Branch: refs/heads/master
  Home:   https://github.com/NixOS/nixpkgs
  Commit: 19f23d00fd91c68911c8bf8e7d8dc0e19a3faaaa
      
https://github.com/NixOS/nixpkgs/commit/19f23d00fd91c68911c8bf8e7d8dc0e19a3faaaa
  Author: Graham Christensen <gra...@grahamc.com>
  Date:   2017-02-08 (Wed, 08 Feb 2017)

  Changed paths:
    M pkgs/tools/filesystems/ntfs-3g/default.nix

  Log Message:
  -----------
  ntfs3g: patch for CVE-2017-0358

>From the Debian advisory:

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write
NTFS driver for FUSE, does not scrub the environment before executing
modprobe with elevated privileges. A local user can take advantage of
this flaw for local root privilege escalation.


_______________________________________________
nix-commits mailing list
nix-comm...@lists.science.uu.nl
http://lists.science.uu.nl/mailman/listinfo/nix-commits

Reply via email to