Advisories ยป MGASA-2015-0239

Updated fuse packages fix CVE-2015-3202

Publication date: 27 May 2015
Modification date: 27 May 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-3202

Description

Updated fuse packages fix security vulnerability:

Tavis Ormandy discovered that FUSE incorrectly filtered environment variables.
A local attacker could use this issue to gain administrative privileges
(CVE-2015-3202).
                

References

SRPMS

4/core