From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <guix-patches-bounces+larch=yhetil.org@gnu.org>
Received: from mp2 ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms0.migadu.com with LMTPS
	id MPnRGMpCOmG12gAAgWs5BA
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 09 Sep 2021 19:22:18 +0200
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp2 with LMTPS
	id qI8nFMpCOmFUdgAAB5/wlQ
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Thu, 09 Sep 2021 17:22:18 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 94C4523186
	for <larch@yhetil.org>; Thu,  9 Sep 2021 19:22:17 +0200 (CEST)
Received: from localhost ([::1]:37248 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces+larch=yhetil.org@gnu.org>)
	id 1mONke-0001XH-Me
	for larch@yhetil.org; Thu, 09 Sep 2021 13:22:16 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:37722)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1mONkV-0001X7-0F
 for guix-patches@gnu.org; Thu, 09 Sep 2021 13:22:08 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:52824)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1mONkS-0002S3-OA
 for guix-patches@gnu.org; Thu, 09 Sep 2021 13:22:04 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1mONkQ-0006hG-Ig
 for guix-patches@gnu.org; Thu, 09 Sep 2021 13:22:02 -0400
X-Loop: help-debbugs@gnu.org
Subject: [bug#50488] [PATCH] gnu: ntfs-3g: Update to 2021.8.22 [security
 fixes].
Resent-From: Leo Famulari <leo@famulari.name>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: guix-patches@gnu.org
Resent-Date: Thu, 09 Sep 2021 17:22:02 +0000
Resent-Message-ID: <handler.50488.B.163120807825674@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 50488
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: 50488@debbugs.gnu.org
X-Debbugs-Original-To: guix-patches@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.163120807825674
 (code B ref -1); Thu, 09 Sep 2021 17:22:02 +0000
Received: (at submit) by debbugs.gnu.org; 9 Sep 2021 17:21:18 +0000
Received: from localhost ([127.0.0.1]:36137 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1mONjc-0006fv-7X
 for submit@debbugs.gnu.org; Thu, 09 Sep 2021 13:21:17 -0400
Received: from lists.gnu.org ([209.51.188.17]:40648)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1mONjb-0006fo-3K
 for submit@debbugs.gnu.org; Thu, 09 Sep 2021 13:21:11 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:37452)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <leo@famulari.name>) id 1mONja-0001Uz-TP
 for guix-patches@gnu.org; Thu, 09 Sep 2021 13:21:10 -0400
Received: from wout3-smtp.messagingengine.com ([64.147.123.19]:41799)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <leo@famulari.name>) id 1mONjW-0001g2-Sa
 for guix-patches@gnu.org; Thu, 09 Sep 2021 13:21:10 -0400
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.west.internal (Postfix) with ESMTP id 2125C320093F;
 Thu,  9 Sep 2021 13:21:05 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
 by compute3.internal (MEProxy); Thu, 09 Sep 2021 13:21:05 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=from:to:subject:date:message-id:mime-version
 :content-transfer-encoding; s=mesmtp; bh=NhSDC6bCiFn+NCDdHUQcMxk
 4u4I+XEslPkyAL0qbbWA=; b=h5jvChN19nEBaHa7/yXbA9k4gowDOjDZStABDZF
