diff options
| author | Miklos Szeredi <miklos@szeredi.hu> | 2005-06-02 09:05:00 +0000 |
|---|---|---|
| committer | Miklos Szeredi <miklos@szeredi.hu> | 2005-06-02 09:05:00 +0000 |
| commit | 46960cebc16c926ab025bbbc62a682dd826ad404 (patch) | |
| tree | 18bf08bae42ebbcd9d651457e53b0b5cf316028f /ChangeLog | |
| parent | 33be22dbfbf4a6b0ddfb9aad80c0bbb43b17fc37 (diff) | |
| download | libfuse-46960cebc16c926ab025bbbc62a682dd826ad404.tar.gz | |
security fix
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -1,3 +1,11 @@ +2005-06-02 Miklos Szeredi <miklos@szeredi.hu> + + * Fix serious information leak: if the filesystem returns a short + byte count to a read request, and there are non-zero number of + pages which are not filled at all, these pages will not be zeroed. + Hence the user can read out previous memory contents. Found by + Sven Tantau. + 2005-05-27 Miklos Szeredi <miklos@szeredi.hu> * Add "readdir_ino" mount option, which tries to fill in the d_ino |