-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 04 Jan 2012 22:01:03 +0000 Source: ecryptfs-utils Binary: ecryptfs-utils ecryptfs-utils-dbg libecryptfs0 libecryptfs-dev Architecture: armel Version: 83-4+squeeze1 Distribution: squeeze-security Urgency: low Maintainer: armel Build Daemon (antheil) Changed-By: Jonathan Wiltshire Description: ecryptfs-utils - ecryptfs cryptographic filesystem (utilities) ecryptfs-utils-dbg - ecryptfs cryptographic filesystem (utilities; debug) libecryptfs-dev - ecryptfs cryptographic filesystem (development) libecryptfs0 - ecryptfs cryptographic filesystem (library) Changes: ecryptfs-utils (83-4+squeeze1) stable-security; urgency=low . * Non-maintainer upload by the security team. * Various security fixes: - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint before checking permissions in src/utils/mount.ecryptfs_private.c. (CVE-2011-1831, CVE-2011-1832) - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp file first and make sure it succeeds before replacing the real mtab in src/utils/mount.ecryptfs_private.c. (CVE-2011-1834) - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a user controlled directory in src/utils/ecryptfs-setup-private. (CVE-2011-1835) - debian/patches/CVE-2011-1837.patch: verify permissions with a file descriptor, and don't follow symlinks in src/utils/mount.ecryptfs_private.c. (CVE-2011-1837) - debian/patches/CVE-2011-3145.patch: also set gid and umask before updating mtab in src/utils/mount.ecryptfs_private.c. (CVE-2011-3145) Checksums-Sha1: cbf4a1b76bda362b28c32a657aea71dde6722868 100746 ecryptfs-utils_83-4+squeeze1_armel.deb 1a52d05b8de5b87e39ab6fd600374b9a5668e8e4 160900 ecryptfs-utils-dbg_83-4+squeeze1_armel.deb 6dae9b865b08be8fc673199189e37fb76959a9f3 64294 libecryptfs0_83-4+squeeze1_armel.deb bddac007210403f65e917cea1a9912a948011579 56256 libecryptfs-dev_83-4+squeeze1_armel.deb Checksums-Sha256: ba32f047ef7f682401ad5af18be6e95cb32b2c7af22ca7d970f4c150dd60f182 100746 ecryptfs-utils_83-4+squeeze1_armel.deb 176f2adc03ece4fa3cc10cd1ef328a67c2de4f870d8a0055891ff6cd7b0179fd 160900 ecryptfs-utils-dbg_83-4+squeeze1_armel.deb 37e154638a615778b85c4fcd557996f6c58440b789c26018e2d2726029991888 64294 libecryptfs0_83-4+squeeze1_armel.deb 83bbd91690f19c86d4c36864e7b3740e784719160ca2658b1f263063784f677c 56256 libecryptfs-dev_83-4+squeeze1_armel.deb Files: 24bc08bb09b4e22694106ea13f1edc45 100746 misc optional ecryptfs-utils_83-4+squeeze1_armel.deb f4d4be5b051fed7ba4a9615063cda1f3 160900 debug extra ecryptfs-utils-dbg_83-4+squeeze1_armel.deb 93f155a0b6320e36ad652caf1870d7b6 64294 libs optional libecryptfs0_83-4+squeeze1_armel.deb 76e8cdf015bef26c2bb6935e4982496c 56256 libdevel optional libecryptfs-dev_83-4+squeeze1_armel.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPCEh7AAoJENw5e+lerrJ2pMsP/iqXM1T50xCVK2OhF0zz2z6c MR3aOchTEwMN7bF1y2KkA0EYzW7OGf9lgt0sCW61F0c0sUWQ4pSqvttcibBMixNR nWElU9XrylJnJco2gbttGIU90FZ/GRCY1fhKx0ga2a0A39Hx+y/at1XiWQyExZ0G g/hPgY4LD+KHOag3BmKyATfFKQ1a3MSX6mR37veK66yQzr4rye4df3qzdjN5A4Se n7py4Llbwci1ZRRgprevN1inB9KTxl+XvO6S5stKZ42UAWQz/xE2o1ZmT+SatXs2 Uy+qhG1IwxnoYZfqkrmmGJaYCxcNWWwm96EQlzJVMpBia1qFwGXQ2i5/nW8LAHFr zc3PF0o/rh74QMzFqWWOI0AhX6RUfKsSwGLnmkEJBuyG4Fj1mQTMCCZ7BYg+lEMv b4Myxd2VPdZrOLKjxuwCMbde8VDJDo7ZggUSegTh+pIwmFZEp5yG1AYl59PlYir4 +s9331yoM49BSpxqyE2/1UVP2xTAu1zcGsL85++ZsTtgSFuZe6K9vqn+n/B5T4Pr iYi3xJDd1bjeiBg6jEliJ9TDm65VMi9PPy+OwGuNXbFQPfGSvqquU48YVUOQSGSr ty/Jzfb2sDptJ7xhayKSVWNFxDtEcWKYkNF6sWv0PEPWt2u+690PsDd2UH4/s6Uq /WtWmbTu3FxRs9ATF/dl =+Nv2 -----END PGP SIGNATURE-----