Please don't top post, it makes it harder to read and reply.
Le 05/08/2018 à 13:52, Long Wind a écrit :
> fuse:
> Installed: 2.9.7-1
> Candidate: 2.9.7-1
> Version table:
> *** 2.9.7-1 500
> 500
http://ftp.se.debian.org/debian stretch/main i386 Packages
> 100 /var/lib/dpkg/status
> libfuse2:
> Installed: 2.9.7-1
> Candidate: 2.9.7-1
> Version table:
> *** 2.9.7-1 500
> 500
http://ftp.se.debian.org/debian stretch/main i386 Packages
> 100 /var/lib/dpkg/status
As expected, you actually downgraded fuse to the version affected by the
vulnerability exposed in DSA-4257-1.
The reason is probably that there is no more security mirror declared in
your sources.list. Otherwise apt-cache would show the versions available
on this mirror. So you do not get security updates any more.
> On Sunday, August 5, 2018, 7:44:31 PM GMT+8, Pascal Hambourg <
pascal@plouf.fr.eu.org> wrote:
>
> Le 0
5/08/2018 à 12:58, Long Wind a écrit :
>> apt-get remove libfuse2
>>
>> after running command above, i can install jmtpfs
>
> Weird. fuse depends on the same version of libfuse2, so if removing
> libfuse2 allowed to install fuse, it means that the version of fuse that
> you just installed does not match the version of libfuse2 that you
> removed. But it was the latest stable released version, so the version
> you have now installed may not be the latest stable version.
>
> What is the output of
>