1
ecryptfs-utils (89-0ubuntu2) oneiric; urgency=low
3
* SECURITY UPDATE: privilege escalation via mountpoint race conditions
5
- debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
6
before checking permissions in src/utils/mount.ecryptfs_private.c.
9
* SECURITY UPDATE: race condition when checking source during mount
11
- debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
12
kernel option when mounting directory in
13
src/utils/mount.ecryptfs_private.c.
15
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
16
- debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
17
file first and make sure it succeeds before replacing the real mtab
18
in src/utils/mount.ecryptfs_private.c.
20
* SECURITY UPDATE: key poisoning via insecure temp directory handling
22
- debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
23
user controlled directory in src/utils/ecryptfs-setup-private.
25
* SECURITY UPDATE: information disclosure via recovery mount in /tmp
27
- debian/patches/CVE-2011-1836.patch: mount inside protected
28
subdirectory in src/utils/ecryptfs-recover-private.
30
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
31
condition (LP: #732628)
32
- debian/patches/CVE-2011-1837.patch: verify permissions with a file
33
descriptor, and don't follow symlinks in
34
src/utils/mount.ecryptfs_private.c.
37
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Thu, 04 Aug 2011 10:37:40 -0400
1
39
ecryptfs-utils (89-0ubuntu1) oneiric; urgency=low