 Gy1gM3LXVbJdUShpAJD7njyD7x/Fm5Fc2VwjddqgmSAHlEXv95JpYucnaRwtKKMC
 QxIKllIAvY4F40jG3gz7i0zZ6SVoWa56PKBe40EU2KaHIgPmZWqeoEZjSg7Yd39l
 Usy8=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-transfer-encoding:date:from
 :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy
 :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=NhSDC6bCiFn+NCDdH
 UQcMxk4u4I+XEslPkyAL0qbbWA=; b=q4pWJyRi+RQ8Ry34HDb31zB0d1Ykn3Mnq
 BrFzTQd02lDsp30zmbaQOfrSNHC4kj2IC2nfQGvdojg6U7k4pnU5EnhhTB13pOcY
 kunK917r0cEAgHmsXi1X77Yfd/q55utH8WafTX41lCm/NcIxti9/r3gu0HvlBWhZ
 7AVSmzcLxvwtAKiuL75HbC1SmQaI+i3NBPeb3F2YBrBCgk933TfCKmw5CSDvFMjY
 P8BtznpTlFBslQff6Np+MbFHBIIEYc7rfbPpASeqxQbo64chXI83HrWOpqZXUuDO
 VVKmJt0uBc5Zz+Nn4cqa36TZnGlB+LPL47EMOQM33WDhng2FZ3sug==
X-ME-Sender: <xms:gEI6YZ8Xs1x_FLruS37rnlakvtrMdcj8esdk9p6_7enQEmdWKJpzpQ>
 <xme:gEI6YdsEBFDS_S2q0YzPewcaJ-U--guCPnDy3dKxrXwCFZeqWGL8uCJqUPjXOxzn5
 6iQPUAW3ipqM09pRQ>
X-ME-Received: <xmr:gEI6YXArVwleWxKZ_fDI4LXzV33kYgQGVIz4KodTuObYWHdnjcsKcjktqDNN26_9yJefx6IxdtJDCgxfW3CyL2Wq-sVS-qKWQIfh7eiUrk0eL58>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrudefledgudduvdcutefuodetggdotefrod
 ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
 necuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffoggfgsedtkeertd
 ertddtnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhlrghr
 ihdrnhgrmhgvqeenucggtffrrghtthgvrhhnpeektdejhfefheejgeeuvefhhefffedtud
 eijeehhfeuvdevudfgtdekudefjeeukeenucffohhmrghinhepshgvtghlihhsthhsrdho
 rhhgpdhtuhigvghrrgdrtghomhdpuggvsghirghnrdhorhhgpdhmihhtrhgvrdhorhhgpd
 hsohhurhgtvghfohhrghgvrdhnvghtnecuvehluhhsthgvrhfuihiivgeptdenucfrrghr
 rghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhirdhnrghmvg
X-ME-Proxy: <xmx:gEI6YdeKR7sT0X2xwgDjfWOSCuq4t0tFMiUO9ByvvxOJRSbugk9EZw>
 <xmx:gEI6YeMLq7C3Ur_bSWwV5aCdbA3IiMs66pmw_GetaFKwPm9HRL1-Kw>
 <xmx:gEI6YfmdrDXiBxOGHNoEK-qLhf_wC9iawOPFvlgdyVnFPtZotruzCg>
 <xmx:gEI6YRbY8_eMuK3F3hg_z9Ar6ducC1M3Q4iMON8MaaRe9jbkcCK5-A>
Received: by mail.messagingengine.com (Postfix) with ESMTPA for
 <guix-patches@gnu.org>; Thu, 9 Sep 2021 13:21:04 -0400 (EDT)
From: Leo Famulari <leo@famulari.name>
Date: Thu,  9 Sep 2021 13:21:00 -0400
Message-Id: <08e0c59de3bf79d8b95107019295afeb2113b3e7.1631207973.git.leo@famulari.name>
X-Mailer: git-send-email 2.33.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=64.147.123.19; envelope-from=leo@famulari.name;
 helo=wout3-smtp.messagingengine.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1631208138;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:resent-cc:
	 resent-from:resent-sender:resent-message-id:list-id:list-help:
	 list-unsubscribe:list-subscribe:list-post:dkim-signature;
	bh=NhSDC6bCiFn+NCDdHUQcMxk4u4I+XEslPkyAL0qbbWA=;
	b=FHrI5gZHeAnyU2LmQCdpDXbwEEFeFgLvJeucVZR92LDKZgujnsG/KMQBtCZT6mbiy9ZPn7
	nfrRTttHTsWULbiYZF67cLuVsC9XvubQZMdiYShk++3kbh+Aj0v87yM3rKiV+MX9UbxvIC
	bJMaHCNCbJB/57SYwYHZBHFfNSEonfjmCZT5/P8Gtq/Otsj2u/ozt4k1buFORZwEMQSrAs
	6Zx+2tH260xPiSdL5LlvY1XzEQr6oMQshsOGcY1P6/QEaUYXOl4WZtgyxVn8UXlve0YBzH
	pQz6Egp3GXRyMpHn9yMroWK5oEr4sYJqjmpBNS+87qI6yk0ZYlrS5ZBFxcypTA==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1631208138; a=rsa-sha256; cv=none;
	b=ApYLBUf6XyP27d6Uj6qFcA/gqUgjCUJ5iqJXCi/IqM+1e2xINIETB5VzGvCAJE4053Tp6l
	pqBjxFQhiZKjF8TTfsMB5FCykaMjIW7n+XGn61lVPIAI2o+gPjXiOKYvFEXm08+ifqsdsW
