[ubuntu/lucid-security] ecryptfs-utils_83-0ubuntu3.2.10.04.1_armel_translations.tar.gz, ecryptfs-utils_83-0ubuntu3.2.10.04.1_i386_translations.tar.gz, ecryptfs-utils_83-0ubuntu3.2.10.04.1_sparc_translations.tar.gz, ecryptfs-utils_83-0ubuntu3.2.10.04.1_amd64_translations.tar.gz, ecryptfs-utils, ecryptfs-utils_83-0ubuntu3.2.10.04.1_ia64_translations.tar.gz, ecryptfs-utils_83-0ubuntu3.2.10.04.1_powerpc_translations.tar.gz 83-0ubuntu3.2.10.04.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Aug 9 17:03:37 UTC 2011 

ecryptfs-utils (83-0ubuntu3.2.10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: privilege escalation via mountpoint race conditions
    (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: chdir into mountpoint before
      checking permissions. Patch thanks to Dan Rosenberg.
    - CVE-2011-1831
    - CVE-2011-1832
  * SECURITY UPDATE: race condition when checking source during mount
    (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: use new ecryptfs_check_dev_ruid
      kernel option when mounting directory.
    - CVE-2011-1833
  * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: modify mtab via a temp file first
      and make sure it succeeds before replacing the real mtab. Patch
      thanks to Dan Rosenberg.
    - CVE-2011-1834
  * SECURITY UPDATE: key poisoning via insecure temp directory handling
    (LP: #732628)
    - src/utils/ecryptfs-setup-private: make sure we don't copy into a
      user controlled directory.
    - CVE-2011-1835
  * SECURITY UPDATE: arbitrary file overwrite via lock counter race
    condition (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: verify permissions with a file
      descriptor, and don't follow symlinks.
    - CVE-2011-1837

Date: Thu, 04 Aug 2011 10:37:00 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/ecryptfs-utils/83-0ubuntu3.2.10.04.1
-------------- next part --------------
Format: 1.8
Date: Thu, 04 Aug 2011 10:37:00 -0400
Source: ecryptfs-utils
Binary: ecryptfs-utils libecryptfs0 libecryptfs-dev
Architecture: source
Version: 83-0ubuntu3.2.10.04.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)
 libecryptfs-dev - ecryptfs cryptographic filesystem (development)
 libecryptfs0 - ecryptfs cryptographic filesystem (library)
Launchpad-Bugs-Fixed: 732628 732628 732628 732628 732628
Changes: 
 ecryptfs-utils (83-0ubuntu3.2.10.04.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: privilege escalation via mountpoint race conditions
     (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: chdir into mountpoint before
       checking permissions. Patch thanks to Dan Rosenberg.
     - CVE-2011-1831
     - CVE-2011-1832
   * SECURITY UPDATE: race condition when checking source during mount
     (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: use new ecryptfs_check_dev_ruid
       kernel option when mounting directory.
     - CVE-2011-1833
   * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: modify mtab via a temp file first
       and make sure it succeeds before replacing the real mtab. Patch
       thanks to Dan Rosenberg.
     - CVE-2011-1834
   * SECURITY UPDATE: key poisoning via insecure temp directory handling
     (LP: #732628)
     - src/utils/ecryptfs-setup-private: make sure we don't copy into a
       user controlled directory.
     - CVE-2011-1835
   * SECURITY UPDATE: arbitrary file overwrite via lock counter race
     condition (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: verify permissions with a file
       descriptor, and don't follow symlinks.
     - CVE-2011-1837
Checksums-Sha1: 
 7c2a8db68de4a5a47a5d84a13ef791ccec64d29c 2227 ecryptfs-utils_83-0ubuntu3.2.10.04.1.dsc
 e25a0e927d69335eaede140e0508f5cdb53a9acc 19003 ecryptfs-utils_83-0ubuntu3.2.10.04.1.diff.gz
Checksums-Sha256: 
 29cc36801fef084cc35a21a1346fb0c7ab53afc3bd3a08a4d12f6ca8c630e0bb 2227 ecryptfs-utils_83-0ubuntu3.2.10.04.1.dsc
 e555eb8d179efa60a87dbb5bb949f3a12f8ae06329be59ea62b6fac8538d5e7c 19003 ecryptfs-utils_83-0ubuntu3.2.10.04.1.diff.gz
Files: 
 fc333b73950217346b3ccd0269454ae9 2227 misc optional ecryptfs-utils_83-0ubuntu3.2.10.04.1.dsc
 bbacbd62a7f07cabfb21c0471043fdc5 19003 misc optional ecryptfs-utils_83-0ubuntu3.2.10.04.1.diff.gz
Original-Maintainer: Daniel Baumann <daniel at debian.org>

More information about the Lucid-changes mailing list