Package: squashfs Version: 3.1r2-6 Severity: important Tags: security References: http://projects.info-pull.com/mokb/MOKB-02-11-2006.html http://sourceforge.net/mailarchive/forum.php?thread_id=31007759&forum_id=39601 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=211237
I reproduced this on a system running the latest 2.6.18/squashfs. I applied the patch in Red Hat's bugzilla, which fixed the problem (mount failed cleanly). Of course, this is only exploitable if local users have the ability to mount, so the security implications are small (thus the non-RC severity). -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
