Change logs for ecryptfs-utils source package in Vivid

  • ecryptfs-utils (107-0ubuntu1.3) vivid-security; urgency=medium
    
      * SECURITY UPDATE: Don't allow mount.ecryptfs_private to be used to mount on
        top of pseudo filesystem such as procfs
        - debian/patches/CVE-2016-1572.patch: Check the filesystem type of the
          mount destination against a whitelist of approved types.
        - CVE-2016-1572
    
     -- Tyler Hicks <email address hidden>  Fri, 15 Jan 2016 17:48:42 -0600
  • ecryptfs-utils (107-0ubuntu1.2) vivid-proposed; urgency=medium
    
      * Add setup-swap-check-links.patch: When commenting out existing swap, also
        consider device symlinks like /dev/mapper/ubuntu--vg-swap_1 or
        /dev/disks/by-uuid/ into account. Fixes broken cryptswap under LVM and
        manual setups. (LP: #1453738)
      * debian/ecryptfs-utils.postinst: On upgrade, uncomment underlying
        unencrypted swap partitions that are referred to by a device link when
        crypttab and fstab have a "cryptswap*" device referring to them.
    
     -- Martin Pitt <email address hidden>  Thu, 09 Jul 2015 09:04:27 +0200
  • ecryptfs-utils (107-0ubuntu1.1) vivid; urgency=medium
    
      * Add setup-swap-mark-gpt-noauto.patch: In ecryptfs-setup-swap, mark the
        "fake" underlying unencrypted swap partition as no-auto Without that, the
        swap partition gets auto-activated under systemd as it cannot be told
        apart from a real unencrypted swap partition.
      * debian/ecryptfs-utils.postinst: Fix existing GPT installations with
        cryptswap1 and an offset= for the above issue. (LP: #1447282)
    
     -- Martin Pitt <email address hidden>  Fri, 24 Apr 2015 12:15:12 +0100
  • ecryptfs-utils (107-0ubuntu1) vivid; urgency=medium
    
      [ Dustin Kirkland ]
      * scripts/release.sh:
        - a few more release script improvements, build the source
          package for the Ubuntu development distro
      * debian/control:
        - build depend on distro-info, which we use in our release script
      * vivid
    
      [ Tyler Hicks ]
      * src/libecryptfs/key_management.c:
        - Fix a regression when reading version 1 wrapped passphrase files. A
          return code indicating success was always returned even when an error
          was encountered. The impact is low since the error situation is still
          caught when validating either the wrapping password's signature or the
          wrapped passphrase's signature. Thanks to László Böszörményi for
          catching this mistake.
        - Reject empty passphrases passed into ecryptfs_wrap_passphrase()
      * src/libecryptfs/main.c:
        - Reject empty wrapping passphrases passed into generate_passphrase_sig()
     -- Dustin Kirkland <email address hidden>   Thu, 26 Mar 2015 18:02:29 -0500
  • ecryptfs-utils (106-0ubuntu1) vivid; urgency=medium
    
      [ Dustin Kirkland and Martin Pitt ]
      * debian/ecryptfs-utils.postinst: LP: #953875
        - detect and clean up after nonexisting cryptswap devices
    
      [ Tyler Hicks ]
      * tests/userspace/Makefile.am: Fix the 'make check' failure present in the
        ecryptfs-utils-105 release tarball. The failure was due to the automake
        file not specifying that some data files should be distributed as part
        of the v1-to-v2-wrapped-passphrase test, causing the test to fail due to
        the missing files.
    
      [ Dustin Kirkland ]
      * scripts/release.sh:
        - ensure that we try a binary build as part of the release process
        - make sure we're in the original working directory when we release
        - remove the -x option, too noisy
      * vivid
      * vivid
      * vivid
     -- Dustin Kirkland <email address hidden>   Wed, 11 Mar 2015 18:42:19 -0500
  • ecryptfs-utils (105-0ubuntu1) vivid; urgency=low
    
      [ Dustin Kirkland ]
      * doc/manpage/ecryptfs.7: LP: #1267640
        - fix inconsistency in man page for passphrase_passwd_file format
      * doc/manpage/ecryptfs-setup-private.1, src/utils/ecryptfs-setup-
        private, src/utils/ecryptfs-setup-swap: LP: #1420424
        - use /dev/random rather than /dev/urandom for long lived keys
      * src/utils/ecryptfs-setup-private:
        - use /dev/urandom for our testing, as we read a lot of info
      * src/utils/ecryptfs-setup-swap: LP: #953875, #1086140
        - fix a whitespace bug in a grep, that might cause us to not
          comment out the old swap space in /etc/fstab
        - offset the start of the encrypted swap space by 1KB, which
          ensures that we don't overwrite the UUID label on the header
          of the partition
        - use the aes-xts block cipher, and plain64 initialization vector,
          which are current best practice here
        - fixed a grammar nitpick
    
      [ Colin King ]
      * src/libecryptfs/key_management.c, src/utils/mount.ecryptfs.c:
        - A couple of minor fixes: Fix a memory leak and handle out of memory
          error, as found by using cppcheck.
      * src/utils/mount.ecryptfs.c
        - fix potential double free on yesno if get_string_stdin exits early
          without allocating a new buffer and we free yesno on the exit clean
          up path.
      * src/libecryptfs/cmd_ln_parser.c
        - remove redundant if / goto statement that does nothing.
    
