Ubuntu Security Notice 2617-2 - USN-2617-1 fixed a vulnerability in FUSE. This update provides the corresponding fix for the embedded FUSE copy in NTFS-3G. Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges. Various other issues were also addressed.
999753c1af436edaf4b010cca89b890cd02bd39ab54ca4d50a31b2b1039d399a