ntfs: Mark it as broken, and add CVE IDs that are being closed
This commit is contained in:
parent
becaca2c80
commit
cda3581467
|
@ -809,6 +809,7 @@ linux (4.19.34-1) UNRELEASED; urgency=medium
|
||||||
* [armel/marvell,sh4] linux-image: Recommend apparmor, like all other configs
|
* [armel/marvell,sh4] linux-image: Recommend apparmor, like all other configs
|
||||||
* udeb: Drop unused ntfs-modules packages
|
* udeb: Drop unused ntfs-modules packages
|
||||||
* ntfs: Disable NTFS_FS due to lack of upstream security support
|
* ntfs: Disable NTFS_FS due to lack of upstream security support
|
||||||
|
(CVE-2018-12929, CVE-2018-12930, CVE-2018-12931)
|
||||||
|
|
||||||
[ YunQiang Su ]
|
[ YunQiang Su ]
|
||||||
* [mips*r6] Re-enable CONFIG_JUMP_LABEL, which has been fixed in upstream.
|
* [mips*r6] Re-enable CONFIG_JUMP_LABEL, which has been fixed in upstream.
|
||||||
|
|
|
@ -0,0 +1,19 @@
|
||||||
|
From: Ben Hutchings <ben@decadent.org.uk>
|
||||||
|
Date: Thu, 25 Apr 2019 15:31:33 +0100
|
||||||
|
Subject: ntfs: mark it as broken
|
||||||
|
|
||||||
|
NTFS has unfixed issues CVE-2018-12929, CVE-2018-12930, and
|
||||||
|
CVE-2018-12931. ntfs-3g is a better supported alternative.
|
||||||
|
|
||||||
|
Make sure it can't be enabled even in custom kernels.
|
||||||
|
|
||||||
|
---
|
||||||
|
--- a/fs/ntfs/Kconfig
|
||||||
|
+++ b/fs/ntfs/Kconfig
|
||||||
|
@@ -1,5 +1,6 @@
|
||||||
|
config NTFS_FS
|
||||||
|
tristate "NTFS file system support"
|
||||||
|
+ depends on BROKEN
|
||||||
|
select NLS
|
||||||
|
help
|
||||||
|
NTFS is the file system of Microsoft Windows NT, 2000, XP and 2003.
|
|
@ -147,6 +147,7 @@ features/all/lockdown/lockdown-refer-to-debian-wiki-until-manual-page-exists.pat
|
||||||
# Security fixes
|
# Security fixes
|
||||||
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
||||||
bugfix/all/xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch
|
bugfix/all/xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch
|
||||||
|
debian/ntfs-mark-it-as-broken.patch
|
||||||
|
|
||||||
# Fix exported symbol versions
|
# Fix exported symbol versions
|
||||||
bugfix/all/module-disable-matching-missing-version-crc.patch
|
bugfix/all/module-disable-matching-missing-version-crc.patch
|
||||||
|
|
Loading…
Reference in New Issue