Package: libfuse2 Severity: critical Justification: root security hole -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Here's quote from upstream's mail: Here's a new major version of FUSE: http://prdownloads.sourceforge.net/fuse/fuse-2.3.0.tar.gz It contains an important security fix that prevents leaking previous memory contents to unprivileged users (thanks to Sven Tantau for the report). So if you are running a previous version of FUSE on a system with untrusted users, upgrading is recommended. regards fEnIo - -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.4.27-2-686 Locale: LANG=pl_PL, LC_CTYPE=pl_PL (charmap=ISO-8859-2) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFCnuihhQui3hP+/EARAiT8AKCYlLB4+7yPGNRSPcpzP0TGhSt8hgCgn/+o LNZEk0d9cGkwcaQzABcybkE= =gD0q -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
