-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 04 Jan 2012 22:01:03 +0000 Source: ecryptfs-utils Binary: ecryptfs-utils ecryptfs-utils-dbg libecryptfs0 libecryptfs-dev Architecture: s390 Version: 83-4+squeeze1 Distribution: squeeze-security Urgency: low Maintainer: s390/s390x Build Daemon (zandonai) Changed-By: Jonathan Wiltshire Description: ecryptfs-utils - ecryptfs cryptographic filesystem (utilities) ecryptfs-utils-dbg - ecryptfs cryptographic filesystem (utilities; debug) libecryptfs-dev - ecryptfs cryptographic filesystem (development) libecryptfs0 - ecryptfs cryptographic filesystem (library) Changes: ecryptfs-utils (83-4+squeeze1) stable-security; urgency=low . * Non-maintainer upload by the security team. * Various security fixes: - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint before checking permissions in src/utils/mount.ecryptfs_private.c. (CVE-2011-1831, CVE-2011-1832) - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp file first and make sure it succeeds before replacing the real mtab in src/utils/mount.ecryptfs_private.c. (CVE-2011-1834) - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a user controlled directory in src/utils/ecryptfs-setup-private. (CVE-2011-1835) - debian/patches/CVE-2011-1837.patch: verify permissions with a file descriptor, and don't follow symlinks in src/utils/mount.ecryptfs_private.c. (CVE-2011-1837) - debian/patches/CVE-2011-3145.patch: also set gid and umask before updating mtab in src/utils/mount.ecryptfs_private.c. (CVE-2011-3145) Checksums-Sha1: 384cfcb387e972aea568c22ecba4a8e6f3f1eb35 106380 ecryptfs-utils_83-4+squeeze1_s390.deb fe158b1bbfbef59565009e6ee7aa8a52b2065ede 157710 ecryptfs-utils-dbg_83-4+squeeze1_s390.deb 729bbc17d54bfed5ea852797fdd89e08218cb4d6 70922 libecryptfs0_83-4+squeeze1_s390.deb d245bed070340a0102b384d710e0d2b07e9708c8 60440 libecryptfs-dev_83-4+squeeze1_s390.deb Checksums-Sha256: 4cd5255cc57240a528b7ca0c0f5cb9caaacc2ad63e989128463c37903c931202 106380 ecryptfs-utils_83-4+squeeze1_s390.deb e41d2a20cb3b9c5ff69998bd83ad76e225388bf628ea7f51c557233ae96cb9e2 157710 ecryptfs-utils-dbg_83-4+squeeze1_s390.deb c042e932f7acab7d936cd45705a573602fa08e1bed50a8bf920a92e7259b82d3 70922 libecryptfs0_83-4+squeeze1_s390.deb 92a2d71995e8828b6b765bcbd7503aeee066129f0dfb195254c20f185bca8a25 60440 libecryptfs-dev_83-4+squeeze1_s390.deb Files: 791ddd4a8722ad26f5ff1fe31405b0fa 106380 misc optional ecryptfs-utils_83-4+squeeze1_s390.deb 4e94247ff5624a6396c4e501d7d8c0f9 157710 debug extra ecryptfs-utils-dbg_83-4+squeeze1_s390.deb 90b110909931a4dc98c6cabaffb31915 70922 libs optional libecryptfs0_83-4+squeeze1_s390.deb afe0e9c3bed40bb8e3349359e881bc6a 60440 libdevel optional libecryptfs-dev_83-4+squeeze1_s390.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBCAAGBQJPCEO6AAoJELWkVFx3JxH32hIP/03i2kRx1qiGDd6GPaA2ye74 sh/2XgMl6eq5ZoiLsuOgjnDNj7o9zr7epxHklyw5uBzZ9Ug4PqfRW9bLjsZAUt3I cYQbzpt11m67JULnLOllCjZ+t1JlttcCzg/2Y8BOgrryw32z5GUFxX3+YtlNS5rv 14SbIeIhDfPuQ/aQMnCEndzbFEaaRpq1cejmm9S59/E6W4NxLpiy7uT3WNyR3fv1 rmbJhhWQw2V9Oy2BhPP1H78CT8taPEqsacsW20gB5ncpcd/QGi6izT7Xu3PAuCTB EkPctVftoQvEd9H08Z2XwGvRlsiudaazipD2NhEHtpQKemgg5u4yPuy40ffpCUaa wpEJ6FuS+H+XbiVqLNOGuW4rRE/roQNsuKY4WOVVTUpP0HOl0jzcCV6ctAp4A4aP vvYVUwS4M0K316OejjTTBebiJRos5Elv1Te+9qSfI4XYWvNrpLYJ2mcJZsYeNhf0 jfu3ACgvY4H+kpU+yOIFXIXy7a3U8gAL7Om9FZmLU6YNsRM8hhaV6/D1KWPNO5cv LZ3Yptc9FKjfBxNL/SZZF3QNDAs58WhPHMzwb0slskOwJOTeXOHCaKddPxA4EclN cVv4VS4RXdOBKgH8UJ/DOTDMaL4tk+YuFnMhhN6SfDCACepTZHOwTfXhdDIAvShv oWmJ8fsPvYWfj726b280 =5ur/ -----END PGP SIGNATURE-----