diff options
author | Michael Weiss <dev.primeos@gmail.com> | 2018-07-25 23:30:19 +0200 |
---|---|---|
committer | Michael Weiss <dev.primeos@gmail.com> | 2018-07-25 23:53:40 +0200 |
commit | 46cd782b43416969b1f11232ecf5b80e798a92a2 (patch) | |
tree | 163fc17ad9aa55f0a8e80b1f238da4fea719ab16 /pkgs | |
parent | 7110d87d51cda2ce3dc40d3a2e0ec0acf06fdbb1 (diff) | |
download | nixlib-46cd782b43416969b1f11232ecf5b80e798a92a2.tar nixlib-46cd782b43416969b1f11232ecf5b80e798a92a2.tar.gz nixlib-46cd782b43416969b1f11232ecf5b80e798a92a2.tar.bz2 nixlib-46cd782b43416969b1f11232ecf5b80e798a92a2.tar.lz nixlib-46cd782b43416969b1f11232ecf5b80e798a92a2.tar.xz nixlib-46cd782b43416969b1f11232ecf5b80e798a92a2.tar.zst nixlib-46cd782b43416969b1f11232ecf5b80e798a92a2.zip |
fuse3: 3.2.4 -> 3.2.5 (security, CVE-2018-10906)
Upstream changelog: - SECURITY UPDATE: In previous versions of libfuse it was possible to for unprivileged users to specify the allow_other option even when this was forbidden in /etc/fuse.conf. The vulnerability is present only on systems where SELinux is active (including in permissive mode). - The fusermount binary has been hardened in several ways to reduce potential attack surface. Most importantly, mountpoints and mount options must now match a hard-coded whitelist. It is expected that this whitelist covers all regular use-cases. - Added a test of seekdir to test_syscalls. - Fixed readdir bug when non-zero offsets are given to filler and the filesystem client, after reading a whole directory, re-reads it from a non-zero offset e. g. by calling seekdir followed by readdir.
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/os-specific/linux/fuse/default.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/os-specific/linux/fuse/default.nix b/pkgs/os-specific/linux/fuse/default.nix index 594f966c2f42..4c750dafcf75 100644 --- a/pkgs/os-specific/linux/fuse/default.nix +++ b/pkgs/os-specific/linux/fuse/default.nix @@ -11,7 +11,7 @@ in { }; fuse_3 = mkFuse { - version = "3.2.4"; - sha256Hash = "1ybgd4s7naiyvaris7j6fzp604cgi5mgrn715x8l4kn5k9d840im"; + version = "3.2.5"; + sha256Hash = "0ibf2isbkm8p1gfaqpqblwsg0lm4s1rmcipv1qcg0wc4wwsbnqpx"; }; } |