« back to all changes in this revision
Viewing changes to debian/patches/CVE-2011-1837.patch
- Committer: Bazaar Package Importer
- Date: 2011-08-04 10:37:40 UTC
- Revision ID: james.westby@ubuntu.com-20110804103740-k4bobcj7qpe94xuv
* SECURITY UPDATE: privilege escalation via mountpoint race conditions
(LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
before checking permissions in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1831
- CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
(LP: #732628)
- debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
kernel option when mounting directory in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
file first and make sure it succeeds before replacing the real mtab
in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
(LP: #732628)
- debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
user controlled directory in src/utils/ecryptfs-setup-private.
- CVE-2011-1835
* SECURITY UPDATE: information disclosure via recovery mount in /tmp
(LP: #732628)
- debian/patches/CVE-2011-1836.patch: mount inside protected
subdirectory in src/utils/ecryptfs-recover-private.
- CVE-2011-1836
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
condition (LP: #732628)
- debian/patches/CVE-2011-1837.patch: verify permissions with a file
descriptor, and don't follow symlinks in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1837
(LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
before checking permissions in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1831
- CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
(LP: #732628)
- debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
kernel option when mounting directory in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
file first and make sure it succeeds before replacing the real mtab
in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
(LP: #732628)
- debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
user controlled directory in src/utils/ecryptfs-setup-private.
- CVE-2011-1835
* SECURITY UPDATE: information disclosure via recovery mount in /tmp
(LP: #732628)
- debian/patches/CVE-2011-1836.patch: mount inside protected
subdirectory in src/utils/ecryptfs-recover-private.
- CVE-2011-1836
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
condition (LP: #732628)
- debian/patches/CVE-2011-1837.patch: verify permissions with a file
descriptor, and don't follow symlinks in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1837
- files added:
- .pc
- .pc/CVE-2011-1831,1832,1834.patch
- .pc/CVE-2011-1831,1832,1834.patch/src
- .pc/CVE-2011-1831,1832,1834.patch/src/utils
- .pc/CVE-2011-1833.patch
- .pc/CVE-2011-1833.patch/src
- .pc/CVE-2011-1833.patch/src/utils
- .pc/CVE-2011-1835.patch
- .pc/CVE-2011-1835.patch/src
- .pc/CVE-2011-1835.patch/src/utils
- .pc/CVE-2011-1836.patch
- .pc/CVE-2011-1836.patch/src
- .pc/CVE-2011-1836.patch/src/utils
- .pc/CVE-2011-1837.patch
- .pc/CVE-2011-1837.patch/src
- .pc/CVE-2011-1837.patch/src/utils
- files modified:
- debian/changelog
added
removed
debian/patches/CVE-2011-1837.patch
