diff --git a/Cargo.lock b/Cargo.lock
index d724799885e..bf0be297c64 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1187,9 +1187,9 @@ dependencies = [
 
 [[package]]
 name = "fuser"
-version = "0.15.0"
+version = "0.15.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e469ac6d2cdfaeb56c5ede4dc00d8a24a4267d5eab9ab365ee783179087ab2e3"
+checksum = "53274f494609e77794b627b1a3cddfe45d675a6b2e9ba9c0fdc8d8eee2184369"
 dependencies = [
  "libc",
  "log",
@@ -3602,9 +3602,9 @@ dependencies = [
 
 [[package]]
 name = "ruzstd"
-version = "0.7.2"
+version = "0.7.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "99c3938e133aac070997ddc684d4b393777d293ba170f2988c8fd5ea2ad4ce21"
+checksum = "fad02996bfc73da3e301efe90b1837be9ed8f4a462b6ed410aa35d00381de89f"
 dependencies = [
  "twox-hash",
 ]
diff --git a/Cargo.toml b/Cargo.toml
index 68261b94245..37d565f3907 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -133,7 +133,7 @@ eventsource-stream = { version = "0.2.3", default-features = false }
 flate2 = { version = "1.0.34", features = ["rust_backend"], default-features = false }
 flume = { version = "0.11.1", default-features = false }
 fnmatch-regex = { version = "0.2.1", default-features = false }
-fuser = { version = "0.15.0", default-features = false }
+fuser = { version = "0.15.1", default-features = false }
 futures = { version = "0.3.31", default-features = false }
 generic-array = { version = "0.14.7", default-features = false }
 getrandom = { package = "getrandom", version = "0.2.15", default-features = false }
@@ -177,7 +177,7 @@ rpassword = { version = "7.3.1", default-features = false }
 rsa = { version = "0.8.2", default-features = false }
 rstest = { version = "0.18.2", default-features = false }
 rstest_reuse = { version = "0.6.0", default-features = false }
-ruzstd = { version = "0.7.2", default-features = true }
+ruzstd = { version = "0.7.3", default-features = true }
 sentry = { version = "0.34.0", default-features = false }
 sentry-log = { version = "0.34.0", default-features = false }
 serde = { version = "1.0.214", default-features = false }
diff --git a/deny.toml b/deny.toml
index a3bc7d6d870..d4802389829 100644
--- a/deny.toml
+++ b/deny.toml
@@ -93,6 +93,14 @@ We are not affected since sqlx is used on the client side to store the files' da
 Before being stored in SQLite, that data is splitted into chunk and encoded, so we are below the overflow limit of 4GB.
 """
 
+[[advisories.ignore]]
+id = "RUSTSEC-2024-0398"
+reason = """
+We do not distribute the same secret 500-1500 times.
+
+https://github.com/Scille/parsec-cloud/issues/8990
+"""
+
 # If this is true, then cargo deny will use the git executable to fetch advisory database.
 # If this is false, then it uses a built-in git library.
 # Setting this to true can be helpful if you have special authentication requirements that cargo-deny does not support.
diff --git a/libparsec/crates/platform_mountpoint/src/unix/filesystem.rs b/libparsec/crates/platform_mountpoint/src/unix/filesystem.rs
index ff4bc626d87..afb49088d3f 100644
--- a/libparsec/crates/platform_mountpoint/src/unix/filesystem.rs
+++ b/libparsec/crates/platform_mountpoint/src/unix/filesystem.rs
@@ -444,20 +444,11 @@ impl fuser::Filesystem for Filesystem {
             .get_path_or_panic(ino);
         let ops = self.ops.clone();
         self.tokio_handle.spawn(async move {
-            match ops.stat_entry(&path).await {
-                Ok(stat) => reply
-                    .manual()
-                    .attr(&TTL, &entry_stat_to_file_attr(stat, ino, uid, gid)),
-                Err(err) => match err {
-                    WorkspaceStatEntryError::EntryNotFound => reply.manual().error(libc::ENOENT),
-                    WorkspaceStatEntryError::Offline => reply.manual().error(libc::EHOSTUNREACH),
-                    WorkspaceStatEntryError::NoRealmAccess => reply.manual().error(libc::EPERM),
-                    WorkspaceStatEntryError::Stopped
-                    | WorkspaceStatEntryError::InvalidKeysBundle(_)
-                    | WorkspaceStatEntryError::InvalidCertificate(_)
-                    | WorkspaceStatEntryError::InvalidManifest(_)
-                    | WorkspaceStatEntryError::Internal(_) => reply.manual().error(libc::EIO),
-                },
+            let res = getattr_from_path(&ops, path, ino, uid, gid).await;
+
+            match res {
+                Ok(stat) => reply.manual().attr(&TTL, &stat),
+                Err(errno) => reply.manual().error(errno),
             }
         });
     }
@@ -1033,6 +1024,7 @@ impl fuser::Filesystem for Filesystem {
 
