drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in ecryptfs-utils
Name: |
Mehrere Probleme in ecryptfs-utils |
|
ID: |
FEDORA-2011-10671 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 16 |
|
Datum: |
Mi, 7. September 2011, 08:37 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1832
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1831
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1835 |
|
Applikationen: |
eCryptfs |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2011-10671 2011-08-12 04:18:23 ------------------------------------------------------------------------------- -
Name : ecryptfs-utils Product : Fedora 16 Version : 90 Release : 1.fc16 URL : https://launchpad.net/ecryptfs Summary : The eCryptfs mount helper and support libraries Description : eCryptfs is a stacked cryptographic filesystem that ships in Linux kernel versions 2.6.19 and above. This package provides the mount helper and supporting libraries to perform key management and mount functions.
Install ecryptfs-utils if you would like to mount eCryptfs.
------------------------------------------------------------------------------- - Update Information:
- privilege escalation via mountpoint race conditions (CVE-2011-1831, CVE-2011-1832) - race condition when checking source during mount (CVE-2011-1833) - mtab corruption via improper handling (CVE-2011-1834) - key poisoning via insecure temp directory handling (CVE-2011-1835) - information disclosure via recovery mount in /tmp (CVE-2011-1836) - arbitrary file overwrite via lock counter race (CVE-2011-1837)
- improve logging messages of ecryptfs pam module - keep own copy of passphrase, pam clears it too early - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - improve logging messages of ecryptfs pam module - keep own copy of passphrase, pam clears it too early - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - improve logging messages of ecryptfs pam module - keep own copy of passphrase, pam clears it too early - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - keyring from auth stack does not survive, use pam_data and delayed keyring initialization - keyring from auth stack does not survive, use pam_data and delayed keyring initialization ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #729465 - CVE-2011-1831 CVE-2011-1832 CVE-2011-1834 CVE-2011-1835 CVE-2011-1837 ecryptfs: multiple flaws to mount/umount arbitrary locations and possibly disclose confidential information https://bugzilla.redhat.com/show_bug.cgi?id=729465 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update ecryptfs-utils' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|