Gentoo Bug 94917 - sys-fs/fuse: Exposure of Sensitive Information

First Last Prev Next No search results available Search page Enter new bug

Bug#:	94917
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Adir Abraham <adirab@gmail.com>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 94917 depends on:			Show dependency tree
Bug 94917 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2005-06-03 06:30 0000

From Secunia: 

Description:
A security issue has been reported in FUSE, which potentially can be exploited
by malicious, local users to disclose sensitive information.

The problem is that certain memory content is not correctly cleared before being
returned to users and may contain sensitive information.

Solution:
Update to version 2.3.0.
http://sourceforge.net/project/showfiles.php?group_id=121684

Reproducible: Always
Steps to Reproduce:

------- Comment #1 From Thierry Carrez (RETIRED) 2005-06-03 08:10:11 0000 -------

Stefan, please bump ?

------- Comment #2 From Thierry Carrez (RETIRED) 2005-06-08 06:41:09 0000 -------

ppc, please test and mark stable

------- Comment #3 From Michael Hanselmann (hansmi) (RETIRED) 2005-06-08 10:33:31 0000 -------

Stable on ppc.

------- Comment #4 From Thierry Carrez (RETIRED) 2005-06-08 11:31:38 0000 -------

GLSA vote --> I vote NO

------- Comment #5 From Sune Kloppenborg Jeppesen 2005-06-08 13:30:26 0000 -------

I tend to vote NO as well.

------- Comment #6 From Thierry Carrez (RETIRED) 2005-06-09 10:33:35 0000 -------

Closing...
Anyone wanting to vote YES please reopen

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 94917

sys-fs/fuse: Exposure of Sensitive Information

Last modified: 2005-06-09 10:33:35 0000