ecryptfs-utils 83-0ubuntu3.2.10.10.1 source package in Ubuntu

Changelog

ecryptfs-utils (83-0ubuntu3.2.10.10.1) maverick-security; urgency=low

  * SECURITY UPDATE: privilege escalation via mountpoint race conditions
    (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: chdir into mountpoint before
      checking permissions. Patch thanks to Dan Rosenberg.
    - CVE-2011-1831
    - CVE-2011-1832
  * SECURITY UPDATE: race condition when checking source during mount
    (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: use new ecryptfs_check_dev_ruid
      kernel option when mounting directory.
    - CVE-2011-1833
  * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: modify mtab via a temp file first
      and make sure it succeeds before replacing the real mtab. Patch
      thanks to Dan Rosenberg.
    - CVE-2011-1834
  * SECURITY UPDATE: key poisoning via insecure temp directory handling
    (LP: #732628)
    - src/utils/ecryptfs-setup-private: make sure we don't copy into a
      user controlled directory.
    - CVE-2011-1835
  * SECURITY UPDATE: arbitrary file overwrite via lock counter race
    condition (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: verify permissions with a file
      descriptor, and don't follow symlinks.
    - CVE-2011-1837
 -- Marc Deslauriers <email address hidden>   Thu, 04 Aug 2011 10:41:53 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2011-08-08
Uploaded to:
Maverick
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ecryptfs-utils_83.orig.tar.gz 535.4 KiB ede721fa2dba9cb3dadf89e5a21c555be35fa031abd841073fcc6f92e3b29dee
ecryptfs-utils_83-0ubuntu3.2.10.10.1.diff.gz 18.9 KiB 313d935840cedd2d7f3d5cbf7868d09aa5f684f1f8c17dc94a736d78cd42d966
ecryptfs-utils_83-0ubuntu3.2.10.10.1.dsc 2.2 KiB caa684dd89c95ae3f38f6214a94b595a2618c7e8c989bb88f421e4d825c63b00

View changes file

Binary packages built by this source

ecryptfs-utils: No summary available for ecryptfs-utils in ubuntu maverick.

No description available for ecryptfs-utils in ubuntu maverick.

libecryptfs-dev: No summary available for libecryptfs-dev in ubuntu maverick.

No description available for libecryptfs-dev in ubuntu maverick.

libecryptfs0: No summary available for libecryptfs0 in ubuntu maverick.

No description available for libecryptfs0 in ubuntu maverick.