Summary: | sys-fs/fuse: fusermount can corrupt /etc/mtab (CVE-2005-3531) | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Thierry Carrez (RETIRED) <koon> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | normal | CC: | genstef | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://cvs.sourceforge.net/viewcvs.py/fuse/fuse/util/fusermount.c?r1=1.69&r2=1.70 | ||||||
Whiteboard: | B2? [glsa] koon | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Thierry Carrez (RETIRED)
![]() Created attachment 73173 [details, diff]
fusermount.patch
Patch from Miklos.
Ccing maintainer. genstef: please prepare a new ebuild but do not commit anything to Portage yet. We are waiting for an embargo end date. Fix committed to upstream CVS. Please provide and commit an updated ebuild. genstef, just note the bug # in the Changelog for now and nothing else. I committed an updated ebuild, 2.4.1-r1 I hope it is ok, that I revbumped it Thx Stefan. Arch security liaisons, please test and mark stable. Don't do any verbose Changelogs at this time, it's still not completely public. Calling: ppc -> hansmi amd64 -> blubb x86 -> halcy0n Marked stable on ppc. sir, amd64 stable, sir. x86 done Waiting for public disclsure. GLSA 200511-17 |