I am noticing on my other Desktop Ubuntu 11.04 drive which I booted to
submit this report, The Update Manager has Important security updates:
ecryptfs cryptografic filesystem (utilities) ecryptfs-utils (Size: 102
KB)
ecryptfs cryptografic filesystem (library) libecryptfs0 (Size: 65 KB)
--------------------------------------------
It looks like this could possibly be the cause since it was recently Updated.
--------------------------------------------
Changes Listed on update:
Changes for the versions:
87-0ubuntu1
87-0ubuntu1.1
Version 87-0ubuntu1.1:
* SECURITY UPDATE: privilege escalation via mountpoint race conditions
(LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
before checking permissions in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1831
- CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
(LP: #732628)
- debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
kernel option when mounting directory in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
file first and make sure it succeeds before replacing the real mtab
in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
(LP: #732628)
- debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
user controlled directory in src/utils/ecryptfs-setup-private.
- CVE-2011-1835
* SECURITY UPDATE: information disclosure via recovery mount in /tmp
(LP: #732628)
- debian/patches/CVE-2011-1836.patch: mount inside protected
subdirectory in src/utils/ecryptfs-recover-private.
- CVE-2011-1836
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
condition (LP: #732628)
- debian/patches/CVE-2011-1837.patch: verify permissions with a file
descriptor, and don't follow symlinks in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1837
----------------------------------------
Description:
eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
for Linux.
It provides advanced key management and policy features. eCryptfs stores
cryptographic metadata in the header of each file written, so that encrypted
files can be copied between hosts; the file will be decryptable with the proper
key, and there is no need to keep track of any additional information aside
from what is already in the encrypted file itself. Think of eCryptfs as a sort
of "gnupgfs".
eCryptfs is a native Linux filesystem. The kernel module component of eCryptfs
is part of the Linux kernel since 2.6.19.
This package contains the userland utilities.
-------------------------------------
Changes:
Changes for the versions:
87-0ubuntu1
87-0ubuntu1.1
Version 87-0ubuntu1.1:
* SECURITY UPDATE: privilege escalation via mountpoint race conditions
(LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: chdir into mountpoint
before checking permissions in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1831
- CVE-2011-1832
* SECURITY UPDATE: race condition when checking source during mount
(LP: #732628)
- debian/patches/CVE-2011-1833.patch: use new ecryptfs_check_dev_ruid
kernel option when mounting directory in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1833
* SECURITY UPDATE: mtab corruption via improper handling (LP: #732628)
- debian/patches/CVE-2011-1831,1832,1834.patch: modify mtab via a temp
file first and make sure it succeeds before replacing the real mtab
in src/utils/mount.ecryptfs_private.c.
- CVE-2011-1834
* SECURITY UPDATE: key poisoning via insecure temp directory handling
(LP: #732628)
- debian/patches/CVE-2011-1835.patch: make sure we don't copy into a
user controlled directory in src/utils/ecryptfs-setup-private.
- CVE-2011-1835
* SECURITY UPDATE: information disclosure via recovery mount in /tmp
(LP: #732628)
- debian/patches/CVE-2011-1836.patch: mount inside protected
subdirectory in src/utils/ecryptfs-recover-private.
- CVE-2011-1836
* SECURITY UPDATE: arbitrary file overwrite via lock counter race
condition (LP: #732628)
- debian/patches/CVE-2011-1837.patch: verify permissions with a file
descriptor, and don't follow symlinks in
src/utils/mount.ecryptfs_private.c.
- CVE-2011-1837
------------------------------------
Description:
eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
for Linux.
This package contains the library.
-------------------------------------
** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2011-1831
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1832
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1833
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1834
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1835
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1836
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-1837
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/824961
Title:
Ubuntu 11.04 Server with encrypted LVM on dm RAID0 -- Incorrect
metadata area header checksum - No volume groups found - ALERT!
/dev/mapper/MachineName-root does not exist
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/824961/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
