Format: 1.8
Date: Thu, 04 Aug 2011 10:37:40 -0400
Source: ecryptfs-utils
Binary: ecryptfs-utils libecryptfs0 libecryptfs-dev
Architecture: i386 i386_translations
Version: 89-0ubuntu2
Distribution: oneiric
Urgency: low
Maintainer: Ubuntu/i386 Build Daemon <buildd@vernadsky.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description: 
 ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)
 libecryptfs-dev - ecryptfs cryptographic filesystem (development)
 libecryptfs0 - ecryptfs cryptographic filesystem (library)
Launchpad-Bugs-Fixed: 732628
Changes: 
 ecryptfs-utils (89-0ubuntu2) oneiric; urgency=low
 .
   * SECURITY UPDATE: privilege escalation via mountpoint race conditions
     (LP: #732628)
     - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
       before checking permissions in src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1831
     - CVE-2011-1832
   * SECURITY UPDATE: race condition when checking source during mount
     (LP: #732628)
     - debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
       kernel option when mounting directory in
       src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1833
   * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
     - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
       file first and make sure it succeeds before replacing the real mtab
       in src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1834
   * SECURITY UPDATE: key poisoning via insecure temp directory handling
     (LP: #732628)
     - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
       user controlled directory in src/utils/ecryptfs-setup-private.
     - CVE-2011-1835
   * SECURITY UPDATE: information disclosure via recovery mount in /tmp
     (LP: #732628)
     - debian/patches/CVE-2011-1836.patch: mount inside protected
       subdirectory in src/utils/ecryptfs-recover-private.
     - CVE-2011-1836
   * SECURITY UPDATE: arbitrary file overwrite via lock counter race
     condition (LP: #732628)
     - debian/patches/CVE-2011-1837.patch: verify permissions with a file
       descriptor, and don't follow symlinks in
       src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1837
Checksums-Sha1: 
 12795d3000153be30173a3499e2eb439a86275fd 97248 ecryptfs-utils_89-0ubuntu2_i386.deb
 c4dc876e654f6c44b5ba639dd347fd6202167780 67078 libecryptfs0_89-0ubuntu2_i386.deb
 7a1021147e0f7c9441b2eb49130032bfac365057 53058 libecryptfs-dev_89-0ubuntu2_i386.deb
 cada2e9795231409cac49979e7685e741da3595f 1854 ecryptfs-utils_89-0ubuntu2_i386_translations.tar.gz
Checksums-Sha256: 
 12dca96b2e1c774ab21f5ea781074baa587abc2c6a821e3a02fab3a5ee303e8a 97248 ecryptfs-utils_89-0ubuntu2_i386.deb
 e1fe7b11eb79fe6cc1520553674c54f3288e35e09de53d21a8ae7c5ee94e86aa 67078 libecryptfs0_89-0ubuntu2_i386.deb
 8e6a5beb541e33598853b3de7a2195b859c12a849c54891ae638a4b410cf4f84 53058 libecryptfs-dev_89-0ubuntu2_i386.deb
 9ee952ad9049eccb2473fc52650c4c443be4797d995df3685f77955316ef905d 1854 ecryptfs-utils_89-0ubuntu2_i386_translations.tar.gz
Files: 
 689ad7b5037586f7bb587b97a3f39679 97248 misc optional ecryptfs-utils_89-0ubuntu2_i386.deb
 7004a301fad52e147930c0812d8706e0 67078 libs optional libecryptfs0_89-0ubuntu2_i386.deb
 479dd6a3b6084b7ea05d8ae7e52f8d82 53058 libdevel optional libecryptfs-dev_89-0ubuntu2_i386.deb
 d29f02a1d2e74ba79bf8084f5fff4c61 1854 raw-translations - ecryptfs-utils_89-0ubuntu2_i386_translations.tar.gz
Original-Maintainer: Daniel Baumann <daniel@debian.org>