[ubuntu/precise-security] ecryptfs-utils 96-0ubuntu3.4 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Wed Mar 11 00:07:52 UTC 2015
ecryptfs-utils (96-0ubuntu3.4) precise-security; urgency=medium
* SECURITY UPDATE: Mount passphrase wrapped with a default salt value
- debian/patches/CVE-2014-9687.patch: Generate a random salt when wrapping
the mount passphrase. If a user has a mount passphrase that was wrapped
using the default salt, their mount passphrase will be rewrapped using a
random salt when they log in with their password.
- debian/patches/CVE-2014-9687.patch: Create a temporary file when
creating a new wrapped-passphrase file and copy it to its final
destination after the file has been fully synced to disk (LP: #1020902)
- debian/rules: Set the executable bit on the wrap-unwrap.sh and
v1-to-v2-wrapped-passphrase.sh test scripts that were created by
wrapping-passphrase-salt.patch
- CVE-2014-9687
Date: 2015-03-04 23:11:12.118229+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: =?utf-8?q?Dustin_Kirkland_=EE=83=BF?= <dustin.kirkland at gmail.com>
https://launchpad.net/ubuntu/+source/ecryptfs-utils/96-0ubuntu3.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list