Commit cda35814 authored by Ben Hutchings's avatar Ben Hutchings

ntfs: Mark it as broken, and add CVE IDs that are being closed

parent becaca2c
......@@ -809,6 +809,7 @@ linux (4.19.34-1) UNRELEASED; urgency=medium
* [armel/marvell,sh4] linux-image: Recommend apparmor, like all other configs
* udeb: Drop unused ntfs-modules packages
* ntfs: Disable NTFS_FS due to lack of upstream security support
(CVE-2018-12929, CVE-2018-12930, CVE-2018-12931)
[ YunQiang Su ]
* [mips*r6] Re-enable CONFIG_JUMP_LABEL, which has been fixed in upstream.
From: Ben Hutchings <>
Date: Thu, 25 Apr 2019 15:31:33 +0100
Subject: ntfs: mark it as broken
NTFS has unfixed issues CVE-2018-12929, CVE-2018-12930, and
CVE-2018-12931. ntfs-3g is a better supported alternative.
Make sure it can't be enabled even in custom kernels.
--- a/fs/ntfs/Kconfig
+++ b/fs/ntfs/Kconfig
@@ -1,5 +1,6 @@
config NTFS_FS
tristate "NTFS file system support"
+ depends on BROKEN
select NLS
NTFS is the file system of Microsoft Windows NT, 2000, XP and 2003.
......@@ -147,6 +147,7 @@ features/all/lockdown/lockdown-refer-to-debian-wiki-until-manual-page-exists.pat
# Security fixes
# Fix exported symbol versions
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment