Package: fuse-utils
Severity: grave
Tags: security
fuse 2.8.2 fixes a race condition if two fusermount -u instances
are run in paralell, which allows local privilege escalation.
This issue was discovered by Dan Rosenberg.
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-trunk-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages fuse-utils depends on:
ii adduser 3.112 add and remove users and groups
ii libc6 2.10.2-5 Embedded GNU C Library: Shared lib
pn libfuse2 <none> (no description available)
ii makedev 2.3.1-89 creates device files in /dev
ii sed 4.2.1-6 The GNU sed stream editor
ii udev 150-2 /dev/ and hotplug management daemo
fuse-utils recommends no packages.
fuse-utils suggests no packages.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
