[ubuntu/natty-security] ecryptfs-utils, ecryptfs-utils_87-0ubuntu1.1_armel_translations.tar.gz, ecryptfs-utils_87-0ubuntu1.1_powerpc_translations.tar.gz, ecryptfs-utils_87-0ubuntu1.1_i386_translations.tar.gz, ecryptfs-utils_87-0ubuntu1.1_amd64_translations.tar.gz 87-0ubuntu1.1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Aug 9 17:03:23 UTC 2011 

ecryptfs-utils (87-0ubuntu1.1) natty-security; urgency=low

  * SECURITY UPDATE: privilege escalation via mountpoint race conditions
    (LP: #732628)
    - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
      before checking permissions in src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1831
    - CVE-2011-1832
  * SECURITY UPDATE: race condition when checking source during mount
    (LP: #732628)
    - debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
      kernel option when mounting directory in
      src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1833
  * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
    - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
      file first and make sure it succeeds before replacing the real mtab
      in src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1834
  * SECURITY UPDATE: key poisoning via insecure temp directory handling
    (LP: #732628)
    - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
      user controlled directory in src/utils/ecryptfs-setup-private.
    - CVE-2011-1835
  * SECURITY UPDATE: information disclosure via recovery mount in /tmp
    (LP: #732628)
    - debian/patches/CVE-2011-1836.patch: mount inside protected
      subdirectory in src/utils/ecryptfs-recover-private.
    - CVE-2011-1836
  * SECURITY UPDATE: arbitrary file overwrite via lock counter race
    condition (LP: #732628)
    - debian/patches/CVE-2011-1837.patch: verify permissions with a file
      descriptor, and don't follow symlinks in
      src/utils/mount.ecryptfs_private.c.
    - CVE-2011-1837

Date: Thu, 04 Aug 2011 10:43:33 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/ecryptfs-utils/87-0ubuntu1.1
-------------- next part --------------
Format: 1.8
Date: Thu, 04 Aug 2011 10:43:33 -0400
Source: ecryptfs-utils
Binary: ecryptfs-utils libecryptfs0 libecryptfs-dev
Architecture: source
Version: 87-0ubuntu1.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)
 libecryptfs-dev - ecryptfs cryptographic filesystem (development)
 libecryptfs0 - ecryptfs cryptographic filesystem (library)
Launchpad-Bugs-Fixed: 732628
Changes: 
 ecryptfs-utils (87-0ubuntu1.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: privilege escalation via mountpoint race conditions
     (LP: #732628)
     - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
       before checking permissions in src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1831
     - CVE-2011-1832
   * SECURITY UPDATE: race condition when checking source during mount
     (LP: #732628)
     - debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
       kernel option when mounting directory in
       src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1833
   * SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
     - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
       file first and make sure it succeeds before replacing the real mtab
       in src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1834
   * SECURITY UPDATE: key poisoning via insecure temp directory handling
     (LP: #732628)
     - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
       user controlled directory in src/utils/ecryptfs-setup-private.
     - CVE-2011-1835
   * SECURITY UPDATE: information disclosure via recovery mount in /tmp
     (LP: #732628)
     - debian/patches/CVE-2011-1836.patch: mount inside protected
       subdirectory in src/utils/ecryptfs-recover-private.
     - CVE-2011-1836
   * SECURITY UPDATE: arbitrary file overwrite via lock counter race
     condition (LP: #732628)
     - debian/patches/CVE-2011-1837.patch: verify permissions with a file
       descriptor, and don't follow symlinks in
       src/utils/mount.ecryptfs_private.c.
     - CVE-2011-1837
Checksums-Sha1: 
 d6f9666b73d1c80186b1cf0ff566e613177054ac 2130 ecryptfs-utils_87-0ubuntu1.1.dsc
 601404fc61cbfa65aeb10ce7db43ad81b7882f53 21120 ecryptfs-utils_87-0ubuntu1.1.debian.tar.gz
Checksums-Sha256: 
 e904066d62be5e75e021bc3c478619a23b7773f24dcfca040ea873aa8f8f056f 2130 ecryptfs-utils_87-0ubuntu1.1.dsc
 649bfb032082bd3ffaaa6970f55241d3eff1982f5f1261b91cd0a4f8e887e6e8 21120 ecryptfs-utils_87-0ubuntu1.1.debian.tar.gz
Files: 
 1fc12fbace9f2c8c50aa2c1e95e055cf 2130 misc optional ecryptfs-utils_87-0ubuntu1.1.dsc
 09f3beb962bbebb42bc2694f058f4b9f 21120 misc optional ecryptfs-utils_87-0ubuntu1.1.debian.tar.gz
Original-Maintainer: Daniel Baumann <daniel at debian.org>

More information about the Natty-changes mailing list