[ubuntu/karmic] ecryptfs-utils 76-0ubuntu1 (Accepted)
Dustin Kirkland
kirkland at ubuntu.com
Sat Jul 18 00:40:19 BST 2009
ecryptfs-utils (76-0ubuntu1) karmic; urgency=low
[ Dustin Kirkland ]
* src/utils/ecryptfs-setup-swap: switch from vol_id to blkid,
LP: #376486
* debian/ecryptfs-utils.postinst, src/utils/ecryptfs-setup-private:
don't echo mount passphrase if running in bootstrap mode; prune
potential leakages from install log, LP: #383650
* SECURITY UPDATE: mount passphrase recorded in install log (LP: #383650).
- debian/ecryptfs-utils.postinst: prune private information from
installer log
- src/utils/ecryptfs-setup-private: don't echo passphrase if running in
bootstrap mode
- CVE-2009-1296
* src/utils/ecryptfs-setup-private: make some of the lanuage more readable,
(thanks, anrxc)
* README, configure.ac, debian/control, debian/rules,
doc/sourceforge_webpage/README, src/libecryptfs-swig/libecryptfs.py,
src/libecryptfs-swig/libecryptfs_wrap.c,
src/libecryptfs/key_management.c, src/libecryptfs/libecryptfs.pc.in,
src/libecryptfs/main.c, src/pam_ecryptfs/Makefile.am,
src/utils/manager.c, src/utils/mount.ecryptfs.c: move build from gcrypt
to nss (this change has been pending for some time)
* src/utils/ecryptfs-dot-private: dropped, was too hacky
* ecryptfs-mount-private.1, ecryptfs-setup-private.1: align the
documentation and implementation of the wrapping-independent feature,
LP: #383746
* src/utils/ecryptfs-umount-private: use keyctl list @u, since keyctl show
stopped working, LP: #400484, #395082
* src/utils/mount.ecryptfs_private.c: fix counter file locking; solves
a longstanding bug about "random" umount caused by cronjobs, LP: #358573
[ Michal Hlavinka (edits by Dustin Kirkland) ]
* doc/manpage/ecryptfs-mount-private.1,
doc/manpage/ecryptfs-rewrite-file.1,
doc/manpage/ecryptfs-setup-private.1, doc/manpage/ecryptfs.7,
doc/manpage/mount.ecryptfs_private.1,
doc/manpage/umount.ecryptfs_private.1: documentation updated to note
possible ecryptfs group membership requirements; Fix ecrypfs.7 man
page and key_mod_openssl's error message; fix typo
* src/libecryptfs/decision_graph.c: put a finite limit (5 tries) on
interactive input; fix memory leaks when asking questions
* src/libecryptfs/module_mgr.c: Don't error out with EINVAL when
verbosity=0 and some options are missing.
* src/utils/umount.ecryptfs.c: no error for missing key when removing it
* src/libecryptfs-swig/libecryptfs.i: fix compile werror, cast char*
* src/utils/ecryptfs_add_passphrase.c: fix/test/use return codes;
return nonzero for --fnek when not supported but used
* src/include/ecryptfs.h, src/key_mod/ecryptfs_key_mod_openssl.c,
src/libecryptfs/module_mgr.c: refuse mounting with too small rsa
key (key_mod_openssl)
* src/utils/ecryptfs_insert_wrapped_passphrase_into_keyring.c: fix return
codes
* src/utils/ecryptfs-rewrite-file: polish output
* src/libecryptfs/key_management.c: inform about full keyring; insert fnek
sig into keyring if fnek support check fails; don't fail if key already
exists in keyring
* src/utils/ecryptfs-setup-private: if the ecryptfs group exists, restrict
ecryptfs-setup-private to members of this group
* src/pam_ecryptfs/pam_ecryptfs.c: dynamically load ecryptfs module by
checking ecryptfs version
* src/libecryptfs/decision_graph.c, src/utils/io.c,
src/utils/mount.ecryptfs.c: fix EOF handling, LP: #371587
* src/desktop/Makefile.am: make desktop files trusted, LP: #371426
[ Dustin Kirkland and Daniel Baumann ]
* debian/control, debian/copyright, debian/ecryptfs-utils.dirs,
debian/ecryptfs-utils.install, debian/ecryptfs-utils.postinst,
