Commit Graph

3 Commits

Author SHA1 Message Date
Jackie Huang 90eb8fa980 fuse: upgrade to 2.9.4
Changes:
 * Remove 001-fix_exec_environment_for_mount_and_umount.patch
   which has been included in the new version

 * Add sysvinit and systemd support

 * For systemd, there is not a fuse.service since systemd provides
   sys-fs-fuse-connections.mount to mount the fuse control
   filesystem, so instead, only fuse.conf is added to modules-load.d
   to load the required fuse kernel module.

 * Add RDEPENDS on util-linux-mount

 * Add a patch to fix the return value of "--help" option

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-09-23 15:39:46 +02:00
Tudor Florea 96a4d9ad7b fuse: fix for CVE-2015-3202 Privilege Escalation
fusermount in FUSE before 2.9.3-15 does not properly clear the environment before
invoking (1) mount or (2) umount as root, which allows local users to write
to arbitrary files via a crafted LIBMOUNT_MTAB environment variable that is
used by mount's debugging feature.

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3202
http://www.openwall.com/lists/oss-security/2015/05/21/9

Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2015-07-30 21:03:26 +02:00
Hongxu Jia 5972198b0f fuse: move to meta-filesystems and upgrade
- Move fuse from meta-oe to meta-filesystems
- Upgrade fuse to 2.9.3

[YOCTO #4178]

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2013-08-16 12:58:31 +02:00