Fix a potential out of bounds write when checking a maliciously corrupted file system. This is probably not exploitable on 64-bit platforms, but may be exploitable on 32-bit binaries depending on how the compiler lays out the stack variables. (Addresses CVE-2019-5188)
A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck. (Addresses CVE-2019-5094)
Fix potential use after free in calculate_tree()
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2020-01ed02451f
Please login to add feedback.
This update has been submitted for testing by lczerner.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by bodhi.
This update has been pushed to stable.