David Watson discovered a bug in mount as provided by util-linux and
other packages such as loop-aes-utils that allows local users to
bypass filesystem access restrictions by re-mounting it read-only.
The old stable distribution (woody) does not contain loop-aes-utils
packages.
For the stable distribution (sarge) this problem has been fixed in
version 2.12p-4sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 2.12p-9.
We recommend that you upgrade your loop-aes-utils package.
CPE | Name | Operator | Version |
---|---|---|---|
loop-aes-utils | eq | 2.12p-4 |