                 return;
             } else {
+                // FIXME: Currently I'm only returning the file attributes without truncating the file
                 // Truncate file by path
 
                 let path = {
@@ -1121,7 +1113,26 @@ impl fuser::Filesystem for Filesystem {
 
         // TODO: support atime/utime change ?
 
-        reply.manual().error(libc::ENOSYS);
+        // Nothing to set, just return the file attr
+        // Seems benign but it's important for `setattr` to return the file attributes even if
+        // nothing changed.
+        // Previously we where returning an error and that caused the issues #8976 and #8991
+
+        let path = {
+            let inodes_guard = self.inodes.lock().expect("Mutex is poisoned");
+            inodes_guard.get_path_or_panic(ino)
+        };
+
+        let ops = self.ops.clone();
+
+        self.tokio_handle.spawn(async move {
+            let res = getattr_from_path(&ops, path, ino, uid, gid).await;
+
+            match res {
+                Ok(attr) => reply.manual().attr(&TTL, &attr),
+                Err(errno) => reply.manual().error(errno),
+            }
+        });
     }
 
     fn read(
@@ -1636,3 +1647,31 @@ impl fuser::Filesystem for Filesystem {
     // TODO: Fuser exposes a `copy_file_range` method for FUSE >= 7.28. This
     //       would speed up file copy a lot by reusing the same blocks !
 }
+
+async fn getattr_from_path(
+    ops: &WorkspaceOps,
+    path: FsPath,
+    ino: u64,
+    uid: u32,
+    gid: u32,
+) -> Result<fuser::FileAttr, i32> {
+    match ops
+        .stat_entry(&path)
+        .await
+        .map(|stat| entry_stat_to_file_attr(stat, ino, uid, gid))
+        .inspect(|stat| log::trace!("File stat for {ino}: {stat:?}"))
+        .inspect_err(|e| log::trace!("File stat for {ino} result in error: {e:?}"))
+    {
+        Ok(stat) => Ok(stat),
+        Err(err) => match err {
+            WorkspaceStatEntryError::EntryNotFound => Err(libc::ENOENT),
+            WorkspaceStatEntryError::Offline => Err(libc::EHOSTUNREACH),
+            WorkspaceStatEntryError::NoRealmAccess => Err(libc::EPERM),
+            WorkspaceStatEntryError::Stopped
+            | WorkspaceStatEntryError::InvalidKeysBundle(_)
+            | WorkspaceStatEntryError::InvalidCertificate(_)
+            | WorkspaceStatEntryError::InvalidManifest(_)
+            | WorkspaceStatEntryError::Internal(_) => Err(libc::EIO),
+        },
+    }
+}
diff --git a/newsfragments/8976.bugfix.rst b/newsfragments/8976.bugfix.rst
new file mode 100644
index 00000000000..70e8915054b
--- /dev/null
+++ b/newsfragments/8976.bugfix.rst
@@ -0,0 +1 @@
+Fix an issue when creating a new file from the mountpoint on macOS
diff --git a/newsfragments/8991.bugfix.rst b/newsfragments/8991.bugfix.rst
new file mode 100644
index 00000000000..6d6ecdd3a00
--- /dev/null
+++ b/newsfragments/8991.bugfix.rst
@@ -0,0 +1 @@
+Fix an issue when modifying a file using TextEdit on macOS
diff --git a/newsfragments/9173.bugfix.rst b/newsfragments/9173.bugfix.rst
new file mode 100644
index 00000000000..0ed15f803b8
--- /dev/null
+++ b/newsfragments/9173.bugfix.rst
@@ -0,0 +1 @@
+Fix a panic when copying a file using the mountpoint on macOS