Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ecryptfs-utils: CVE-2014-9687

Related Vulnerabilities: CVE-2014-9687  

Source

Debian Bug report logs - #780385
ecryptfs-utils: CVE-2014-9687

version graph

Package: ecryptfs-utils; Maintainer for ecryptfs-utils is Laszlo Boszormenyi (GCS) <gcs@debian.org>; Source for ecryptfs-utils is src:ecryptfs-utils (PTS, buildd, popcon).

Reported by: Moritz Muehlenhoff <jmm@inutil.org>

Date: Fri, 13 Mar 2015 08:03:01 UTC

Severity: grave

Tags: security

Fixed in version ecryptfs-utils/103-4

Done: Laszlo Boszormenyi (GCS) <gcs@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Filesystems Group <filesystems-devel@lists.alioth.debian.org>:
Bug#780385; Package ecryptfs-utils. (Fri, 13 Mar 2015 08:03:06 GMT) (full text, mbox, link).

Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Filesystems Group <filesystems-devel@lists.alioth.debian.org>. (Fri, 13 Mar 2015 08:03:06 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@inutil.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: ecryptfs-utils: CVE-2014-9687
Date: Fri, 13 Mar 2015 08:56:21 +0100
Package: ecryptfs-utils
Severity: grave
Tags: security
Justification: user security hole

This has been assigned CVE-2014-9687:
http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/839

Cheers,
        Moritz

Reply sent to Laszlo Boszormenyi (GCS) <gcs@debian.org>:
You have taken responsibility. (Fri, 20 Mar 2015 21:51:10 GMT) (full text, mbox, link).

Notification sent to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer. (Fri, 20 Mar 2015 21:51:10 GMT) (full text, mbox, link).

Message #10 received at 780385-close@bugs.debian.org (full text, mbox, reply):

From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
To: 780385-close@bugs.debian.org
Subject: Bug#780385: fixed in ecryptfs-utils 103-4
Date: Fri, 20 Mar 2015 21:48:48 +0000
Source: ecryptfs-utils
Source-Version: 103-4

