On Sunday, August 5, 2018, 8:05:45 PM GMT+8, Pascal Hambourg <pascal@plouf.fr.eu.org> wrote:
Please don't top post, it makes it harder to read and reply.
Le 05/08/2018 à 13:52, Long Wind a écrit :
fuse:
Installed: 2.9.7-1
Candidate: 2.9.7-1
Version table:
*** 2.9.7-1 500
500 http://ftp.se.debian.org/debian stretch/main i386 Packages
100 /var/lib/dpkg/status
libfuse2:
Installed: 2.9.7-1
Candidate: 2.9.7-1
Version table:
*** 2.9.7-1 500
500 http://ftp.se.debian.org/debian stretch/main i386 Packages
100 /var/lib/dpkg/status
As expected, you actually downgraded fuse to the version affected by the
vulnerability exposed in DSA-4257-1.
The reason is probably that there is no more security mirror declared in
your sources.list. Otherwise apt-cache would show the versions available
on this mirror. So you do not get security updates any more.