diff options
| author |  Nikolaus Rath <Nikolaus@rath.org> | 2018-07-24 07:45:33 +0100 |
|---|---|---|
| committer | Nikolaus Rath <Nikolaus@rath.org> | 2018-07-24 07:45:33 +0100 |
| commit | 932f4190e2b65419cef9960e27a7f94fcab9c816 (patch) | |
| tree | dc7cda040693677e45e9836803d4e49c909591ca /ChangeLog.rst | |
| parent | 237147e6e09bec52145e9a25a46aff36ac4459da (diff) | |
Released 3.2.5
Diffstat (limited to 'ChangeLog.rst')
| -rw-r--r-- | ChangeLog.rst | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ChangeLog.rst b/ChangeLog.rst index 10ab5ad..f5d24ca 100644 --- a/ChangeLog.rst +++ b/ChangeLog.rst @@ -1,6 +1,11 @@ -Unreleased Changes -================== +libfuse 3.2.5 (2018-07-24) +========================== +* SECURITY UPDATE: In previous versions of libfuse it was possible to + for unprivileged users to specify the `allow_other` option even when + this was forbidden in `/etc/fuse.conf`. The vulnerability is + present only on systems where SELinux is active (including in + permissive mode). * The fusermount binary has been hardened in several ways to reduce potential attack surface. Most importantly, mountpoints and mount options must now match a hard-coded whitelist. It is expected that |