MirrorHub/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-17 07:13:23 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

fuse: 2.9.7 -> 2.9.8 (security, CVE-2018-10906)

Browse source 
Upstream changelog:
- SECURITY UPDATE: In previous versions of libfuse it was possible to
  for unprivileged users to specify the allow_other option even when
  this was forbidden in /etc/fuse.conf. The vulnerability is present
  only on systems where SELinux is active (including in permissive
  mode).
- libfuse no longer segfaults when fuse_interrupted() is called outside
  the event loop.
- The fusermount binary has been hardened in several ways to reduce
  potential attack surface. Most importantly, mountpoints and mount
  options must now match a hard-coded whitelist. It is expected that
  this whitelist covers all regular use-cases.
- Fixed rename deadlock on FreeBSD.
This commit is contained in:
Michael Weiss 2018-07-25 23:48:13 +02:00
parent 46cd782b43
commit ec1082c58f
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
pkgs/os-specific/linux/fuse/default.nix
View file

@ -6,8 +6,8 @@ let
}; };
in { in {
fuse_2 = mkFuse { fuse_2 = mkFuse {
version = "2.9.7"; version = "2.9.8";
sha256Hash = "1wyjjfb7p4jrkk15zryzv33096a5fmsdyr2p4b00dd819wnly2n2"; sha256Hash = "0s04ln4k9zvvbjih8ybaa19fxg8xv7dcsz2yrlbk35psnf3l67af";
}; };
fuse_3 = mkFuse { fuse_3 = mkFuse {