We believe that the bug you reported is fixed in the latest version of
ecryptfs-utils, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 780385@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <gcs@debian.org> (supplier of updated ecryptfs-utils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 20 Mar 2015 21:08:39 +0000
Source: ecryptfs-utils
Binary: ecryptfs-utils ecryptfs-utils-dbg libecryptfs0 libecryptfs-dev python-ecryptfs
Architecture: source amd64
Version: 103-4
Distribution: unstable
Urgency: high
Maintainer: Filesystems Group <filesystems-devel@lists.alioth.debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
 ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)
 ecryptfs-utils-dbg - ecryptfs cryptographic filesystem (utilities; debug)
 libecryptfs-dev - ecryptfs cryptographic filesystem (development)
 libecryptfs0 - ecryptfs cryptographic filesystem (library)
 python-ecryptfs - ecryptfs cryptographic filesystem (python)
Closes: 780385
Changes:
 ecryptfs-utils (103-4) unstable; urgency=high
 .
   * Backport upstream fix for CVE-2014-9687 (closes: #780385).
Checksums-Sha1:
 a335550904540445cfc937ebfc148ab8d36d465b 2327 ecryptfs-utils_103-4.dsc
 53797af177ac0c564796e12712724dc43238f2a0 14692 ecryptfs-utils_103-4.debian.tar.xz
 7b150ae0eb71863ee2b74438867c8c93a53c359e 98408 ecryptfs-utils_103-4_amd64.deb
 fdf081ca9ca70e5bcf43a21d0a87888b5b4fa9af 260562 ecryptfs-utils-dbg_103-4_amd64.deb
 780c228ae4a7f8e5c590ecd877c73bcedadf451d 40728 libecryptfs0_103-4_amd64.deb
 761a53d18d4adc79ec730705fcf8690c7e1e07b1 48292 libecryptfs-dev_103-4_amd64.deb
 8d6adc839b327cb7a46d618a70747fdbe6c1eda1 18798 python-ecryptfs_103-4_amd64.deb
Checksums-Sha256:
 681c8715ccdcfe49561a83b4eee37043fc27f0c4a186c15e2b4d677a1c1163f8 2327 ecryptfs-utils_103-4.dsc
 5fcded1f60391f0fa5ccc675097ab9a26e528949ead3820cf45085a5dda28121 14692 ecryptfs-utils_103-4.debian.tar.xz
 e863d2bc77e2922b0601927a9c4850ec597735159d41dff1b879100ec0312fcb 98408 ecryptfs-utils_103-4_amd64.deb
 37be415b4d1247d4020f4e7dd53b5a77d0ebd29e0fbcc7871b56ad5b36538c7c 260562 ecryptfs-utils-dbg_103-4_amd64.deb
 ef59a9ba4ae463468d3bb895c96877c65e14bc114dacf35827f26a7bf9a6c9ce 40728 libecryptfs0_103-4_amd64.deb
 8dcece9ba237af35b943cb448cf31c8ba8fd46f4a444b5830d647cdb48801d9c 48292 libecryptfs-dev_103-4_amd64.deb
 c51eeb32ae78106bad8a570954b59c1adb393439ed1bbd07cc14900f6b64a00b 18798 python-ecryptfs_103-4_amd64.deb
Files:
 f5e93a296e8e5d78dee8456d3c5b8252 2327 misc optional ecryptfs-utils_103-4.dsc
 cf79e6f630ace7b58047409b67afebb8 14692 misc optional ecryptfs-utils_103-4.debian.tar.xz
 4d2041f03f6a022613b4d85797dbd039 98408 misc optional ecryptfs-utils_103-4_amd64.deb
 a7a09a573d0c9d4bddddabe9fa33660e 260562 debug extra ecryptfs-utils-dbg_103-4_amd64.deb
 aaad95c53ff08e91874dceed6c660de3 40728 libs optional libecryptfs0_103-4_amd64.deb
 51b8d82199a41ac3c5dd481fa84e81e1 48292 libdevel optional libecryptfs-dev_103-4_amd64.deb
 d91d71c1961080bdf7caa331fd3e38b4 18798 python optional python-ecryptfs_103-4_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJVDJI0AAoJENzjEOeGTMi/7d8P/RQmOf4O06887S08/Toan3e3
lpYamhBBcyqpwg9a6h4LhJABH5ipJDBIZkDvoRS7+Tq+I1maCvOXSwDNu3W/t/sJ
ejtwW16fzF9rnLxzhuP4TgihqaR29H0wmLK+z6u4hTEyk7sndQt5tavENzM47xnu
c2Zsai64HInW21GeTF9gNvRVeRL0tLNi/YCHzt74HLuIQA+rv0+Gubf+L0GVnZRc
eGGkgYFU5jJyPK7OIZKwGPWnztH1LqnOOjXDQCYCZzYkLFXFNJDEatTDycvuaH5S
tNt/ZiX26KdZzZ8Ef3hy3KcoZpaCp5V+lsMxfjOAd+jQkYMeY3OflCGQ+R5zD4EW
wITKPEKGoZRQSmPNouJcosIor/RPslI78BnsN7tYe/u947u/PGs7htb4V6njUzQb
jr5VxCj6qB07OCnNwNHxtrhbNV/oxkHmU3okMGsf9GETuPaJTZuoex/RMDWfLada
2bNZJMSwI0fIZMyW6ab/4i4mxpOMSoTOwWlvCJb8dKvAceNVCwrjy0fCrBkYo/Ly
MrFYH9nSPocA7UtUpbyjzXPtZIKm14e4X3tXA0an9ra1UR29x5WjfFrg0G7WwL0B
UOpZvC78cKE6qc2KV+/9kNPF+oGgpiY45x9oFV9kVG4X44vUEHWmMsdG2vAzUxe1
tILGdP+pKcwigDHPFV4w
=69zF
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 24 May 2015 08:06:12 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 16:58:40 2019; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started