lp:ubuntu/maverick-security/fuse
- Get this branch:
- bzr branch lp:ubuntu/maverick-security/fuse
Branch merges
Branch information
Recent revisions
- 44. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary unprivileged unmount
- debian/patches/ 005-CVE- 2011-0541. dpatch: don't follow symlinks when
unmounting in case of a failed mtab update in util/fusermount.c.
- debian/patches/ 006-CVE- 2011-0542. dpatch: chdir to / before performing
mount/umount in util/fusermount.c.
- debian/patches/ 007-CVE- 2011-0543. dpatch: remove legacy util-linux
support so symlinks don't get followed upon fallback in
lib/mount_util. c, util/fusermount.c. Remove unneeded
--disable-legacy- umount option in configure.in.
- debian/rules: remove dh_autoreconf and obsolete
--disable-legacy- umount configure option.
- debian/control: Remove dh-autoreconf from Build-Depends.
- CVE-2011-0541
- CVE-2011-0542
- CVE-2011-0543
* Removed unused 003-CVE-2009-3297. dpatch patch. - 43. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary unprivileged unmount (LP: #670622)
- debian/patches/ 004-CVE- 2010-3879. dpatch:
- debian/control: make libfuse2 depend on version of mount that
contains backported --fake support. Add dh-autoreconf to Build-Depends.
- debian/rules: add dh_autoreconf and build with --disable-legacy- umount.
- CVE-2010-3879 - 42. By Colin Watson
-
* Resynchronise with Debian (fixing hang with auditd, LP: #634554).
Remaining changes:
- debian/control: Add Breaks to ensure right version of udev is used.
- Use udev rules instead of init script:
+ Add debian/45-fuse. rules: Put /dev/fuse into group fuse.
+ debian/fuse-utils. postinst: Try to load the fuse module only if it's
still a module, remove it from /etc/modules/ anyway.
+ debian/rules, debian/fuse-utils. install: Don't install the init
script; install the udev rule.
- initramfs support, for booting from ntfs-3g in wubi:
+ debian/fuse-utils. initramfs- hook: Copy /sbin/mount.fuse and the fuse
kernel module into the initramfs. Use manual_add_modules not
force_load; fuse will be loaded automatically if necessary (it's a
built-in in Ubuntu anyway)
+ debian/rules: Install above file into fuse-utils.
+ debian/fuse-utils. postinst: Call update-initramfs.
+ (Forwarded to Debian #505691)
- Create libfuse2-udeb and fuse-utils-udeb. (Forwarded to Debian #505697)
- debian/fuse-utils. install: Install ulockmgr_server.
- debian/{rules, libfuse2. install, fuse-utils. lintian} : Move fusermount and
ulockmgr_server to /bin and associated libraries to /lib. This allows
mounting ntfs filesystems in /etc/fstab. (Debian #452412)
- debian/{rules, fuse-utils. postinst} : Install fusermount with 4755
permissions (remaining change from "Dynamic foreground user access").
- debian/fuse-utils. postinst:
+ Don't fail if udev is running and /dev/fuse does not exist.
(Forwarded to Debian #505685)
- debian/fuse-utils. preinst:
+ Remove the module configuration file on upgrade if unmodified.
+ Remove old rules file if unchanged
* Re-enable 000-Build_system_ do_not_ install_ init_script patch. - 41. By Kees Cook
-
* SECURITY UPDATE: local attacker can trick fuse into unmounting a
filesystem from the wrong location.
- debian/patches/ 200-fix_ mount_symlink_ handling: upstream
fixes.
- CVE-2009-3297 - 40. By Michael Bienia
-
* Merge with Debian testing (lp: #506958). Remaining changes:
- debian/control: Add Breaks to ensure right version of udev is used.
- Use udev rules instead of init script:
+ Add debian/45-fuse. rules: Put /dev/fuse into group fuse.
+ debian/fuse-utils. postinst: Try to load the fuse module only if it's
still a module, remove it from /etc/modules/ anyway.
+ debian/rules, debian/fuse-utils. install: Don't install the init
script; install the udev rule.
- initramfs support, for booting from ntfs-3g in wubi:
+ debian/fuse-utils. initramfs- hook: Copy /sbin/mount.fuse and the fuse
kernel module into the initramfs. Use manual_add_modules not
force_load; fuse will be loaded automatically if necessary (it's a
built-in in Ubuntu anyway)
+ debian/rules: Install above file into fuse-utils.
+ debian/fuse-utils. postinst: Call update-initramfs.
+ (Forwarded to Debian #505691)
- Create libfuse2-udeb and fuse-utils-udeb. (Forwarded to Debian #505697)
- debian/fuse-utils. install: Install ulockmgr_server.
- debian/{rules, libfuse2. install, fuse-utils. lintian} : Move fusermount and
ulockmgr_server to /bin and associated libraries to /lib. This allows
mounting ntfs filesystems in /etc/fstab. (Debian #452412)
- debian/{rules, fuse-utils. postinst} : Install fusermount with 4755
permissions (remaining change from "Dynamic foreground user access").
- debian/fuse-utils. postinst:
+ Don't fail if udev is running and /dev/fuse does not exist.
(Forwarded to Debian #505685)
- debian/fuse-utils. preinst:
+ Remove the module configuration file on upgrade if unmodified.
+ Remove old rules file if unchanged - 39. By Scott James Remnant (Canonical)
-
* debian/
fuse-utils. initramfs- hook:
- use manual_add_modules not force_load; fuse will be loaded automatically
if necessary (it's a built-in in Ubuntu anyway) - 38. By Michael Vogt
-
* debian/
fuse-utils. postinst:
- do not fail if udev can not be reloaded (LP: #444979) - 37. By Scott James Remnant (Canonical)
-
* debian/
fuse-utils. modprobe: Drop, we'll build this module into the kernel
and do this with the other kernel filesystems
* debian/fuse-utils. preinst: Remove on upgrade if unmodified
* debian/rules: Update
* debian/fuse-utils. install: Update
* debian/fuse-utils- udeb.install: Update
* debian/fuse-utils. postinst: Only try to load if it's still a module,
remove from /etc/modules anyway - 35. By Scott James Remnant (Canonical)
-
* debian/rules: Install udev rules into /lib/udev/rules.d
* debian/fuse-utils. install: Update path
* debian/fuse-utils. preinst: Remove old rules file if unchanged.
* debian/control: Add Breaks to ensure right version of udev is used.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/fuse