[ubuntu/vivid-proposed] mountall 2.54ubuntu1 (Accepted)

Tue, 18 Nov 2014 04:41:40 -0800 

mountall (2.54ubuntu1) vivid; urgency=medium

  * SECURITY UPDATE: insecure mount permissions (LP: #1390183)
    - The mount utility now honours process umask when mounting certain
      filesystems, resulting in them being potentially mounted with
      inappropriate permissions.
    - src/mountall.c: don't specifically set umask when running as a
      daemon, inherit the umask Upstart sets instead.
    - CVE-2014-1421

Date: Thu, 13 Nov 2014 13:11:38 -0500
Changed-By: Marc Deslauriers <[email protected]>
Maintainer: Ubuntu Developers <[email protected]>
https://launchpad.net/ubuntu/+source/mountall/2.54ubuntu1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 13 Nov 2014 13:11:38 -0500
Source: mountall
Binary: mountall
Architecture: source
Version: 2.54ubuntu1
Distribution: vivid
Urgency: medium
Maintainer: Ubuntu Developers <[email protected]>
Changed-By: Marc Deslauriers <[email protected]>
Description:
 mountall   - filesystem mounting tool
Launchpad-Bugs-Fixed: 1390183
Changes:
 mountall (2.54ubuntu1) vivid; urgency=medium
 .
   * SECURITY UPDATE: insecure mount permissions (LP: #1390183)
     - The mount utility now honours process umask when mounting certain
       filesystems, resulting in them being potentially mounted with
       inappropriate permissions.
     - src/mountall.c: don't specifically set umask when running as a
       daemon, inherit the umask Upstart sets instead.
     - CVE-2014-1421
Checksums-Sha1:
 634a0542c9af72aad5b95f954cd01d384cb50c0b 1832 mountall_2.54ubuntu1.dsc
 3800d82a1bc9e0947740dd2a219572249fd5b941 645449 mountall_2.54ubuntu1.tar.gz
Checksums-Sha256:
 ba47eb3be7abf1024e7d2ec3e07d4adab24cd2686c3293a81d04862000f23d1b 1832 
mountall_2.54ubuntu1.dsc
 2fd31abbe691921212926c035b6dfd6ab85a87f8488e55118b2209ebe190ee5a 645449 
mountall_2.54ubuntu1.tar.gz
Files:
 8ea2892bf2466ae52473a96b001fc780 1832 admin required mountall_2.54ubuntu1.dsc
 208edf5a22b62806a9b43571bc1e6a9b 645449 admin required 
mountall_2.54ubuntu1.tar.gz
Original-Maintainer: Steve Langasek <[email protected]>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJUaz4aAAoJEGVp2FWnRL6T3d0P/3OyVPLLcToJv86726p2hIet
VlYfvkicqulwbL4nI9YSMj/ROrDrZJc744eYbT0yJb3RbGwT8eIuhUUydXC7CTM+
/2ixCitNN/FZAVZqlarHz8FP7+ZzDudfpl5kjclBl5weuizqIomSDgpOFkT1m/cA
84+bxWFqePxGuhb3jMIlOpSfP7Vjh9DTSPPyODFKB1NSbHvMrUy8cYqaRnqG/GW3
+HYeXmmBS75/3xy59jXPy7A95o5b8bI7ofCqF5LdXmEuuSVT7qjeRhTPJAnw/pzp
tPrWnyOKiU2e0gmcop3V0SZbiy60WxNBcWDIEps//bVZV9UD3Iw+rX5kd9LFckeB
VKEglncbskuxb0tu/O28O1aAQ/FrdhylA6RZXl2EYYPyPL5wSjFIE1O9//r69PL5
hG9S+dwqhUKkIlHlFgSDpTvm+CuMB8TIDGJ1mG9NXiFNJHhyhsIsQGqp5jDVCNpr
vVBJNpnduAM6A4TeAH9MVOgX7H+nh5B/IYTO9VKmep9uqCeXUBgiE0BsViyQu6KY
Xwi+7cqn0W12IPXCuiLhiy7ZABgGqW3FxkAOiKkSlqb8fLwvGdLlY5acJycaqVzQ
JquUAD1MupMHit3VJo8uGO4l25LQAYPsp4Go976E64es+FwCzZGlFI+pBSb9Jhyo
7TNpAOoOMEXbx4/At/nW
=KfLa
-----END PGP SIGNATURE-----

-- 
Vivid-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/vivid-changes

Reply via email to