Debian Bug report logs -
#780385
ecryptfs-utils: CVE-2014-9687
Reported by: Moritz Muehlenhoff <jmm@inutil.org>
Date: Fri, 13 Mar 2015 08:03:01 UTC
Severity: grave
Tags: security
Fixed in version ecryptfs-utils/103-4
Done: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Filesystems Group <filesystems-devel@lists.alioth.debian.org>
:
Bug#780385
; Package ecryptfs-utils
.
(Fri, 13 Mar 2015 08:03:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@inutil.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Filesystems Group <filesystems-devel@lists.alioth.debian.org>
.
(Fri, 13 Mar 2015 08:03:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: ecryptfs-utils
Severity: grave
Tags: security
Justification: user security hole
This has been assigned CVE-2014-9687:
http://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/revision/839
Cheers,
Moritz
Reply sent
to Laszlo Boszormenyi (GCS) <gcs@debian.org>
:
You have taken responsibility.
(Fri, 20 Mar 2015 21:51:10 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@inutil.org>
:
Bug acknowledged by developer.
(Fri, 20 Mar 2015 21:51:10 GMT) (full text, mbox, link).
Message #10 received at 780385-close@bugs.debian.org (full text, mbox, reply):
Source: ecryptfs-utils
Source-Version: 103-4
We believe that the bug you reported is fixed in the latest version of
ecryptfs-utils, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 780385@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <gcs@debian.org> (supplier of updated ecryptfs-utils package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 20 Mar 2015 21:08:39 +0000
Source: ecryptfs-utils
Binary: ecryptfs-utils ecryptfs-utils-dbg libecryptfs0 libecryptfs-dev python-ecryptfs
Architecture: source amd64
Version: 103-4
Distribution: unstable
Urgency: high
Maintainer: Filesystems Group <filesystems-devel@lists.alioth.debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Description:
ecryptfs-utils - ecryptfs cryptographic filesystem (utilities)
ecryptfs-utils-dbg - ecryptfs cryptographic filesystem (utilities; debug)
libecryptfs-dev - ecryptfs cryptographic filesystem (development)
libecryptfs0 - ecryptfs cryptographic filesystem (library)
python-ecryptfs - ecryptfs cryptographic filesystem (python)
Closes: 780385
Changes:
ecryptfs-utils (103-4) unstable; urgency=high
.
* Backport upstream fix for CVE-2014-9687 (closes: #780385).
Checksums-Sha1:
a335550904540445cfc937ebfc148ab8d36d465b 2327 ecryptfs-utils_103-4.dsc
53797af177ac0c564796e12712724dc43238f2a0 14692 ecryptfs-utils_103-4.debian.tar.xz
7b150ae0eb71863ee2b74438867c8c93a53c359e 98408 ecryptfs-utils_103-4_amd64.deb
fdf081ca9ca70e5bcf43a21d0a87888b5b4fa9af 260562 ecryptfs-utils-dbg_103-4_amd64.deb
780c228ae4a7f8e5c590ecd877c73bcedadf451d 40728 libecryptfs0_103-4_amd64.deb
761a53d18d4adc79ec730705fcf8690c7e1e07b1 48292 libecryptfs-dev_103-4_amd64.deb
8d6adc839b327cb7a46d618a70747fdbe6c1eda1 18798 python-ecryptfs_103-4_amd64.deb
Checksums-Sha256:
681c8715ccdcfe49561a83b4eee37043fc27f0c4a186c15e2b4d677a1c1163f8 2327 ecryptfs-utils_103-4.dsc
5fcded1f60391f0fa5ccc675097ab9a26e528949ead3820cf45085a5dda28121 14692 ecryptfs-utils_103-4.debian.tar.xz
e863d2bc77e2922b0601927a9c4850ec597735159d41dff1b879100ec0312fcb 98408 ecryptfs-utils_103-4_amd64.deb
37be415b4d1247d4020f4e7dd53b5a77d0ebd29e0fbcc7871b56ad5b36538c7c 260562 ecryptfs-utils-dbg_103-4_amd64.deb
ef59a9ba4ae463468d3bb895c96877c65e14bc114dacf35827f26a7bf9a6c9ce 40728 libecryptfs0_103-4_amd64.deb
8dcece9ba237af35b943cb448cf31c8ba8fd46f4a444b5830d647cdb48801d9c 48292 libecryptfs-dev_103-4_amd64.deb
c51eeb32ae78106bad8a570954b59c1adb393439ed1bbd07cc14900f6b64a00b 18798 python-ecryptfs_103-4_amd64.deb
Files:
f5e93a296e8e5d78dee8456d3c5b8252 2327 misc optional ecryptfs-utils_103-4.dsc
cf79e6f630ace7b58047409b67afebb8 14692 misc optional ecryptfs-utils_103-4.debian.tar.xz
4d2041f03f6a022613b4d85797dbd039 98408 misc optional ecryptfs-utils_103-4_amd64.deb
a7a09a573d0c9d4bddddabe9fa33660e 260562 debug extra ecryptfs-utils-dbg_103-4_amd64.deb
aaad95c53ff08e91874dceed6c660de3 40728 libs optional libecryptfs0_103-4_amd64.deb
51b8d82199a41ac3c5dd481fa84e81e1 48292 libdevel optional libecryptfs-dev_103-4_amd64.deb
d91d71c1961080bdf7caa331fd3e38b4 18798 python optional python-ecryptfs_103-4_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJVDJI0AAoJENzjEOeGTMi/7d8P/RQmOf4O06887S08/Toan3e3
lpYamhBBcyqpwg9a6h4LhJABH5ipJDBIZkDvoRS7+Tq+I1maCvOXSwDNu3W/t/sJ
ejtwW16fzF9rnLxzhuP4TgihqaR29H0wmLK+z6u4hTEyk7sndQt5tavENzM47xnu
c2Zsai64HInW21GeTF9gNvRVeRL0tLNi/YCHzt74HLuIQA+rv0+Gubf+L0GVnZRc
eGGkgYFU5jJyPK7OIZKwGPWnztH1LqnOOjXDQCYCZzYkLFXFNJDEatTDycvuaH5S
tNt/ZiX26KdZzZ8Ef3hy3KcoZpaCp5V+lsMxfjOAd+jQkYMeY3OflCGQ+R5zD4EW
wITKPEKGoZRQSmPNouJcosIor/RPslI78BnsN7tYe/u947u/PGs7htb4V6njUzQb
jr5VxCj6qB07OCnNwNHxtrhbNV/oxkHmU3okMGsf9GETuPaJTZuoex/RMDWfLada
2bNZJMSwI0fIZMyW6ab/4i4mxpOMSoTOwWlvCJb8dKvAceNVCwrjy0fCrBkYo/Ly
MrFYH9nSPocA7UtUpbyjzXPtZIKm14e4X3tXA0an9ra1UR29x5WjfFrg0G7WwL0B
UOpZvC78cKE6qc2KV+/9kNPF+oGgpiY45x9oFV9kVG4X44vUEHWmMsdG2vAzUxe1
tILGdP+pKcwigDHPFV4w
=69zF
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Sun, 24 May 2015 08:06:12 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 16:58:40 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.