Mailinglist Archive: opensuse-updates (64 mails)
| < Previous | Next > |
openSUSE-SU-2015:1003-1: moderate: Security update for fuse
- From: opensuse-security@xxxxxxxxxxxx
- Date: Fri, 5 Jun 2015 12:05:01 +0200 (CEST)
- Message-id: <20150605100501.099E132067@maintenance.suse.de>
openSUSE Security Update: Security update for fuse
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:1003-1
Rating: moderate
References: #931452
Cross-References: CVE-2015-3202
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
* Update to version 2.9.4
- fix exec environment for mount and umount (bsc#931452, CVE-2015-3202)
- properly restore the default signal handler
- fix directory file handle passed to ioctl() method.
- fix for uids/gids larger than 2147483647
- initialize stat buffer passed to getattr() and fgetattr()
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-401=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1 (i586 x86_64):
fuse-2.9.4-2.3.1
fuse-debuginfo-2.9.4-2.3.1
fuse-debugsource-2.9.4-2.3.1
fuse-devel-2.9.4-2.3.1
fuse-devel-static-2.9.4-2.3.1
libfuse2-2.9.4-2.3.1
libfuse2-debuginfo-2.9.4-2.3.1
libulockmgr1-2.9.4-2.3.1
libulockmgr1-debuginfo-2.9.4-2.3.1
- openSUSE 13.1 (x86_64):
libfuse2-32bit-2.9.4-2.3.1
libfuse2-debuginfo-32bit-2.9.4-2.3.1
References:
https://www.suse.com/security/cve/CVE-2015-3202.html
https://bugzilla.suse.com/931452
______________________________________________________________________________
Announcement ID: openSUSE-SU-2015:1003-1
Rating: moderate
References: #931452
Cross-References: CVE-2015-3202
Affected Products:
openSUSE 13.1
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
* Update to version 2.9.4
- fix exec environment for mount and umount (bsc#931452, CVE-2015-3202)
- properly restore the default signal handler
- fix directory file handle passed to ioctl() method.
- fix for uids/gids larger than 2147483647
- initialize stat buffer passed to getattr() and fgetattr()
Patch Instructions:
To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- openSUSE 13.1:
zypper in -t patch openSUSE-2015-401=1
To bring your system up-to-date, use "zypper patch".
Package List:
- openSUSE 13.1 (i586 x86_64):
fuse-2.9.4-2.3.1
fuse-debuginfo-2.9.4-2.3.1
fuse-debugsource-2.9.4-2.3.1
fuse-devel-2.9.4-2.3.1
fuse-devel-static-2.9.4-2.3.1
libfuse2-2.9.4-2.3.1
libfuse2-debuginfo-2.9.4-2.3.1
libulockmgr1-2.9.4-2.3.1
libulockmgr1-debuginfo-2.9.4-2.3.1
- openSUSE 13.1 (x86_64):
libfuse2-32bit-2.9.4-2.3.1
libfuse2-debuginfo-32bit-2.9.4-2.3.1
References:
https://www.suse.com/security/cve/CVE-2015-3202.html
https://bugzilla.suse.com/931452
| < Previous | Next > |