CVE-2010-0296 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0296): The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlier, as used by ncpmount and mount.cifs, does not properly handle newline characters in mountpoint names, which allows local users to cause a denial of service (mtab corruption), or possibly modify mount options and gain privileges, via a crafted mount request.
Please advice if it's already patched, you always seem to know this anyways... ;)
the fix is already in glibc-2.11.2 which is stable for most everyone ... maybe only hppa/s390 still need keywording
This is GLSA 201011-01, thanks everyone, and sorry about the delay.