This bug was fixed in the package ecryptfs-utils - 53-1ubuntu11
---------------
ecryptfs-utils (53-1ubuntu11) intrepid; urgency=low
* debian/patches/55_check_password_and_remove_from_proc.dpatch:
Fix ecryptfs-add-passphrase and ecryptfs-wrap-passphrase to take
passphrases on standard, to protect from disclosure on the process
table; fix callers in ecryptfs-setup-private (LP: #287908).
Validate that the user password is correct with unix_chkpwd (LP: #287906).
* debian/patches/00list: updated accordingly
-- Dustin Kirkland <[EMAIL PROTECTED]> Thu, 23 Oct 2008 12:53:30
-0500
** Changed in: ecryptfs-utils (Ubuntu Intrepid)
Status: Fix Committed => Fix Released
--
ecryptfs-setup-private potentially exposes passwords in the process table
https://bugs.launchpad.net/bugs/287908
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
