-
ecryptfs-utils (83-0ubuntu3.2.10.10.3) maverick-proposed; urgency=low
* src/libecryptfs/key_management.c: LP: #725862
- fix nasty bug affecting users who do *not* encrypt filenames;
the first login works, but on logout, only one key gets
cleaned out; subsequent logins do not insert the necessary key
due to an early "goto out"
-- Dustin Kirkland <email address hidden> Fri, 02 Sep 2011 17:46:45 -0500
-
ecryptfs-utils (83-0ubuntu3.2.10.10.2) maverick-security; urgency=low
* SECURITY UPDATE: wrong mtab ownership and permissions (LP: #830850)
- src/utils/mount.ecryptfs_private.c: also set gid and umask before
updating mtab.
- CVE-2011-3145
-- Marc Deslauriers <email address hidden> Mon, 22 Aug 2011 15:41:50 -0400
-
ecryptfs-utils (83-0ubuntu3.2.10.10.1) maverick-security; urgency=low
* SECURITY UPDATE: privilege escalation via mountpoint race conditions
(LP: #732628)
- src/utils/mount.ecryptfs_private.c: chdir into mountpoint before
checking permissions. Patch thanks to Dan Rosenberg.
- CVE-2011-1831
- CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
(LP: #732628)
- src/utils/mount.ecryptfs_private.c: use new ecryptfs_check_dev_ruid
kernel option when mounting directory.
- CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
- src/utils/mount.ecryptfs_private.c: modify mtab via a temp file first
and make sure it succeeds before replacing the real mtab. Patch
thanks to Dan Rosenberg.
- CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
(LP: #732628)
- src/utils/ecryptfs-setup-private: make sure we don't copy into a
user controlled directory.
- CVE-2011-1835
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
condition (LP: #732628)
- src/utils/mount.ecryptfs_private.c: verify permissions with a file
descriptor, and don't follow symlinks.
- CVE-2011-1837
-- Marc Deslauriers <email address hidden> Thu, 04 Aug 2011 10:41:53 -0400
-
ecryptfs-utils (83-0ubuntu3.1maverick) maverick-proposed; urgency=low
* Cherry pick upstream bzr commit r520
* src/utils/mount.ecryptfs_private.c:
- fix bug LP: #313812, clear used keys on unmount
- add ecryptfs_unlink_sigs to the mount opts, so that unmounts from
umount.ecryptfs behave similarly
- use ecryptfs_remove_auth_tok_from_keyring() on the sig and sig_fnek
-- Dustin Kirkland <email address hidden> Fri, 11 Feb 2011 17:21:59 -0600
-
ecryptfs-utils (83-0ubuntu3) lucid; urgency=low
* src/desktop/ecryptfs-record-passphrase: fix typo, LP: #524139
-- Dustin Kirkland <email address hidden> Thu, 18 Feb 2010 18:07:48 -0600