	7+OUJV3kzVR2ZPvX1WO3HH5sBbGKBYWlh/RLfRe+3eUwdkRzdjhazc86/HgncvUfkm5iDy
	LpU/UzESO8PEh1EdDqQ1N5PluDjVVky8AftmRgXEd2JmQWmHCiVj0nU55gFLiVlLMkpoon
	XHHFjUDrtV9aY7ADLqhQMajAvN6f+9nNcV3wVwAXsAJua2T1/7lClmYGwNw2Jg==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=famulari.name header.s=mesmtp header.b=h5jvChN1;
	dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm3 header.b=q4pWJyRi;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org
X-Migadu-Spam-Score: 3.59
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=famulari.name header.s=mesmtp header.b=h5jvChN1;
	dkim=fail ("headers rsa verify failed") header.d=messagingengine.com header.s=fm3 header.b=q4pWJyRi;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org
X-Migadu-Queue-Id: 94C4523186
X-Spam-Score: 3.59
X-Migadu-Scanner: scn1.migadu.com
X-TUID: Xr7mgyp+nSBD

The upstream security advisory is named NTFS3G-SA-2021-0001.

Fixes CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289,
CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251,
CVE-2021-39252, CVE-2021-39253, CVE-2021-39254, CVE-2021-39255, CVE-2021-39256,
CVE-2021-39257, CVE-2021-39258, CVE-2021-39259, CVE-2021-39260, CVE-2021-39261,
CVE-2021-39262, CVE-2021-39263.

For more information:

https://seclists.org/oss-sec/2021/q3/139

* gnu/packages/linux.scm (ntfs-3g): Update to 2021.8.22.
[source]: Remove obsolete patch.
* gnu/packages/patches/ntfs-3g-CVE-2019-9755.patch: Delete file.
* gnu/local.mk (dist_patch_DATA): Remove it.
---
 gnu/local.mk                                  |  1 -
 gnu/packages/linux.scm                        |  9 ++-
 .../patches/ntfs-3g-CVE-2019-9755.patch       | 72 -------------------
 3 files changed, 4 insertions(+), 78 deletions(-)
 delete mode 100644 gnu/packages/patches/ntfs-3g-CVE-2019-9755.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index 2a56c4a9e2..451cd9d1c1 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1507,7 +1507,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/nsis-source-date-epoch.patch		\
   %D%/packages/patches/nss-increase-test-timeout.patch		\
   %D%/packages/patches/nss-3.56-pkgconfig.patch			\
-  %D%/packages/patches/ntfs-3g-CVE-2019-9755.patch		\
   %D%/packages/patches/nvi-assume-preserve-path.patch		\
   %D%/packages/patches/nvi-dbpagesize-binpower.patch		\
   %D%/packages/patches/nvi-db4.patch				\
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 4281ce4b0a..5860a49df7 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -5902,15 +5902,14 @@ invocations of itself.")
 (define-public ntfs-3g
   (package
     (name "ntfs-3g")
-    (version "2017.3.23")
+    (version "2021.8.22")
     (source (origin
               (method url-fetch)
               (uri (string-append "https://tuxera.com/opensource/"
                                   "ntfs-3g_ntfsprogs-" version ".tgz"))
-              (patches (search-patches "ntfs-3g-CVE-2019-9755.patch"))
               (sha256
                (base32
-                "1mb228p80hv97pgk3myyvgp975r9mxq56c6bdn1n24kngcfh4niy"))
+                "1yrf42xr92qv3pads8lzp5nyssz6875ncfgg8v3jwjyr0nm87f2m"))
               (modules '((guix build utils)))
               (snippet '(begin
                           ;; Install under $prefix.
@@ -5919,8 +5918,8 @@ invocations of itself.")
