ntfs-3g (1:2015.3.14AR.1-1ubuntu0.3) xenial-security; urgency=medium

  * Fix LP: #1821250 - Don't install /bin/ntfs-3g as setuid root. If
    administrators want to allow unprivileged users to be able to mount NTFS
    images, they can restore this functionality by changing the permissions of
    /bin/ntfs-3g with dpkg-statoverride
    - update debian/ntfs-3g.postinst

 -- Chris Coulson <chris.coulson@canonical.com>  Thu, 21 Mar 2019 21:33:36 +0000

ntfs-3g (1:2015.3.14AR.1-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Heap buffer overflow in /bin/ntfs-3g
    - debian/patches/0001-Fixed-reporting-an-error-when-failed-to-build-the-mo.patch:
      Fixed reporting an error when failed to build the mountpoint
    - CVE-2019-9755

 -- Chris Coulson <chris.coulson@canonical.com>  Thu, 14 Mar 2019 15:36:07 +0000

ntfs-3g (1:2015.3.14AR.1-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Improper environment scrubbing prior to executing
    modprobe could allow a local attacker to load arbitrary kernel modules
    - debian/patches/0002-CVE-2017-0358.patch: Execute modprobe with an empty
      environment. Based on patch from upstream.
    - CVE-2017-0358

 -- Tyler Hicks <tyhicks@canonical.com>  Fri, 27 Jan 2017 23:34:41 +0000

ntfs-3g (1:2015.3.14AR.1-1build1) xenial; urgency=medium

  * No-change rebuild for gnutls transition.

 -- Matthias Klose <doko@ubuntu.com>  Wed, 17 Feb 2016 22:26:46 +0000

ntfs-3g (1:2015.3.14AR.1-1) unstable; urgency=low

  * New upstream release.
  * Don't run update-initramfs twice (closes: #787389).

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Tue, 01 Sep 2015 20:00:05 +0200

ntfs-3g (1:2014.2.15AR.3-3) unstable; urgency=high

  [ Salvatore Bonaccorso <carnil@debian.org> ]
  * Change all relevant execl() calls to execle() to fix all possible cases
    of CVE-2015-3202 (closes: #786475).

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Tue, 26 May 2015 17:23:19 +0000

ntfs-3g (1:2014.2.15AR.3-2) unstable; urgency=high

  * Apply 0002-CVE-2015-3202.patch to fix CVE-2015-3202 in the embedded FUSE
    library (closes: #786475).
  * Restrict the FUSE version in Build-Depends to the fixed package version
    to be extra safe.

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Fri, 22 May 2015 16:15:14 +0000

ntfs-3g (1:2014.2.15AR.3-1) unstable; urgency=medium

  * New upstream release.
  * Fix FUSE fallback for old 2.6.x kernels (closes: #766911).

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Thu, 13 Nov 2014 05:43:59 +0000

ntfs-3g (1:2014.2.15AR.2-1) unstable; urgency=low

  * New upstream release.
  * Remove 0001-type-inconsistencies.patch and 0002-exit-values.patch , this
    release contains those.
  * Update Standards-Version to 3.9.6 .

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Sun, 05 Oct 2014 09:34:12 +0000

ntfs-3g (1:2014.2.15AR.1-5) unstable; urgency=low

  * New maintainer (closes: #756549).
  * Add watch file.

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Wed, 30 Jul 2014 21:17:37 +0000

# For older changelog entries, run 'apt-get changelog ntfs-3g'