[Secure-testing-team] Security update for fuse
Bartosz Fenski aka fEnIo
fenio at debian.org
Sat Jun 4 12:11:24 UTC 2005
On Sat, Jun 04, 2005 at 12:26:15PM +0100, Roger Leigh wrote:
> >> There's a serious vulnerability in fuse; see bug #311634.
> >> This does not yet have a CVE ref, but I found
> >> http://secunia.com/advisories/15561/
> >>
> >> I've prepared updates for both sid and sarge:
> >> http://people.debian.org/~rleigh/fuse/sarge-security/
> >>
> >> Due to the release being so close, I haven't uploaded either of these.
> >> I'm not a security expert, so thought you might be better reviewing
> >> them first, in case I've missed something.
> >
> > FWIW, the patch is identical to the one posted to linux-kernel by
> > Miklos Szeredi, the official fuse kernel maintainer, so it seems
> > safe.
>
> Thanks. Just to double check, which distribution do I put in the
> changelog, and which upload queue do I use? aba said to use
> sarge-security, but elsewhere I read to use testing-security, so I'd
> just like to be 100% sure.
I also have prepared fixed packages and I also not sure where to upload
them. I wrote to security team two days ago about it and I haven't received
any answer yet.
regards
fEnIo
--
,''`. Bartosz Fenski | mailto:fenio at debian.org | pgp:0x13fefc40 | irc:fEnIo
: :' : 32-050 Skawina - Glowackiego 3/15 - w. malopolskie - Poland
`. `' phone:+48602383548 | proud Debian maintainer and user
`- http://skawina.eu.org | jid:fenio at jabber.org | rlu:172001
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050604/41a3bf1b/attachment.pgp
More information about the Secure-testing-team
mailing list