Format: 1.8 Date: Wed, 10 Aug 2011 08:36:44 -0500 Source: ecryptfs-utils Binary: ecryptfs-utils libecryptfs0 libecryptfs-dev Architecture: i386 i386_translations Version: 90-0ubuntu1 Distribution: oneiric Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Dustin Kirkland Description: ecryptfs-utils - ecryptfs cryptographic filesystem (utilities) libecryptfs-dev - ecryptfs cryptographic filesystem (development) libecryptfs0 - ecryptfs cryptographic filesystem (library) Launchpad-Bugs-Fixed: 732628 Changes: ecryptfs-utils (90-0ubuntu1) oneiric; urgency=low . [ Marc Deslauriers ] * SECURITY UPDATE: privilege escalation via mountpoint race conditions (LP: #732628) - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint before checking permissions in src/utils/mount.ecryptfs_private.c. - CVE-2011-1831 - CVE-2011-1832 * SECURITY UPDATE: race condition when checking source during mount (LP: #732628) - debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid kernel option when mounting directory in src/utils/mount.ecryptfs_private.c. - CVE-2011-1833 * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628) - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp file first and make sure it succeeds before replacing the real mtab in src/utils/mount.ecryptfs_private.c. - CVE-2011-1834 * SECURITY UPDATE: key poisoning via insecure temp directory handling (LP: #732628) - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a user controlled directory in src/utils/ecryptfs-setup-private. - CVE-2011-1835 * SECURITY UPDATE: information disclosure via recovery mount in /tmp (LP: #732628) - debian/patches/CVE-2011-1836.patch: mount inside protected subdirectory in src/utils/ecryptfs-recover-private. - CVE-2011-1836 * SECURITY UPDATE: arbitrary file overwrite via lock counter race condition (LP: #732628) - debian/patches/CVE-2011-1837.patch: verify permissions with a file descriptor, and don't follow symlinks in src/utils/mount.ecryptfs_private.c. - CVE-2011-1837 Checksums-Sha1: 20b9272722c387d8f37c50c39452266bf9965eb4 99706 ecryptfs-utils_90-0ubuntu1_i386.deb 293bd4ace1ab182834166ebd675bcaf50f3b3522 66830 libecryptfs0_90-0ubuntu1_i386.deb fc3d212087c4d8bfe1fc9ef869aa8f6f46761f81 53598 libecryptfs-dev_90-0ubuntu1_i386.deb f001c3569abe3c79982288e4ff19cffc198837f2 1844 ecryptfs-utils_90-0ubuntu1_i386_translations.tar.gz Checksums-Sha256: e1ce8be13cfde6d31de20f5c5464637891c36c8f1cc1bebf04df11ebbe73b167 99706 ecryptfs-utils_90-0ubuntu1_i386.deb 78b123c726601b0caf65d7ea864ddd01275cc3dcce1270ccaf151417ddfed159 66830 libecryptfs0_90-0ubuntu1_i386.deb 85cb46c76dcbf3690f223f27bcce6506b811611cc517fcd7bedbbff66125211a 53598 libecryptfs-dev_90-0ubuntu1_i386.deb 3a06c9bb3cac3d2d827b3c0f10ba1d081dc92fcdda89180b8db62ee2ef60eeca 1844 ecryptfs-utils_90-0ubuntu1_i386_translations.tar.gz Files: 7205450a4a241ff70498cbedf43e6bd8 99706 misc optional ecryptfs-utils_90-0ubuntu1_i386.deb 780a8590468b2f55009ef3d27418198b 66830 libs optional libecryptfs0_90-0ubuntu1_i386.deb 131908ad6a91b662436881000672a67c 53598 libdevel optional libecryptfs-dev_90-0ubuntu1_i386.deb a6e908df3e40ad2079839b42197cf711 1844 raw-translations - ecryptfs-utils_90-0ubuntu1_i386_translations.tar.gz Original-Maintainer: Daniel Baumann