diff -Nru fuse-2.9.2/debian/changelog fuse-2.9.2/debian/changelog
--- fuse-2.9.2/debian/changelog	2013-12-16 11:11:41.000000000 +0000
+++ fuse-2.9.2/debian/changelog	2015-05-15 12:39:54.000000000 +0000
@@ -1,3 +1,12 @@
+fuse (2.9.2-4ubuntu4.15.04.1) vivid-security; urgency=medium
+
+  * SECURITY UPDATE: privilege escalation via insecure environment
+    - debian/patches/CVE-2015-3202.patch: use execle to run external
+      helpers in lib/mount_util.c, util/mount_util.c.
+    - CVE-2015-3202
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 15 May 2015 08:34:26 -0400
+
 fuse (2.9.2-4ubuntu4) trusty; urgency=low
 
   * Convert to dh-autoreconf in order to update libtool.m4 for new ports.
diff -Nru fuse-2.9.2/debian/patches/CVE-2015-3202.patch fuse-2.9.2/debian/patches/CVE-2015-3202.patch
--- fuse-2.9.2/debian/patches/CVE-2015-3202.patch	1970-01-01 00:00:00.000000000 +0000
+++ fuse-2.9.2/debian/patches/CVE-2015-3202.patch	2015-05-15 12:37:21.000000000 +0000
@@ -0,0 +1,111 @@
+Description: fix privilege escalation via insecure environment
+Author: Miklos Szeredi <miklos@szeredi.hu>
+
+Index: fuse-2.9.2/lib/mount_util.c
+===================================================================
+--- fuse-2.9.2.orig/lib/mount_util.c	2015-05-15 08:33:50.454728635 -0400
++++ fuse-2.9.2/lib/mount_util.c	2015-05-15 08:33:50.454728635 -0400
+@@ -95,10 +95,12 @@
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
+-		      "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
++		execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
++		       "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
+ 		fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
+@@ -146,10 +148,17 @@
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
+-		      lazy ? "-l" : NULL, NULL);
++		if (lazy) {
++			execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++			       "-l", NULL, &env);
++		} else {
++			execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++			       NULL, &env);
++		}
+ 		fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
+@@ -205,10 +214,12 @@
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
+-		      "--fake", mnt, NULL);
++		execle("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
++		       "--fake", mnt, NULL, &env);
+ 		fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
+Index: fuse-2.9.2/util/mount_util.c
+===================================================================
+--- fuse-2.9.2.orig/util/mount_util.c	2012-04-26 05:37:01.000000000 -0400
++++ fuse-2.9.2/util/mount_util.c	2015-05-15 08:34:10.966907262 -0400
+@@ -95,10 +95,12 @@
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
+-		      "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
++		execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
++		       "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
+ 		fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
+@@ -146,10 +148,17 @@
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
+-		      lazy ? "-l" : NULL, NULL);
++		if (lazy) {
++			execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++			       "-l", NULL, &env);
++		} else {
++			execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++			       NULL, &env);
++		}
+ 		fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
+@@ -205,10 +214,12 @@
+ 		goto out_restore;
+ 	}
+ 	if (res == 0) {
++		char *env = NULL;
++
+ 		sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ 		setuid(geteuid());
+-		execl("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
+-		      "--fake", mnt, NULL);
++		execle("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
++		       "--fake", mnt, NULL, &env);
+ 		fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ 			progname, strerror(errno));
+ 		exit(1);
diff -Nru fuse-2.9.2/debian/patches/series fuse-2.9.2/debian/patches/series
--- fuse-2.9.2/debian/patches/series	2013-10-11 07:45:37.000000000 +0000
+++ fuse-2.9.2/debian/patches/series	2015-05-15 12:33:48.000000000 +0000
@@ -2,3 +2,4 @@
 02-kfreebsd.patch
 03-examples.patch
 04-fix-arm64-int-sizes.patch
+CVE-2015-3202.patch