Author: Laszlo Boszormenyi
Revision Date: 2015-06-15 15:50:05 UTC

* New upstream release.
* Transition from libecryptfs0 to libecryptfs1 .
* Remove unused libgcrypt11-dev build dependency (closes: #764927).
* Remove bashism from the postinst of ecryptfs-utils .
* Add watch file.
* Put myself as the primary maintainer.
* Update Standards-Version to 3.9.6 .

[ Dustin Kirkland and Martin Pitt ]
* debian/ecryptfs-utils.postinst: LP: #953875
  - detect and clean up after nonexisting cryptswap devices

[ Fernando Seiti Furusato <ferseiti@br.ibm.com> ]
* Use autoreconf instead of autotools-dev (closes: #751989).

Author: Laszlo Boszormenyi
Revision Date: 2015-06-15 15:50:05 UTC

* New upstream release.
* Transition from libecryptfs0 to libecryptfs1 .
* Remove unused libgcrypt11-dev build dependency (closes: #764927).
* Remove bashism from the postinst of ecryptfs-utils .
* Add watch file.
* Put myself as the primary maintainer.
* Update Standards-Version to 3.9.6 .

[ Dustin Kirkland and Martin Pitt ]
* debian/ecryptfs-utils.postinst: LP: #953875
  - detect and clean up after nonexisting cryptswap devices

[ Fernando Seiti Furusato <ferseiti@br.ibm.com> ]
* Use autoreconf instead of autotools-dev (closes: #751989).

Author: Laszlo Boszormenyi
Revision Date: 2015-03-28 06:16:10 UTC

Backport fix for upstream mistake in CVE-2014-9687.

Author: Daniel Baumann
Revision Date: 2012-07-20 15:31:43 UTC

* Merging upstream version 99:
  - force the MS_NOSUID mount flag in mount.ecryptfs_private to protect
    against user controlled lower filesystems, such as an auto mounted
    USB drive, that may contain a setuid-root binary, CVE-2012-3409
    (Closes: #682220)

Author: Jonathan Wiltshire
Revision Date: 2012-01-06 20:36:51 UTC

* Non-maintainer upload by the security team.
* Various security fixes in src/utils/mount.ecryptfs_private.c:
  - chdir into mountpoint before checking permissions in (CVE-2011-1831,
    CVE-2011-1832)
  - modify mtab via a temp file first and make sure it succeeds before
    replacing the real mtab (CVE-2011-1834)
  - make sure we don't copy into a user controlled directory (CVE-2011-1835)
  - also set gid and umask before updating mtab (CVE-2011-3145)

Author: Jonathan Wiltshire
Revision Date: 2012-01-04 22:01:03 UTC

* Non-maintainer upload by the security team.
* Various security fixes:
  - debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
    before checking permissions in src/utils/mount.ecryptfs_private.c.
    (CVE-2011-1831, CVE-2011-1832)
  - debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
    file first and make sure it succeeds before replacing the real mtab
    in src/utils/mount.ecryptfs_private.c. (CVE-2011-1834)
  - debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
    user controlled directory in src/utils/ecryptfs-setup-private.
    (CVE-2011-1835)
  - debian/patches/CVE-2011-1837.patch: verify permissions with a file
    descriptor, and don't follow symlinks in
    src/utils/mount.ecryptfs_private.c. (CVE-2011-1837)
  - debian/patches/CVE-2011-3145.patch: also set gid and umask before
    updating mtab in src/utils/mount.ecryptfs_private.c. (CVE-2011-3145)

Author: Daniel Baumann
Revision Date: 2011-01-06 13:45:10 UTC

* Splitting out python module (Closes: #608597).
* Adding patch to update pam conffile location in documentation for
  debian (Closes: #525159).
* Updating year in copyright file.