Branch: refs/heads/master Home: https://github.com/NixOS/nixpkgs Commit: 19f23d00fd91c68911c8bf8e7d8dc0e19a3faaaa https://github.com/NixOS/nixpkgs/commit/19f23d00fd91c68911c8bf8e7d8dc0e19a3faaaa Author: Graham Christensen <gra...@grahamc.com> Date: 2017-02-08 (Wed, 08 Feb 2017)
Changed paths: M pkgs/tools/filesystems/ntfs-3g/default.nix Log Message: ----------- ntfs3g: patch for CVE-2017-0358 >From the Debian advisory: Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation.
_______________________________________________ nix-commits mailing list nix-comm...@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-commits