Control: reassign -1 src:util-linux 2.29.2-1 Control: tags -1 + upstream fixed-upstream
Hi Björn Thanks for reporting the issue! On Tue, Mar 06, 2018 at 02:44:39PM +0100, Björn Bosselmann wrote: > Package: bash-completion > Version: 1:2.1-4.3 > Severity: grave > Tags: security > > Hi, > > when bash-completion is installed, it uses > /usr/share/bash-completion/completions/umount from umount package to > provide autocompletion. This script does not escape mount paths > correctly, so it allows a local user with rights to mount filesystems to > execute commands in the context of the umount user (probably root). > Unprivileged users can mount filesystems with custom mountpoints using > udisks2, FUSE or with the help of desktop environments. The umount completion is actually provided by util-linux (since 2.28-1 where it took over from bash-completion itself). I'm thus reassigning it to src:util-linux. Then if the issue is present as well in bash-completion earlier than 1:2.1-4.3, then 1:2.1-4.3 removed the completion and would not be affected in the resulting binary packages (source still might be). Regards, Salvatore