From ${URL} : It was foudn that FUSE, a Filesystem in USErspace, did not properly sanitize environment variables before executing a mount or umount operation with elevated privileges. A local attacker could use this flaw to overwrite arbitrary files on the system or escalate their privileges. Additional details: http://seclists.org/oss-sec/2015/q2/520 patch: https://bugzilla.redhat.com/attachment.cgi?id=1028606 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Maintainers: version 2.9.4 is available and fixes the vulnerability.
Arches please stabilize 2.9.4.
amd64 stable
Stable for HPPA.
x86 stable
Stable for PPC64.
ppc stable
arm stable
alpha stable
ia64 stable
CVE-2015-3202 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3202): fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature.
sparc stable
Since arm64 is not part of the stable arches, we will leave it for stabilization in due time but meanwhile we are going to go ahead with the GLSA. New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s).
It has been 30 days+ since cleanup requested. Maintainer(s), please drop the vulnerable version(s).
Maintainer(s), please drop the vulnerable version(s).
(In reply to Yury German from comment #15) > Maintainer(s), please drop the vulnerable version(s). Done.
Maintainer(s), Thank you for your work.
This issue was resolved and addressed in GLSA 201603-04 at https://security.gentoo.org/glsa/201603-04 by GLSA coordinator Kristian Fiskerstrand (K_F).