                              "@sbindir@"))
                           #t))))
     (build-system gnu-build-system)
-    (inputs `(("util-linux" ,util-linux)
-              ("fuse" ,fuse)))                    ;libuuid
+    (inputs `(("util-linux" ,util-linux) ; libuuid
+              ("fuse" ,fuse)))
     (native-inputs `(("pkg-config" ,pkg-config)))
     (arguments
      '(#:configure-flags (list "--disable-static"
diff --git a/gnu/packages/patches/ntfs-3g-CVE-2019-9755.patch b/gnu/packages/patches/ntfs-3g-CVE-2019-9755.patch
deleted file mode 100644
index a7794aed47..0000000000
--- a/gnu/packages/patches/ntfs-3g-CVE-2019-9755.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-Fix CVE-2019-9755:
-
-https://security-tracker.debian.org/tracker/CVE-2019-9755
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9755
-
-Patch copied from upstream source repository:
-
-https://sourceforge.net/p/ntfs-3g/ntfs-3g/ci/85c1634a26faa572d3c558d4cf8aaaca5202d4e9/
-
-From 85c1634a26faa572d3c558d4cf8aaaca5202d4e9 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Jean-Pierre=20Andr=C3=A9?= <jean-pierre.andre@wanadoo.fr>
-Date: Wed, 19 Dec 2018 15:57:50 +0100
-Subject: [PATCH] Fixed reporting an error when failed to build the mountpoint
-
-The size check was inefficient because getcwd() uses an unsigned int
-argument.
----
- src/lowntfs-3g.c | 6 +++++-
- src/ntfs-3g.c    | 6 +++++-
- 2 files changed, 10 insertions(+), 2 deletions(-)
-
-diff --git a/src/lowntfs-3g.c b/src/lowntfs-3g.c
-index 993867fa..0660439b 100644
---- a/src/lowntfs-3g.c
-+++ b/src/lowntfs-3g.c
-@@ -4411,7 +4411,8 @@ int main(int argc, char *argv[])
- 	else {
- 		ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
- 		if (ctx->abs_mnt_point) {
--			if (getcwd(ctx->abs_mnt_point,
-+			if ((strlen(opts.mnt_point) < PATH_MAX)
-+			    && getcwd(ctx->abs_mnt_point,
- 				     PATH_MAX - strlen(opts.mnt_point) - 1)) {
- 				strcat(ctx->abs_mnt_point, "/");
- 				strcat(ctx->abs_mnt_point, opts.mnt_point);
-@@ -4419,6 +4420,9 @@ int main(int argc, char *argv[])
- 			/* Solaris also wants the absolute mount point */
- 				opts.mnt_point = ctx->abs_mnt_point;
- #endif /* defined(__sun) && defined (__SVR4) */
-+			} else {
-+				free(ctx->abs_mnt_point);
-+				ctx->abs_mnt_point = (char*)NULL;
- 			}
- 		}
- 	}
-diff --git a/src/ntfs-3g.c b/src/ntfs-3g.c
-index 6ce89fef..4e0912ae 100644
---- a/src/ntfs-3g.c
-+++ b/src/ntfs-3g.c
-@@ -4148,7 +4148,8 @@ int main(int argc, char *argv[])
- 	else {
- 		ctx->abs_mnt_point = (char*)ntfs_malloc(PATH_MAX);
- 		if (ctx->abs_mnt_point) {
--			if (getcwd(ctx->abs_mnt_point,
-+			if ((strlen(opts.mnt_point) < PATH_MAX)
-+			    && getcwd(ctx->abs_mnt_point,
- 				     PATH_MAX - strlen(opts.mnt_point) - 1)) {
- 				strcat(ctx->abs_mnt_point, "/");
- 				strcat(ctx->abs_mnt_point, opts.mnt_point);
-@@ -4156,6 +4157,9 @@ int main(int argc, char *argv[])
- 			/* Solaris also wants the absolute mount point */
- 				opts.mnt_point = ctx->abs_mnt_point;
- #endif /* defined(__sun) && defined (__SVR4) */
-+			} else {
-+				free(ctx->abs_mnt_point);
-+				ctx->abs_mnt_point = (char*)NULL;
- 			}
- 		}
- 	}
--- 
-2.21.0
-
-- 
2.33.0