On Sat, 2009-01-31 at 18:53 +0100, Bernd Schubert wrote: > Dear release team, > > as I already wrote to the mentors list, there is a critical bug in unionfs- > fuse, see below. So far nobody uploaded the package, maybe due to possible > security implications? Or maybe since I also included two other changes? > > Main fix: Bug#511995, one byte to few was malloced on converting relative to > absolute pathes, causing a buffer overflow when relative pathes are specified. [...]
unionfs-fuse is not installed with the setuid bit set, so this doesn't
allow privilege escalation. And users should not be passing untrusted
strings to it, so it doesn't allow compromising an ordinary user
account. So, not a security flaw so far as I can see. But it obviously
ought to be fixed.
Ben.
--
Ben Hutchings
Usenet is essentially a HUGE group of people passing notes in class.
- Rachel Kadel, `A Quick Guide to Newsgroup Etiquette'
signature.asc
Description: This is a digitally signed message part
