Univention Bugzilla – Bug 47605
fuse: Multiple issues (4.2)
Last modified: 2018-08-22 15:03:15 CEST
New Debian fuse 2.9.3-15+deb8u3 fixes: This update addresses the following issue: * bypass of the "user_allow_other" restriction when SELinux is active (CVE-2018-10906)
--- mirror/ftp/4.2/unmaintained/4.2-0/source/fuse_2.9.3-15+deb8u2.dsc +++ apt/ucs_4.2-0-errata4.2-4/source/fuse_2.9.3-15+deb8u3.dsc @@ -1,3 +1,9 @@ +2.9.3-15+deb8u3 [Wed, 15 Aug 2018 19:03:02 +0200] Thorsten Alteholz <debian@alteholz.de>: + + * Non-maintainer upload by the LTS Team. + * CVE-2018-10906 + Restriction bypass of the "allow_other" option when SELinux is active + 2.9.3-15+deb8u2 [Wed, 20 Jan 2016 19:58:39 +0100] Laszlo Boszormenyi (GCS) <gcs@debian.org>: * Fix permissions on cuse character device to be accessible by root only. <http://10.200.17.11/4.2-4/#5350748806843230758>
OK: yaml OK: errata-announce OK: patch OK: piuparts [4.2-4] e8d93c0f5a Bug #47605: fuse 2.9.3-15+deb8u3 doc/errata/staging/fuse.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) [4.2-4] 9845db036b Bug #47605: fuse 2.9.3-15+deb8u3 doc/errata/staging/fuse.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<http://errata.software-univention.de/ucs/4.2/492.html>