Advisories MDKSA-2007:242: Updated e2fsprogs packages fix vulnerability

[paul]

Rafal Wojtczuk of McAfee AVERT Research found that e2fsprogs contained

multiple integer overflows in memory allocations, based on sizes

taken directly from filesystem information. These flaws could result

in heap-based overflows potentially allowing for the execution of

arbitrary code.

 

The updated packages have been patched to correct these issues.