Ubuntu Security Notice 2617-3 - USN-2617-1 fixed a vulnerability in NTFS-3G. The original patch did not completely address the issue. This update fixes the problem. Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges. Various other issues were also addressed.
1255484ff9f93c5661a0fef4337e1736459756ca49856dd5213dffa7c723fe5d