Your message dated Thu, 21 May 2015 18:19:18 +0000 with message-id <e1yvv3u-0006z1...@franck.debian.org> and subject line Bug#786439: fixed in fuse 2.9.3-16 has caused the Debian Bug report #786439, regarding fuse: CVE-2015-3202 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 786439: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786439 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: fuse Version: 2.9.0-1 Severity: grave Tags: security upstream Justification: user security hole Control: fixed -1 2.9.0-2+deb7u2 Hi See https://marc.info/?l=oss-security&m=143222736930704&w=2 for details. Updated packages for wheezy-security and jessie-security were just released as DSA-3266-1. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: fuse Source-Version: 2.9.3-16 We believe that the bug you reported is fixed in the latest version of fuse, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 786...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Laszlo Boszormenyi (GCS) <g...@debian.org> (supplier of updated fuse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 21 May 2015 17:22:33 +0000 Source: fuse Binary: fuse fuse-dbg libfuse2 libfuse-dev fuse-udeb libfuse2-udeb Architecture: source amd64 Version: 2.9.3-16 Distribution: unstable Urgency: high Maintainer: Laszlo Boszormenyi (GCS) <g...@debian.org> Changed-By: Laszlo Boszormenyi (GCS) <g...@debian.org> Description: fuse - Filesystem in Userspace fuse-dbg - Filesystem in Userspace (debug) fuse-udeb - Filesystem in Userspace (udeb) libfuse-dev - Filesystem in Userspace (development) libfuse2 - Filesystem in Userspace (library) libfuse2-udeb - Filesystem in Userspace (library) (udeb) Closes: 786439 Changes: fuse (2.9.3-16) unstable; urgency=high . * Sync with Ubuntu. * Update Standards-Version to 3.9.6 . . [ Marc Deslauriers <marc.deslauri...@ubuntu.com> ] * SECURITY UPDATE: privilege escalation via insecure environment - debian/patches/CVE-2015-3202.patch: use execle to run external helpers in lib/mount_util.c, util/mount_util.c. - CVE-2015-3202 (closes: #786439). Checksums-Sha1: 3012923cd92596d4b115e6b847b253b0af22a09a 2097 fuse_2.9.3-16.dsc 7a8b88d9456947f5969bfbbbf2476b67cd125cec 17428 fuse_2.9.3-16.debian.tar.xz f2404a3eb0822631fad8cc17b1f30d84c40b472c 309558 fuse-dbg_2.9.3-16_amd64.deb b222a2b598e8765c7c832483e62fc17df93fee47 14520 fuse-udeb_2.9.3-16_amd64.udeb dbfe1ba4ccad40a69ff5fbd91e49fb5ba98c91cc 70580 fuse_2.9.3-16_amd64.deb cd8a750be36887deb8b0480c097818cbb2d5f7f3 149866 libfuse-dev_2.9.3-16_amd64.deb 5bf3fcd144257d4eb0a6c88cd4f87a86374f06c6 66598 libfuse2-udeb_2.9.3-16_amd64.udeb 500c97afdb76e52a0220fbcbfef99845cfb9962d 134708 libfuse2_2.9.3-16_amd64.deb Checksums-Sha256: adcec01bc376c36c0dd2d138eb88287810a56094f01c1d6b4a669378b32c9b20 2097 fuse_2.9.3-16.dsc 67a0dc508d1dc0e27e6be5f929c9951fb1cf00be2f972db62983f40bff216072 17428 fuse_2.9.3-16.debian.tar.xz 5dd247ae1a0c1bc4c4149fc6460ac62362bbd81833f14a49d8da0634b2a97a78 309558 fuse-dbg_2.9.3-16_amd64.deb 9b3ef23787f034156f4566a5060f6c74cb4f51571cbd5fa881da08dfd0b10245 14520 fuse-udeb_2.9.3-16_amd64.udeb 2eb95f50058e54bbb6a98ca39198a8f5ea1b231701e1f3b067feb43333f54c55 70580 fuse_2.9.3-16_amd64.deb bac80b3f11bdcbb6363eac71d9628e27ca8014bbcde2b44855807c41ead7ca43 149866 libfuse-dev_2.9.3-16_amd64.deb f4af9ea594caad76bc78bca7e78c2968d66d1fa11b61c74a02cf72b92165fd37 66598 libfuse2-udeb_2.9.3-16_amd64.udeb 2f079d57c56ef09de20d85e718148d5aa93f402dbc4a1557d189d1b7365484ae 134708 libfuse2_2.9.3-16_amd64.deb Files: 3f58f54597c4be935e1e3971f04ffe38 2097 utils optional fuse_2.9.3-16.dsc 6e6d96b16c754ad0167f63f24ed7635d 17428 utils optional fuse_2.9.3-16.debian.tar.xz 2a9fbbe849f1220e9948c3d21127f572 309558 debug extra fuse-dbg_2.9.3-16_amd64.deb a292e7e7f657bfd975fc0ddbe46676ca 14520 debian-installer optional fuse-udeb_2.9.3-16_amd64.udeb ad61efcc1b3ba4256485ce195d063208 70580 utils optional fuse_2.9.3-16_amd64.deb 859c2a2cd6cfebec831f83dc2bc35d49 149866 libdevel optional libfuse-dev_2.9.3-16_amd64.deb 48f89e33028ced9e4a93db48f82504b9 66598 debian-installer optional libfuse2-udeb_2.9.3-16_amd64.udeb f61b2cd4497b67e26f13679ef9e38952 134708 libs optional libfuse2_2.9.3-16_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVXh25AAoJENzjEOeGTMi/xHsP/0A1XKMunKyc70+vHBWm//Pp KSwEEQ6pewZmgpC41e1Dwe+POxUZREkxdWoyEnJxBsfEqGziv3f6KVOAn2oUbnr8 TRrYKscvOkcE2PeIarJXJm80VHHkhZseZkPuClfpSr1N2pW0hdF2NlBlwiy3PX9H 5ZgcrUWAs/HHDoUvuqVFhgWxrkH3bbTwz5NRfQ4OjrCkQQaPlW2VONPT2Rl01eG/ 4HSoGLfQ6EhsL30792bpwvzjKLKNvMrJVmQOoz5zme/Ibq27LeFPSELpxq6N0VV2 I/HRRQ8Guk4IFApJdFmNsXH5Qog0l7tTSJk9iX0JxudnjGq5em8mOjPEW88CeSXp hqfeCFy6vqiu7+vPL/XkAknAqVPnJsOV6veucXDBU0XWbMhKojPcG7M3SMa8ruxC fqimfkUiSxNw+V1qI5/6bhRVWNRQ2Mm1YhGhT7VrD3QAj9EqUhllqxbnuJsl+2zo vaDMy8ofeeVpJOclV8Ao5Kh9zSkki20fgfdHGvj/WifVMI4IcEVbxHBjL2Ebfnpm gSeuFqDjNzPAjHYRoLHbrL7OUEbT/BMk91n20j0fZLOECQz7IcqQfVoqJKNBcclV Me3gZ029sJFEoJWijz9n9hXOaGMzG7NCmWR0dJc+uWp2M3uVqn77qJjbuPK3niTv 1hnJiWxOMHuVKRZHicob =GNEv -----END PGP SIGNATURE-----
--- End Message ---
