ecryptfs-utils 87-0ubuntu1.1 source package in Ubuntu

Changelog

ecryptfs-utils (87-0ubuntu1.1) natty-security; urgency=low

  * SECURITY UPDATE: privilege escalation via mountpoint race conditions
    (LP: #732628)
    - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
      before checking permissions in src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1831
    - CVE-2011-1832
  * SECURITY UPDATE: race condition when checking source during mount
    (LP: #732628)
    - debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
      kernel option when mounting directory in
      src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1833
  * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
    - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
      file first and make sure it succeeds before replacing the real mtab
      in src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1834
  * SECURITY UPDATE: key poisoning via insecure temp directory handling
    (LP: #732628)
    - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
      user controlled directory in src/utils/ecryptfs-setup-private.
    - CVE-2011-1835
  * SECURITY UPDATE: information disclosure via recovery mount in /tmp
    (LP: #732628)
    - debian/patches/CVE-2011-1836.patch: mount inside protected
      subdirectory in src/utils/ecryptfs-recover-private.
    - CVE-2011-1836
  * SECURITY UPDATE: arbitrary file overwrite via lock counter race
    condition (LP: #732628)
    - debian/patches/CVE-2011-1837.patch: verify permissions with a file
      descriptor, and don't follow symlinks in
      src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1837
 -- Marc Deslauriers <email address hidden>   Thu, 04 Aug 2011 10:43:33 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2011-08-08
Uploaded to:
Natty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
misc
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ecryptfs-utils_87.orig.tar.gz 530.2 KiB 02952f122ae2a9c1a0fe6835575970fab4cefeb16b88e81ccaf00241c0161e7f
ecryptfs-utils_87-0ubuntu1.1.debian.tar.gz 20.6 KiB 649bfb032082bd3ffaaa6970f55241d3eff1982f5f1261b91cd0a4f8e887e6e8
ecryptfs-utils_87-0ubuntu1.1.dsc 2.1 KiB e904066d62be5e75e021bc3c478619a23b7773f24dcfca040ea873aa8f8f056f

View changes file

Binary packages built by this source

ecryptfs-utils: ecryptfs cryptographic filesystem (utilities)

 eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
 for Linux.
 .
 It provides advanced key management and policy features. eCryptfs stores
 cryptographic metadata in the header of each file written, so that encrypted
 files can be copied between hosts; the file will be decryptable with the proper
 key, and there is no need to keep track of any additional information aside
 from what is already in the encrypted file itself. Think of eCryptfs as a sort
 of "gnupgfs".
 .
 eCryptfs is a native Linux filesystem. The kernel module component of eCryptfs
 is part of the Linux kernel since 2.6.19.
 .
 This package contains the userland utilities.

libecryptfs-dev: ecryptfs cryptographic filesystem (development)

 eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
 for Linux.
 .
 This package contains the development files.

libecryptfs0: ecryptfs cryptographic filesystem (library)

 eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
 for Linux.
 .
 This package contains the library.