Bug 94917 - sys-fs/fuse: Exposure of Sensitive Information
Bug#: 94917 Product:  Gentoo Security Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: minor Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: adirab@gmail.com
Component: Vulnerabilities
URL:  http://secunia.com/advisories/15561/
Summary: sys-fs/fuse: Exposure of Sensitive Information
Keywords:  
Status Whiteboard: B4 [noglsa]
Opened: 2005-06-03 06:30 0000
Description:   Opened: 2005-06-03 06:30 0000 
From Secunia: 

Description:
A security issue has been reported in FUSE, which potentially can be exploited
by malicious, local users to disclose sensitive information.

The problem is that certain memory content is not correctly cleared before being
returned to users and may contain sensitive information.

Solution:
Update to version 2.3.0.
http://sourceforge.net/project/showfiles.php?group_id=121684

Reproducible: Always
Steps to Reproduce:

------- Comment #1 From Thierry Carrez (RETIRED) 2005-06-03 08:10:11 0000 ------- 
Stefan, please bump ?

------- Comment #2 From Thierry Carrez (RETIRED) 2005-06-08 06:41:09 0000 ------- 
ppc, please test and mark stable

------- Comment #3 From Michael Hanselmann (hansmi) (RETIRED) 2005-06-08 10:33:31 0000 ------- 
Stable on ppc.

------- Comment #4 From Thierry Carrez (RETIRED) 2005-06-08 11:31:38 0000 ------- 
GLSA vote --> I vote NO

------- Comment #5 From Sune Kloppenborg Jeppesen 2005-06-08 13:30:26 0000 ------- 
I tend to vote NO as well.

------- Comment #6 From Thierry Carrez (RETIRED) 2005-06-09 10:33:35 0000 ------- 
Closing...
Anyone wanting to vote YES please reopen