lp:~flameeyes/ecryptfs/devel
- Get this branch:
- bzr branch lp:~flameeyes/ecryptfs/devel
Branch merges
- eCryptfs: Pending requested
-
Diff: 26 lines (+6/-10)1 file modifiedconfigure.ac (+6/-10)
Related bugs
Bug #837762: Reliance on nss-config hinders cross-compilation | Medium | Fix Released |
Related blueprints
Branch information
Recent revisions
- 557. By Diego Elio Pettenò
-
build: use pkg-config to identify presence of NSS.
The nss-config script is not cross-compile aware, but pkg-config is (or can
be made so). Instead of calling directly the former, use the latter.This also allows for the flags and libs variables to be overridden by the
user at ./configure time, like any other important variable, and decouples
from nspr dependency, as nss pkg-config file already imports that. - 554. By Dustin Kirkland
-
* SECURITY UPDATE: privilege escalation via mountpoint race conditions
(LP: #732628)
- debian/patches/ CVE-2011- 1831,1832, 1834.patch: chdir into mountpoint
before checking permissions in src/utils/mount.ecryptfs_ private. c.
- CVE-2011-1831
- CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
(LP: #732628)
- debian/patches/ CVE-2011- 1833.patch: use new ecryptfs_ check_dev_ ruid
kernel option when mounting directory in
src/utils/mount. ecryptfs_ private. c.
- CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
- debian/patches/ CVE-2011- 1831,1832, 1834.patch: modify mtab via a temp
file first and make sure it succeeds before replacing the real mtab
in src/utils/mount.ecryptfs_ private. c.
- CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
(LP: #732628)
- debian/patches/ CVE-2011- 1835.patch: make sure we don't copy into a
user controlled directory in src/utils/ecryptfs- setup-private.
- CVE-2011-1835
* SECURITY UPDATE: information disclosure via recovery mount in /tmp
(LP: #732628)
- debian/patches/ CVE-2011- 1836.patch: mount inside protected
subdirectory in src/utils/ecryptfs- recover- private.
- CVE-2011-1836
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
condition (LP: #732628)
- debian/patches/ CVE-2011- 1837.patch: verify permissions with a file
descriptor, and don't follow symlinks in
src/utils/mount. ecryptfs_ private. c.
- CVE-2011-1837
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar pack repository format 1 with rich root (needs bzr 1.0)