Paketname
fuse
Datum
2013-04-29
Advisory ID
MDVSA-2013:155
Betroffene Versionen
MES5 i586 , MES5 x86_64

Problembeschreibung

A vulnerability has been found and corrected in fuse:

FUSE, possibly 2.8.5 and earlier, allows local users to create
mtab entries with arbitrary pathnames, and consequently unmount
any filesystem, via a symlink attack on the parent directory of
the mountpoint of a FUSE filesystem, a different vulnerability than
CVE-2010-0789 (CVE-2010-3879).

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

MES5 i586

 454fb9c68b076a9759a3023e3f4e375f  mes5/i586/fuse-2.7.4-4.4mdvmes5.2.i586.rpm
 c8f4c5487d17e410bd03db7690139d77  mes5/i586/libfuse2-2.7.4-4.4mdvmes5.2.i586.rpm
 20a2ba434d7206f37ef3821146a8592b  mes5/i586/libfuse-devel-2.7.4-4.4mdvmes5.2.i586.rpm
 d5fe2230e268edf51c42aaf9161af412  mes5/i586/libfuse-static-devel-2.7.4-4.4mdvmes5.2.i586.rpm 
 102f5e6b2989eb72ba4b50554e24a109  mes5/SRPMS/fuse-2.7.4-4.4mdvmes5.2.src.rpm

MES5 x86_64

 9bc54b1f4940de376fab39ca0696cf77  mes5/x86_64/fuse-2.7.4-4.4mdvmes5.2.x86_64.rpm
 78b7772919fc74d4e850be0bef656d29  mes5/x86_64/lib64fuse2-2.7.4-4.4mdvmes5.2.x86_64.rpm
 cbf3afa08885005b4de6dd730b2510f0  mes5/x86_64/lib64fuse-devel-2.7.4-4.4mdvmes5.2.x86_64.rpm
 bd703d9f4f9a1c68b053ffefc0313e46  mes5/x86_64/lib64fuse-static-devel-2.7.4-4.4mdvmes5.2.x86_64.rpm 
 102f5e6b2989eb72ba4b50554e24a109  mes5/SRPMS/fuse-2.7.4-4.4mdvmes5.2.src.rpm

Referenzen