[ubuntu/maverick-security] ecryptfs-utils, ecryptfs-utils_83-0ubuntu3.2.10.10.1_amd64_translations.tar.gz, ecryptfs-utils_83-0ubuntu3.2.10.10.1_armel_translations.tar.gz, ecryptfs-utils_83-0ubuntu3.2.10.10.1_powerpc_translations.tar.gz, ecryptfs-utils_83-0ubuntu3.2.10.10.1_i386_translations.tar.gz 83-0ubuntu3.2.10.10.1 (Accepted)

Tue Aug 9 17:03:30 UTC 2011

ecryptfs-utils (83-0ubuntu3.2.10.10.1) maverick-security; urgency=low

  * SECURITY UPDATE: privilege escalation via mountpoint race conditions
    (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: chdir into mountpoint before
      checking permissions. Patch thanks to Dan Rosenberg.
    - CVE-2011-1831
    - CVE-2011-1832
  * SECURITY UPDATE: race condition when checking source during mount
    (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: use new ecryptfs_check_dev_ruid
      kernel option when mounting directory.
    - CVE-2011-1833
  * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: modify mtab via a temp file first
      and make sure it succeeds before replacing the real mtab. Patch
      thanks to Dan Rosenberg.
    - CVE-2011-1834
  * SECURITY UPDATE: key poisoning via insecure temp directory handling
    (LP: #732628)
    - src/utils/ecryptfs-setup-private: make sure we don't copy into a
      user controlled directory.
    - CVE-2011-1835
  * SECURITY UPDATE: arbitrary file overwrite via lock counter race
    condition (LP: #732628)
    - src/utils/mount.ecryptfs_private.c: verify permissions with a file
      descriptor, and don't follow symlinks.
    - CVE-2011-1837

Date: Thu, 04 Aug 2011 10:41:53 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/ecryptfs-utils/83-0ubuntu3.2.10.10.1
-------------- next part --------------
Format: 1.8
Date: Thu, 04 Aug 2011 10:41:53 -0400
Source: ecryptfs-utils
Binary: ecryptfs-utils libecryptfs0 libecryptfs-dev
Architecture: source
Version: 83-0ubuntu3.2.10.10.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)
 libecryptfs-dev - ecryptfs cryptographic filesystem (development)
 libecryptfs0 - ecryptfs cryptographic filesystem (library)
Launchpad-Bugs-Fixed: 732628
Changes: 
 ecryptfs-utils (83-0ubuntu3.2.10.10.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: privilege escalation via mountpoint race conditions
     (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: chdir into mountpoint before
       checking permissions. Patch thanks to Dan Rosenberg.
     - CVE-2011-1831
     - CVE-2011-1832
   * SECURITY UPDATE: race condition when checking source during mount
     (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: use new ecryptfs_check_dev_ruid
       kernel option when mounting directory.
     - CVE-2011-1833
   * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: modify mtab via a temp file first
       and make sure it succeeds before replacing the real mtab. Patch
       thanks to Dan Rosenberg.
     - CVE-2011-1834
   * SECURITY UPDATE: key poisoning via insecure temp directory handling
     (LP: #732628)
     - src/utils/ecryptfs-setup-private: make sure we don't copy into a
       user controlled directory.
     - CVE-2011-1835
   * SECURITY UPDATE: arbitrary file overwrite via lock counter race
     condition (LP: #732628)
     - src/utils/mount.ecryptfs_private.c: verify permissions with a file
       descriptor, and don't follow symlinks.
     - CVE-2011-1837
Checksums-Sha1: 
 fc95a83ed903f5ae177858b6cba0bfc982d8ef97 2227 ecryptfs-utils_83-0ubuntu3.2.10.10.1.dsc
 460fa03fab8d96423e43221dac1aa2cf43b3d5bb 19392 ecryptfs-utils_83-0ubuntu3.2.10.10.1.diff.gz
Checksums-Sha256: 
 caa684dd89c95ae3f38f6214a94b595a2618c7e8c989bb88f421e4d825c63b00 2227 ecryptfs-utils_83-0ubuntu3.2.10.10.1.dsc
 313d935840cedd2d7f3d5cbf7868d09aa5f684f1f8c17dc94a736d78cd42d966 19392 ecryptfs-utils_83-0ubuntu3.2.10.10.1.diff.gz
Files: 
 9cd51b1009b8dee8bc19d337b83432d0 2227 misc optional ecryptfs-utils_83-0ubuntu3.2.10.10.1.dsc
 1ca3d0e01e04ba929a785e6e570a7250 19392 misc optional ecryptfs-utils_83-0ubuntu3.2.10.10.1.diff.gz
Original-Maintainer: Daniel Baumann <daniel at debian.org>