b12f/nixpkgs
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

fuse3: 3.2.4 -> 3.2.5 (security, CVE-2018-10906)

Browse source 
Upstream changelog:
- SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the allow_other option even when
  this was forbidden in /etc/fuse.conf. The vulnerability is present
  only on systems where SELinux is active (including in permissive
  mode).
- The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
- Added a test of seekdir to test_syscalls.
- Fixed readdir bug when non-zero offsets are given to filler and the
  filesystem client, after reading a whole directory, re-reads it from a
  non-zero offset e. g. by calling seekdir followed by readdir.
This commit is contained in:
Michael Weiss 2018-07-25 23:30:19 +02:00
parent 7110d87d51
commit 46cd782b43
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkgs/os-specific/linux/fuse/default.nix
View file

@ -11,7 +11,7 @@ in {
};
fuse_3 = mkFuse {
version = "3.2.4";
sha256Hash = "1ybgd4s7naiyvaris7j6fzp604cgi5mgrn715x8l4kn5k9d840im";
version = "3.2.5";
sha256Hash = "0ibf2isbkm8p1gfaqpqblwsg0lm4s1rmcipv1qcg0wc4wwsbnqpx";
};
}