Branches for Lenny

Name Status Last Modified Last Commit
lp:debian/lenny/ecryptfs-utils 2 Mature 2012-01-06 20:36:51 UTC 2012-01-06
12. * Non-maintainer upload by the securi...

Author: Jonathan Wiltshire
Revision Date: 2012-01-06 20:36:51 UTC

* Non-maintainer upload by the security team.
* Various security fixes in src/utils/mount.ecryptfs_private.c:
  - chdir into mountpoint before checking permissions in (CVE-2011-1831,
  - modify mtab via a temp file first and make sure it succeeds before
    replacing the real mtab (CVE-2011-1834)
  - make sure we don't copy into a user controlled directory (CVE-2011-1835)
  - also set gid and umask before updating mtab (CVE-2011-3145)

11 of 1 result