aboutsummaryrefslogtreecommitdiffstats
path: root/meta-xfce
diff options
context:
space:
mode:
authorTudor Florea <tudor.florea@enea.com>2015-07-16 16:06:33 +0200
committerMartin Jansa <Martin.Jansa@gmail.com>2015-10-26 21:43:08 +0100
commit6a591c93679a3c73aba232e3f52a46e7c0e03e6a (patch)
treeb9be7c005ceb9e89bce4f955fbd5aec38ce9fb6a /meta-xfce
parentdd407add556dcee973477c4544ff1e165f21310f (diff)
downloadmeta-openembedded-contrib-6a591c93679a3c73aba232e3f52a46e7c0e03e6a.tar.gz
fuse: fix for CVE-2015-3202 Privilege Escalation
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before invoking (1) mount or (2) umount as root, which allows local users to write to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is used by mount's debugging feature. References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3202 http://www.openwall.com/lists/oss-security/2015/05/21/9 Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-xfce')
0 files changed, 0 insertions, 0 deletions