diff options
Diffstat (limited to 'ChangeLog.rst')
-rw-r--r-- | ChangeLog.rst | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ChangeLog.rst b/ChangeLog.rst index 10ab5ad..f5d24ca 100644 --- a/ChangeLog.rst +++ b/ChangeLog.rst @@ -1,6 +1,11 @@ -Unreleased Changes -================== +libfuse 3.2.5 (2018-07-24) +========================== +* SECURITY UPDATE: In previous versions of libfuse it was possible to + for unprivileged users to specify the `allow_other` option even when + this was forbidden in `/etc/fuse.conf`. The vulnerability is + present only on systems where SELinux is active (including in + permissive mode). * The fusermount binary has been hardened in several ways to reduce potential attack surface. Most importantly, mountpoints and mount options must now match a hard-coded whitelist. It is expected that |