Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/lucid-security/ecryptfs-utils
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

68. By Tyler Hicks

* SECURITY UPDATE: Mount passphrase wrapped with a default salt value
  - src/libecryptfs/key_management.c, src/include/ecryptfs.h: Generate a
    random salt when wrapping the mount passphrase.
  - src/pam_ecryptfs/pam_ecryptfs.c: If a user has a mount passphrase that was
    wrapped using the default salt, their mount passphrase will be rewrapped
    using a random salt when they log in with their password.
  - src/libecryptfs/key_management.c: Create a temporary file when creating
    a new wrapped-passphrase file and copy it to its final destination after
    the file has been fully synced to disk (LP: #1020902)
  - CVE-2014-9687

67. By Marc Deslauriers

* SECURITY UPDATE: wrong mtab ownership and permissions (LP: #830850)
  - src/utils/mount.ecryptfs_private.c: also set gid and umask before
    updating mtab.
  - CVE-2011-3145

66. By Marc Deslauriers

* SECURITY UPDATE: privilege escalation via mountpoint race conditions
  (LP: #732628)
  - src/utils/mount.ecryptfs_private.c: chdir into mountpoint before
    checking permissions. Patch thanks to Dan Rosenberg.
  - CVE-2011-1831
  - CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
  (LP: #732628)
  - src/utils/mount.ecryptfs_private.c: use new ecryptfs_check_dev_ruid
    kernel option when mounting directory.
  - CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
  - src/utils/mount.ecryptfs_private.c: modify mtab via a temp file first
    and make sure it succeeds before replacing the real mtab. Patch
    thanks to Dan Rosenberg.
  - CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
  (LP: #732628)
  - src/utils/ecryptfs-setup-private: make sure we don't copy into a
    user controlled directory.
  - CVE-2011-1835
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
  condition (LP: #732628)
  - src/utils/mount.ecryptfs_private.c: verify permissions with a file
    descriptor, and don't follow symlinks.
  - CVE-2011-1837

65. By Dustin Kirkland 

src/desktop/ecryptfs-record-passphrase: fix typo, LP: #524139

64. By Dustin Kirkland 

debian/rules, debian/control: disable the gpg key module,
as it's not yet functional; does more harm than good to build it;
should not be in 10.04 LTS; clean up build-deps; also, not using
opencryptoki either; unbreak the build for 32-bit Lucid

63. By Dustin Kirkland 

[ David Planella ]
* Makefile.am, configure.ac, debian/control, debian/po/POTFILES.sh,
  debian/po/ecryptfs-utils.pot, debian/po/fr.po, debian/rules,
  po/POTFILES.in, src/desktop/Makefile.am,
  - internationalization work for LP: #358283
* po/LINGUAS, po/ca.po: Catalan translation

[ Yan Li <email address hidden> ]
* src/pam_ecryptfs/pam_ecryptfs.c, src/utils/Makefile.am,
  src/utils/ecryptfs-migrate-home: add a script and pam hooks to
  support automatic migration to encrypted home directory

[ Dustin Kirkland ]
* src/utils/ecryptfs-migrate-home: clean up for merge
  - use $() rather than ``
  - drop set -u
  - use = and !=, and quote vars, rather than testing with -ne, -eq,
    for better shell portability
  - improve usage statement and error text
  - check if already encrypted
  - handle migration of multiple users on boot
  - fix all whitespace, use tabs for indents
  - use quotes around variables, rather than ${} (stylistic preference)
  - major simplification for immediate release
    + remove boot and user modes; only support administrator mode for
      security reasons and to avoid race conditions
    + other modes can be re-added, if necessary, and if security
      concerns can be addressed
  - ensure running as root
  - drop VERBOSE option, always print useful info messages
  - call the user $USER_NAME rather than $USER_ID since id implies
    number, and here we're deailing with names
  - no decimals on awk calculation
  - mktemp on the target user, not root
  - check that there is enough disk space available to do the migration
  - ensure the user's homedir group is correct
  - add critical instructions, user *must* login after the migration and
    before the reboot, as their wrapped passphrase will be cleared on
    reboot (possible we should use an init script to move these to
    /var/tmp on reboot)
  - ensure permissions are set correctly
  - improve text at the end of the migration, organize into notes
* ecryptfs-utils.ecryptfs-utils-restore.upstart,
  ecryptfs-utils.ecryptfs-utils-save.upstart, rules:
  - try to protect migrating users who don't login before the next reboot
* debian/ecryptfs-utils.install: install the locale messages
* src/desktop/ecryptfs-record-passphrase: improve dialog text
* src/desktop/ecryptfs-record-passphrase: revert the _ bit, as it's not quite
  working yet, will need to talk to David to fix
* Mark LP: #471725 as fixed

62. By Dustin Kirkland 

debian/rules: fix FTBFS, CFLAGS needed for libgcrypt11-dev linking

61. By Dustin Kirkland 

Merging upstream release

60. By Dustin Kirkland 

* src/utils/ecryptfs-setup-private, debian/control: LP: #456565
  - fix typo, s/getext/gettext
  - depend on gettext-base

59. By Dustin Kirkland 

src/utils/ecryptfs-setup-private: fix bug where setup-private
incorrectly assumed that the home/private dir ownerships should
be owned by USER:USER; instead, default to USER:GROUP, where
GROUP is the USER's primary group by default, cherry-pick upstream
r463, LP: #445301

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.