debian/rules, ecryptfs-utils.pam-auth-update: sync Ubuntu's
packaging with Debian; drop dpatch, drop libssl build dep, clean
up extraneous debhelper bits, match cflags; remaining diff is only
ecryptfs-utils.prerm
[ Arfrever Frehtes Taifersar Arahesis ]
* key_mod/ecryptfs_key_mod_gpg.c,
key_mod/ecryptfs_key_mod_pkcs11_helper.c,
libecryptfs/key_management.c, utils/ecryptfs_unwrap_passphrase.c:
Fix warnings, initialize a few variables, drop unused ones
[ David Hicks ]
* src/lib/key_management.c: fix stray semicolon that prevents .ecryptfsrc
files from working properly, LP: #372709
[ Michael Rooney ]
* src/python/ecryptfsapi.py: added python api
Date: Fri, 17 Jul 2009 18:33:44 -0500
Changed-By: Dustin Kirkland <kirkland at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Dustin Kirkland <dustin.kirkland at gmail.com>
https://launchpad.net/ubuntu/karmic/+source/ecryptfs-utils/76-0ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 17 Jul 2009 18:33:44 -0500
Source: ecryptfs-utils
Binary: ecryptfs-utils libecryptfs0 libecryptfs-dev
Architecture: source
Version: 76-0ubuntu1
Distribution: karmic
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Dustin Kirkland <kirkland at ubuntu.com>
Description:
ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)
libecryptfs-dev - ecryptfs cryptographic filesystem (development)
libecryptfs0 - ecryptfs cryptographic filesystem (library)
Changes:
ecryptfs-utils (76-0ubuntu1) karmic; urgency=low
.
[ Dustin Kirkland ]
* src/utils/ecryptfs-setup-swap: switch from vol_id to blkid,
LP: #376486
* debian/ecryptfs-utils.postinst, src/utils/ecryptfs-setup-private:
don't echo mount passphrase if running in bootstrap mode; prune
potential leakages from install log, LP: #383650
* SECURITY UPDATE: mount passphrase recorded in install log (LP: #383650).
- debian/ecryptfs-utils.postinst: prune private information from
installer log
- src/utils/ecryptfs-setup-private: don't echo passphrase if running in
bootstrap mode
- CVE-2009-1296
* src/utils/ecryptfs-setup-private: make some of the lanuage more readable,
(thanks, anrxc)
* README, configure.ac, debian/control, debian/rules,
doc/sourceforge_webpage/README, src/libecryptfs-swig/libecryptfs.py,
src/libecryptfs-swig/libecryptfs_wrap.c,
src/libecryptfs/key_management.c, src/libecryptfs/libecryptfs.pc.in,
src/libecryptfs/main.c, src/pam_ecryptfs/Makefile.am,
src/utils/manager.c, src/utils/mount.ecryptfs.c: move build from gcrypt
to nss (this change has been pending for some time)
* src/utils/ecryptfs-dot-private: dropped, was too hacky
* ecryptfs-mount-private.1, ecryptfs-setup-private.1: align the
documentation and implementation of the wrapping-independent feature,
LP: #383746
* src/utils/ecryptfs-umount-private: use keyctl list @u, since keyctl show
stopped working, LP: #400484, #395082
* src/utils/mount.ecryptfs_private.c: fix counter file locking; solves
a longstanding bug about "random" umount caused by cronjobs, LP: #358573
.
[ Michal Hlavinka (edits by Dustin Kirkland) ]
* doc/manpage/ecryptfs-mount-private.1,
doc/manpage/ecryptfs-rewrite-file.1,
doc/manpage/ecryptfs-setup-private.1, doc/manpage/ecryptfs.7,
doc/manpage/mount.ecryptfs_private.1,
doc/manpage/umount.ecryptfs_private.1: documentation updated to note
possible ecryptfs group membership requirements; Fix ecrypfs.7 man
page and key_mod_openssl's error message; fix typo
* src/libecryptfs/decision_graph.c: put a finite limit (5 tries) on
interactive input; fix memory leaks when asking questions
* src/libecryptfs/module_mgr.c: Don't error out with EINVAL when
verbosity=0 and some options are missing.
