[ubuntu/hardy-security] fuse, fuse (delayed) 2.7.2-1ubuntu2.3 (Accepted)
Ubuntu Installer
archive at ubuntu.com
Mon Feb 28 18:09:20 UTC 2011
- Previous message: [ubuntu/hardy-security] sun-java6_6.24-1build0.8.04.1_amd64_translations.tar.gz, sun-java6_6.24-1build0.8.04.1_lpia_translations.tar.gz (delayed), sun-java6_6.24-1build0.8.04.1_i386_translations.tar.gz, sun-java6, sun-java6_6.24-1build0.8.04.1_ia64_translations.tar.gz 6.24-1build0.8.04.1 (Accepted)
- Next message: [ubuntu/hardy-security] samba_3.0.28a-1ubuntu4.14_amd64_translations.tar.gz, samba, samba_3.0.28a-1ubuntu4.14_powerpc_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_lpia_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_ia64_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_sparc_translations.tar.gz (delayed), samba_3.0.28a-1ubuntu4.14_i386_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_hppa_translations.tar.gz 3.0.28a-1ubuntu4.14 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
fuse (2.7.2-1ubuntu2.3) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary unprivileged unmount
- debian/patches/CVE-2011-0541.dpatch: don't follow symlinks when
unmounting in case of a failed mtab update in util/fusermount.c.
- debian/patches/CVE-2011-0542.dpatch: chdir to / before performing
mount/umount in util/fusermount.c.
- debian/patches/CVE-2011-0543.dpatch: remove legacy util-linux
support so symlinks don't get followed upon fallback in
lib/mount_util.c, util/fusermount.c.
- CVE-2011-0541
- CVE-2011-0542
- CVE-2011-0543
Date: Fri, 11 Feb 2011 15:06:00 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/fuse/2.7.2-1ubuntu2.3
-------------- next part --------------
Format: 1.7
Date: Fri, 11 Feb 2011 15:06:00 -0500
Source: fuse
Binary: fuse-utils libfuse-dev libfuse2 fuse-source fuse-utils-udeb libfuse2-udeb
Architecture: source
Version: 2.7.2-1ubuntu2.3
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
fuse-source - Source for the Fuse kernel module
fuse-utils - Filesystem in USErspace (utilities)
fuse-utils-udeb - Filesystem in USErspace (utilities)
libfuse-dev - Filesystem in USErspace (development files)
libfuse2 - Filesystem in USErspace library
libfuse2-udeb - Filesystem in USErspace library
Changes:
fuse (2.7.2-1ubuntu2.3) hardy-security; urgency=low
.
* SECURITY UPDATE: arbitrary unprivileged unmount
- debian/patches/CVE-2011-0541.dpatch: don't follow symlinks when
unmounting in case of a failed mtab update in util/fusermount.c.
- debian/patches/CVE-2011-0542.dpatch: chdir to / before performing
mount/umount in util/fusermount.c.
- debian/patches/CVE-2011-0543.dpatch: remove legacy util-linux
support so symlinks don't get followed upon fallback in
lib/mount_util.c, util/fusermount.c.
- CVE-2011-0541
- CVE-2011-0542
- CVE-2011-0543
Files:
a078e7da97c67a2e8932974152daa1d2 1551 libs optional fuse_2.7.2-1ubuntu2.3.dsc
d6ef479dae54fbe76fa652c172239905 24330 libs optional fuse_2.7.2-1ubuntu2.3.diff.gz
Original-Maintainer: Bartosz Fenski <fenio at debian.org>
- Previous message: [ubuntu/hardy-security] sun-java6_6.24-1build0.8.04.1_amd64_translations.tar.gz, sun-java6_6.24-1build0.8.04.1_lpia_translations.tar.gz (delayed), sun-java6_6.24-1build0.8.04.1_i386_translations.tar.gz, sun-java6, sun-java6_6.24-1build0.8.04.1_ia64_translations.tar.gz 6.24-1build0.8.04.1 (Accepted)
- Next message: [ubuntu/hardy-security] samba_3.0.28a-1ubuntu4.14_amd64_translations.tar.gz, samba, samba_3.0.28a-1ubuntu4.14_powerpc_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_lpia_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_ia64_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_sparc_translations.tar.gz (delayed), samba_3.0.28a-1ubuntu4.14_i386_translations.tar.gz, samba_3.0.28a-1ubuntu4.14_hppa_translations.tar.gz 3.0.28a-1ubuntu4.14 (Accepted)
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the Hardy-changes
mailing list