Fedora has issued an advisory on April 26: https://lists.fedoraproject.org/pipermail/package-announce/2015-May/157216.html The issues are fixed upstream in 7.0: http://www.cgsecurity.org/wiki/TestDisk_7.0_Release Mageia 4 and Mageia 5 are affected. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA5TOO, MGA4TOO
Note that testdisk-7.0 need now qt4-devel as a buildrequires for building qphotorec stuff like fedora's package. This is not the case now in our svn.
CC: (none) => geiger.david68210
The version we currently have doesn't have qphotorec as far as I can tell, so this is not a regression. We can add this feature in Cauldron after branching.
Version: Cauldron => 4Whiteboard: MGA5TOO, MGA4TOO => (none)
Updated packages uploaded for Mageia 4 and Cauldron. Thanks Nicolas! Advisory: ======================== Updated testdisk packages fix security vulnerabilities: The testdisk package has been updated to version 7.0, fixing several security issues and a couple of bugs. See the upstream announcement for more details. References: http://www.cgsecurity.org/wiki/TestDisk_7.0_Release https://lists.fedoraproject.org/pipermail/package-announce/2015-May/157216.html ======================== Updated packages in core/updates_testing: ======================== testdisk-7.0-1.mga4 photorec-7.0-1.mga4 from testdisk-7.0-1.mga4.src.rpm
CC: (none) => mageiaAssignee: mageia => qa-bugs
Testing complete mga4 64 Both need to be run as root. Used testdisk to analyse the disk partitions. Didn't make any changes. Used photorec to scan free space and save recovered items in /root/tmp/
Whiteboard: (none) => has_procedure mga4-64-ok
Testing complete mga4 32, as comment 4.
Validating. Advisory uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: has_procedure mga4-64-ok => has_procedure advisory mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0217.html
Status: NEW => RESOLVEDResolution: (none) => FIXED