[ubuntu/trusty-updates] ecryptfs-utils 104-0ubuntu1.14.04.3 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Mar 11 00:58:17 UTC 2015


ecryptfs-utils (104-0ubuntu1.14.04.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Mount passphrase wrapped with a default salt value
    - debian/patches/CVE-2014-9687.patch: Generate a random salt when wrapping
      the mount passphrase. If a user has a mount passphrase that was wrapped
      using the default salt, their mount passphrase will be rewrapped using a
      random salt when they log in with their password.
    - debian/patches/CVE-2014-9687.patch: Create a temporary file when
      creating a new wrapped-passphrase file and copy it to its final
      destination after the file has been fully synced to disk (LP: #1020902)
    - debian/rules: Set the executable bit on the
      v1-to-v2-wrapped-passphrase.sh test script that was created by
      wrapping-passphrase-salt.patch
    - CVE-2014-9687

Date: 2015-03-04 23:11:14.625326+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: =?utf-8?q?Dustin_Kirkland_=EE=83=BF?= <dustin.kirkland at gmail.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/ecryptfs-utils/104-0ubuntu1.14.04.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list