-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 02 Jun 2026 13:13:13 +0200 Source: sshfs-fuse Architecture: source Version: 3.7.3-1.2~deb12u1 Distribution: bookworm Urgency: high Maintainer: Bartosz Fenski <fenio@debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 1138293 Changes: sshfs-fuse (3.7.3-1.2~deb12u1) bookworm; urgency=medium . * Non-maintainer upload. * Rebuild for bookworm . sshfs-fuse (3.7.3-1.2) unstable; urgency=high . * Non-maintainer upload. * add contain_symlinks option to prevent symlink escape attacks (CVE-2026-47187) (Closes: #1138293) * reject hostname option injection via bracketed mount source (CVE-2026-48711) (Closes: #1138293) Checksums-Sha1: 553b3077fe17b508299a8c3b9e7b1bc5f927a198 2173 sshfs-fuse_3.7.3-1.2~deb12u1.dsc f9356afd30525b95667b126e4dcce7cb3f51ab40 11932 sshfs-fuse_3.7.3-1.2~deb12u1.debian.tar.xz 7f568c90e8cfd90989ce2bcf9683f7c44be67d07 6774 sshfs-fuse_3.7.3-1.2~deb12u1_source.buildinfo Checksums-Sha256: 40f54667f7b84bb61b2c298eadaab41aecbb3c7ff8a974768d359ab8fe2fc7e0 2173 sshfs-fuse_3.7.3-1.2~deb12u1.dsc 097f7c43a1c36786307a09bee098552fecb736cdb09fa4b0ed40de8f227d15fc 11932 sshfs-fuse_3.7.3-1.2~deb12u1.debian.tar.xz 343e0b2b3d89d71b6322767bf7e9366c56ddeb958071b33118c5fd893cca22b8 6774 sshfs-fuse_3.7.3-1.2~deb12u1_source.buildinfo Files: cc2d8e5228119f7a01d715dda6445ce1 2173 utils optional sshfs-fuse_3.7.3-1.2~deb12u1.dsc 1e228a2886618b97042834b7a1bed5fe 11932 utils optional sshfs-fuse_3.7.3-1.2~deb12u1.debian.tar.xz baa9966dd436628276ab3e9a4540e915 6774 utils optional sshfs-fuse_3.7.3-1.2~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmoe+WdfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EE5AP/Ax78AYD+BaBe3BfnyAnToCpePVUC07w fxIpBSsBeg4Vybjcxz9YmNaBicbx+0nEOqs529LUxW5SQaiILC9KEtAzHPTr1aBw xCndaCNLMTSXkgpxDvozNuj0gwB+hzs0zrfNnkgbwo1qFBieNNoOUudnV8UiaK4e +hf1NkbHcb3NN4XmvSo77ee0G6YrtNaBuzFUNERqlBUg2S0XXTvBgbPkar7bJYjG xezeEFOYhZy0WmgVEVJwxUOhlz1oPU2AF1lwTbU38agKtONqcXUPWKIvEy5qusUd vSBhea2rU+EoV1TXF3rpBbLF6w83ICrLia25PQMjXHmETT9KbgTMCcaywoVnuxyb NA8T9UJhD/SSjvDZBFogkmUYOWZKcxcydl6HrJfaA77AvXA9k4rQGqwnOC32dV75 /yaCJxNrF6oRMfdPm1QLXGrz52VRmEEFIE+dIC33BotTTf8jCMpEB3ILKeyY9nPG S9V4bFGE1EnOih5kufyM3RxnOV9VWHTdJwCFq4vx58bN+dh36bnRoZHBov+n7qm/ yLC6BCXWRTEqJxboRnPuDPqZs9YOLeyrYDr8C+yaWu6piyGRe3+JmVTyrTy92xYz PP3pBJudbR+yl3vaYZzwdHFov5jkiaorhMKPicd4GJ1WTCcS8muhH88mGxO0TZVp ZT0C/hBt349R =b6wA -----END PGP SIGNATURE-----
