CVE-2010-0789 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0789): fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary FUSE filesystem share via a symlink attack on a mountpoint.
Looks like the current stable version sys-fs/fuse-2.8.1 is vulnerable. We have 2.8.5 in the tree. Anything I could do to speed processing up?
(In reply to comment #1) > Looks like the current stable version sys-fs/fuse-2.8.1 is vulnerable. We have > 2.8.5 in the tree. Anything I could do to speed processing up? We could start by doing a stable request. :) Arches, please test and mark stable: =sys-fs/fuse-2.8.5
x86 stable
amd64 ok
amd64 done. Thanks Agostino
Stable for HPPA.
alpha/ia64/sparc stable
Stable for PPC.
ppc64 done
GLSA Vote: No.
Insecure versions removed from the tree.
GLSA Vote: no -> Closing. Feel free to reopen if you disagree.