Skip to content
This repository has been archived by the owner on Apr 12, 2021. It is now read-only.

Commit

Permalink
fuse3: 3.2.4 -> 3.2.5 (security, CVE-2018-10906)
Browse files Browse the repository at this point in the history 
Upstream changelog:
- SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the allow_other option even when
  this was forbidden in /etc/fuse.conf. The vulnerability is present
  only on systems where SELinux is active (including in permissive
  mode).
- The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
- Added a test of seekdir to test_syscalls.
- Fixed readdir bug when non-zero offsets are given to filler and the
  filesystem client, after reading a whole directory, re-reads it from a
  non-zero offset e. g. by calling seekdir followed by readdir.
  • Loading branch information
@primeos
primeos committed Jul 25, 2018
1 parent 7110d87 commit 46cd782
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pkgs/os-specific/linux/fuse/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ in {
};

fuse_3 = mkFuse {
version = "3.2.4";
sha256Hash = "1ybgd4s7naiyvaris7j6fzp604cgi5mgrn715x8l4kn5k9d840im";
version = "3.2.5";
sha256Hash = "0ibf2isbkm8p1gfaqpqblwsg0lm4s1rmcipv1qcg0wc4wwsbnqpx";
};
}

0 comments on commit 46cd782

Please sign in to comment.