* src/utils/umount.ecryptfs.c: no error for missing key when removing it
* src/libecryptfs-swig/libecryptfs.i: fix compile werror, cast char*
* src/utils/ecryptfs_add_passphrase.c: fix/test/use return codes;
return nonzero for --fnek when not supported but used
* src/include/ecryptfs.h, src/key_mod/ecryptfs_key_mod_openssl.c,
src/libecryptfs/module_mgr.c: refuse mounting with too small rsa
key (key_mod_openssl)
* src/utils/ecryptfs_insert_wrapped_passphrase_into_keyring.c: fix return
codes
* src/utils/ecryptfs-rewrite-file: polish output
* src/libecryptfs/key_management.c: inform about full keyring; insert fnek
sig into keyring if fnek support check fails; don't fail if key already
exists in keyring
* src/utils/ecryptfs-setup-private: if the ecryptfs group exists, restrict
ecryptfs-setup-private to members of this group
* src/pam_ecryptfs/pam_ecryptfs.c: dynamically load ecryptfs module by
checking ecryptfs version
* src/libecryptfs/decision_graph.c, src/utils/io.c,
src/utils/mount.ecryptfs.c: fix EOF handling, LP: #371587
* src/desktop/Makefile.am: make desktop files trusted, LP: #371426
.
[ Dustin Kirkland and Daniel Baumann ]
* debian/control, debian/copyright, debian/ecryptfs-utils.dirs,
debian/ecryptfs-utils.install, debian/ecryptfs-utils.postinst,
debian/rules, ecryptfs-utils.pam-auth-update: sync Ubuntu's
packaging with Debian; drop dpatch, drop libssl build dep, clean
up extraneous debhelper bits, match cflags; remaining diff is only
ecryptfs-utils.prerm
.
[ Arfrever Frehtes Taifersar Arahesis ]
* key_mod/ecryptfs_key_mod_gpg.c,
key_mod/ecryptfs_key_mod_pkcs11_helper.c,
libecryptfs/key_management.c, utils/ecryptfs_unwrap_passphrase.c:
Fix warnings, initialize a few variables, drop unused ones
.
[ David Hicks ]
* src/lib/key_management.c: fix stray semicolon that prevents .ecryptfsrc
files from working properly, LP: #372709
.
[ Michael Rooney ]
* src/python/ecryptfsapi.py: added python api
Checksums-Sha1:
3cf408b61a46e241d0e5666383740484e3966787 1632 ecryptfs-utils_76-0ubuntu1.dsc
3e57e48f2e269c752f24c3b4396726971d6b4c7d 511353 ecryptfs-utils_76.orig.tar.gz
2e3f15642c3ffababa65a3b761d2bfd7afea1d1e 11868 ecryptfs-utils_76-0ubuntu1.diff.gz
Checksums-Sha256:
1f3935c344ebcb1fc40a40dc5f1f72521dc7d1b5c265e9a8e74d451a3012f0ef 1632 ecryptfs-utils_76-0ubuntu1.dsc
7179091fdb415c3cba52eb4997c2e66e680f6cce39f8062080a6c7ae6b077ba5 511353 ecryptfs-utils_76.orig.tar.gz
456328f788169f857bf57cae2261a8183e9e56c89c0beba7146f87031bba6a7a 11868 ecryptfs-utils_76-0ubuntu1.diff.gz
Files:
8dcc99497d13d0621037bca0da5b6c46 1632 misc optional ecryptfs-utils_76-0ubuntu1.dsc
f0375216af224bd9d8cf99c56559619f 511353 misc optional ecryptfs-utils_76.orig.tar.gz
f3162786a34a1344ae931dbb6a73b5b1 11868 misc optional ecryptfs-utils_76-0ubuntu1.diff.gz
Launchpad-Bugs-Fixed: 358573 371426 371587 372709 376486 383650 383650 383746 395082 400484
Original-Maintainer: Daniel Baumann <daniel at debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkphCt0ACgkQs7pNXIOmEZRYOQCdGYukj6tYtMTy6I5qieMrP516
DYsAninsBBpqBERTV82r+Wu1DUw2BZ/U
=JM7i
-----END PGP SIGNATURE-----
More information about the Karmic-changes
mailing list