      [ Anders Kaseorg ]
      * src/pam_ecryptfs/pam_ecryptfs.c: exit (not return) from forked child on
        error (LP: #1323421)
    
      [ Tyler Hicks ]
      * Introduce the version 2 wrapped-passphrase file format. It adds the
        ability to combine a randomly generated salt with the wrapping password
        (typically, a user's login password) prior to performing key
        strengthening. The version 2 file format is considered to be a
        intermediate step in strengthening the wrapped-passphrase files of
        existing encrypted home/private users. Support for reading/writing version
        2 wrapped-passphrase files and transparent migration, through
        pam_ecryptfs, from version 1 to version 2 files is considered safe enough
        to backport to stable distro releases. The libecryptfs ABI around
        wrapped-passphrase file handling is not broken.
        - CVE-2014-9687
      * Run wrap-unwrap.sh test as part of the make check target.
      * Add a new test, called v1-to-v2-wrapped-passphrase.sh, which is suitable
        for the make check target and verifies v1 to v2 wrapped-passphrase file
        migration.
      * Create a temporary file when creating a new wrapped-passphrase file and
        copy it to its final destination after the file has been fully synced to
        disk (LP: #1020902)
     -- Dustin Kirkland <email address hidden>   Wed, 11 Mar 2015 10:28:15 -0500
  • ecryptfs-utils (104-0ubuntu1) trusty; urgency=low
    
      [ Colin King ]
      * src/libecryptfs/ecryptfs-stat.c, tests/kernel/extend-file-
        random/test.c, tests/kernel/inode-race-stat/test.c,
        tests/kernel/trunc-file/test.c:
        - Fixed some 32 bit build warnings
      * src/libecryptfs/decision_graph.c, src/libecryptfs/key_management.c,
        src/libecryptfs/main.c, src/libecryptfs/module_mgr.c, src/utils/io.c,
        src/utils/mount.ecryptfs_private.c, tests/kernel/inotify/test.c,
        tests/kernel/trunc-file/test.c, tests/userspace/wrap-unwrap/test.c:
        - Fixed a pile of minor bugs (memory leaks, unclosed file descriptors,
          etc.) mostly in error paths
      * src/key_mod/ecryptfs_key_mod_passphrase.c, src/libecryptfs/main.c,
        src/pam_ecryptfs/pam_ecryptfs.c:
        - more Coverity fixes, memory leak, error checking, etc.
    
      [ Nobuto MURATA ]
      * fix an empty update-notifier window (LP: #1107650)
        - changes made in Rev.758 was incomplete
    
      [ Tyler Hicks ]
      * doc/manpage/ecryptfs.7:
        - adjust man page text to avoid confusion about whether the interactive
          mount helper takes a capital 'N' for the answer to y/n questions
          (LP: #1130460)
      * src/utils/ecryptfs_rewrap_passphrase.c:
        - Handle errors when interactively reading the new wrapping passphrase
          and the confirmation from stdin. Fixes a segfault (invalid memory read)
          in ecryptfs-rewrap-passphrase if there was an error while reading either
          of these passphrases.
      * configure.ac:
        - Set AM_CPPFLAGS to always include config.h as the first include file.
          Some .c files correctly included config.h before anything else. The
          majority of .c files got this wrong by including it after other header
          files, including it multiple times, or not including it at all.
          Including it in the AM_CPPFLAGS should solve these problems and keep
          future mistakes from happening in new source files.
        - Enable large file support (LFS) through the use of the AC_SYS_LARGEFILE
          autoconf macro. ecryptfs-utils has been well tested with LFS enabled
          because ecryptfs-utils is being built with
          '-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' in Debian-based distros.
          This is mainly needed for some of the in-tree regression tests but
          ecryptfs-utils, in general, should be built with LFS enabled.
      * debian/rules:
        - Don't append '-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' to the CFLAGS
          now that the upstream build enables LFS
      * tests/userspace/lfs.sh, tests/userspace/lfs/test.c:
        - Add a test to verify that LFS is enabled. This test is run under the
          make check target.
      * tests/kernel/enospc/test.c:
        - Fix test failures on 32 bit architectures due to large file sizes
          overflowing data types
    
      [ Dustin Kirkland ]
      * src/utils/ecryptfs-setup-swap: LP: #1172014
        - write crypttab entry using UUID
      * src/utils/ecryptfs-recover-private: LP: #1028532
        - error out, if we fail to mount the private data correctly
    
      [ Colin King and Dustin Kirkland ]
      * configure.ac, src/daemon/main.c, src/libecryptfs/cmd_ln_parser.c,
        src/libecryptfs/decision_graph.c, src/utils/mount.ecryptfs.c,
        tests/kernel/trunc-file/test.c:
        - remove some dead code, fix some minor issues raised by Coverity
     -- Nobuto MURATA <email address hidden>   Thu, 21 Feb 2013 01:56:33 +0900