. CVE-2022-29869: cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file. Both issues were originally reported and fixed by Jeffrey Bencteux. Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> |
||
|---|---|---|
| .gitignore | ||
| cifs-utils.spec | ||
| mount-crash-fix.patch | ||
| sources | ||
| upcall-fix.patch | ||