lp:ubuntu/maverick-security/fuse

Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/maverick-security/fuse
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

44. By Marc Deslauriers

* SECURITY UPDATE: arbitrary unprivileged unmount
  - debian/patches/005-CVE-2011-0541.dpatch: don't follow symlinks when
    unmounting in case of a failed mtab update in util/fusermount.c.
  - debian/patches/006-CVE-2011-0542.dpatch: chdir to / before performing
    mount/umount in util/fusermount.c.
  - debian/patches/007-CVE-2011-0543.dpatch: remove legacy util-linux
    support so symlinks don't get followed upon fallback in
    lib/mount_util.c, util/fusermount.c. Remove unneeded
    --disable-legacy-umount option in configure.in.
  - debian/rules: remove dh_autoreconf and obsolete
    --disable-legacy-umount configure option.
  - debian/control: Remove dh-autoreconf from Build-Depends.
  - CVE-2011-0541
  - CVE-2011-0542
  - CVE-2011-0543
* Removed unused 003-CVE-2009-3297.dpatch patch.

43. By Marc Deslauriers

* SECURITY UPDATE: arbitrary unprivileged unmount (LP: #670622)
  - debian/patches/004-CVE-2010-3879.dpatch:
  - debian/control: make libfuse2 depend on version of mount that
    contains backported --fake support. Add dh-autoreconf to Build-Depends.
  - debian/rules: add dh_autoreconf and build with --disable-legacy-umount.
  - CVE-2010-3879

42. By Colin Watson

* Resynchronise with Debian (fixing hang with auditd, LP: #634554).
  Remaining changes:
  - debian/control: Add Breaks to ensure right version of udev is used.
  - Use udev rules instead of init script:
    + Add debian/45-fuse.rules: Put /dev/fuse into group fuse.
    + debian/fuse-utils.postinst: Try to load the fuse module only if it's
      still a module, remove it from /etc/modules/ anyway.
    + debian/rules, debian/fuse-utils.install: Don't install the init
      script; install the udev rule.
  - initramfs support, for booting from ntfs-3g in wubi:
    + debian/fuse-utils.initramfs-hook: Copy /sbin/mount.fuse and the fuse
      kernel module into the initramfs. Use manual_add_modules not
      force_load; fuse will be loaded automatically if necessary (it's a
      built-in in Ubuntu anyway)
    + debian/rules: Install above file into fuse-utils.
    + debian/fuse-utils.postinst: Call update-initramfs.
    + (Forwarded to Debian #505691)
  - Create libfuse2-udeb and fuse-utils-udeb. (Forwarded to Debian #505697)
  - debian/fuse-utils.install: Install ulockmgr_server.
  - debian/{rules,libfuse2.install,fuse-utils.lintian}: Move fusermount and
    ulockmgr_server to /bin and associated libraries to /lib. This allows
    mounting ntfs filesystems in /etc/fstab. (Debian #452412)
  - debian/{rules,fuse-utils.postinst}: Install fusermount with 4755
    permissions (remaining change from "Dynamic foreground user access").
  - debian/fuse-utils.postinst:
    + Don't fail if udev is running and /dev/fuse does not exist.
      (Forwarded to Debian #505685)
  - debian/fuse-utils.preinst:
    + Remove the module configuration file on upgrade if unmodified.
    + Remove old rules file if unchanged
* Re-enable 000-Build_system_do_not_install_init_script patch.

41. By Kees Cook

* SECURITY UPDATE: local attacker can trick fuse into unmounting a
  filesystem from the wrong location.
  - debian/patches/200-fix_mount_symlink_handling: upstream
    fixes.
  - CVE-2009-3297

40. By Michael Bienia

* Merge with Debian testing (lp: #506958). Remaining changes:
  - debian/control: Add Breaks to ensure right version of udev is used.
  - Use udev rules instead of init script:
    + Add debian/45-fuse.rules: Put /dev/fuse into group fuse.
    + debian/fuse-utils.postinst: Try to load the fuse module only if it's
      still a module, remove it from /etc/modules/ anyway.
    + debian/rules, debian/fuse-utils.install: Don't install the init
      script; install the udev rule.
  - initramfs support, for booting from ntfs-3g in wubi:
    + debian/fuse-utils.initramfs-hook: Copy /sbin/mount.fuse and the fuse
      kernel module into the initramfs. Use manual_add_modules not
      force_load; fuse will be loaded automatically if necessary (it's a
      built-in in Ubuntu anyway)
    + debian/rules: Install above file into fuse-utils.
    + debian/fuse-utils.postinst: Call update-initramfs.
    + (Forwarded to Debian #505691)
  - Create libfuse2-udeb and fuse-utils-udeb. (Forwarded to Debian #505697)
  - debian/fuse-utils.install: Install ulockmgr_server.
  - debian/{rules,libfuse2.install,fuse-utils.lintian}: Move fusermount and
    ulockmgr_server to /bin and associated libraries to /lib. This allows
    mounting ntfs filesystems in /etc/fstab. (Debian #452412)
  - debian/{rules,fuse-utils.postinst}: Install fusermount with 4755
    permissions (remaining change from "Dynamic foreground user access").
  - debian/fuse-utils.postinst:
    + Don't fail if udev is running and /dev/fuse does not exist.
      (Forwarded to Debian #505685)
  - debian/fuse-utils.preinst:
    + Remove the module configuration file on upgrade if unmodified.
    + Remove old rules file if unchanged

39. By Scott James Remnant (Canonical)

* debian/fuse-utils.initramfs-hook:
  - use manual_add_modules not force_load; fuse will be loaded automatically
    if necessary (it's a built-in in Ubuntu anyway)

38. By Michael Vogt

* debian/fuse-utils.postinst:
  - do not fail if udev can not be reloaded (LP: #444979)

37. By Scott James Remnant (Canonical)

* debian/fuse-utils.modprobe: Drop, we'll build this module into the kernel
  and do this with the other kernel filesystems
* debian/fuse-utils.preinst: Remove on upgrade if unmodified
* debian/rules: Update
* debian/fuse-utils.install: Update
* debian/fuse-utils-udeb.install: Update
* debian/fuse-utils.postinst: Only try to load if it's still a module,
  remove from /etc/modules anyway

36. By Oliver Grawert

drop makedev from dependencies, we never used it anyway

35. By Scott James Remnant (Canonical)

* debian/rules: Install udev rules into /lib/udev/rules.d
* debian/fuse-utils.install: Update path
* debian/fuse-utils.preinst: Remove old rules file if unchanged.
* debian/control: Add Breaks to ensure right version of udev is used.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/natty/fuse
This branch contains Public information 
Everyone can see this information.

Subscribers