This bug was fixed in the package fuse - 2.7.2-1ubuntu2.2
---------------
fuse (2.7.2-1ubuntu2.2) hardy-security; urgency=low
* SECURITY UPDATE: arbitrary unprivileged unmount (LP: #670622)
- debian/patches/CVE-2010-3879.dpatch: backported numerous fuse fixes
from git tree to fix security issues.
- Block SIGCHLD when executing mount and umount
- Use "--no-canonicalize' option of mount(8)
- Fix race if two "fusermount -u" instances are run in parallel
- Make sure the path to be unmounted doesn't refer to a symlink
- Use umount --fake to update /etc/mtab
- debian/patches/200-fix_mount_symlink_handling: removed, changes are
in the new patch.
- debian/control: make libfuse2 depend on version of mount that
contains backported --fake support.
- CVE-2010-3879
-- Marc Deslauriers <[email protected]> Thu, 09 Dec 2010 16:27:05
-0500
** Changed in: fuse (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/670622
Title:
fusermount allows unmount any filesystem
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
