Ispravljen propust vezan uz ecryptfs-utils

Otkrivena je ranjivost programskog paketa ecryptfs-utils koju lokalni napadači mogu iskoristiti za dobivanje većih privilegija.

Paket:	ecryptfs-utils 90
Operacijski sustavi:	Fedora 16, Fedora 17
Kritičnost:	3.7
Problem:	pogreška u programskoj komponenti
Iskorištavanje:	lokalno
Posljedica:	dobivanje većih privilegija
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2012-3409
Izvorni ID preporuke:	FEDORA-2012-11069
Izvor:	Fedora

Problem:
Uočen je propust u programskoj komponenti "/sbin/mount.ecryptfs_private".
Posljedica:
Potencijalan napadač može iskoristiti ranjivost kako bi zadobio veće ovlasti na sustavu.
Rješenje:
Savjetuje se ugradnja izdane zakrpe.

Izvorni tekst preporuke

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-11069
2012-07-24 22:41:04
--------------------------------------------------------------------------------

Name        : ecryptfs-utils
Product     : Fedora 17
Version     : 99
Release     : 1.fc17
URL         : https://launchpad.net/ecryptfs
Summary     : The eCryptfs mount helper and support libraries
Description :
eCryptfs is a stacked cryptographic filesystem that ships in Linux
kernel versions 2.6.19 and above. This package provides the mount
helper and supporting libraries to perform key management and mount
functions.

Install ecryptfs-utils if you would like to mount eCryptfs.

--------------------------------------------------------------------------------
Update Information:

- updated to ecryptfs-utils 99
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 24 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 99-1
- ecryptfs-utils updated to 99
- fixes: suid helper does not restrict mounting filesystems with 
  nosuid, nodev leading to possible privilege escalation (CVE-2012-3409)
* Mon Jun 25 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 97-1
- ecryptfs-utils updated to 97
* Mon Jun  4 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 96-3
- for file name encryption support check, module must be loaded already
* Mon Apr 16 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 96-2
- when ecryptfs-mount-fails, check if user is member of ecryptfs group
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #841940 - CVE-2012-3409 ecryptfs-utils: suid helper does not
restrict mounting filesystems with nosuid,nodev leading to possible privilege
escalation
        https://bugzilla.redhat.com/show_bug.cgi?id=841940
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ecryptfs-utils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-11049
2012-07-24 22:40:12
--------------------------------------------------------------------------------

Name        : ecryptfs-utils
Product     : Fedora 16
Version     : 99
Release     : 1.fc16
URL         : https://launchpad.net/ecryptfs
Summary     : The eCryptfs mount helper and support libraries
Description :
eCryptfs is a stacked cryptographic filesystem that ships in Linux
kernel versions 2.6.19 and above. This package provides the mount
helper and supporting libraries to perform key management and mount
functions.

Install ecryptfs-utils if you would like to mount eCryptfs.

--------------------------------------------------------------------------------
Update Information:

- updated to ecryptfs-utils 99
--------------------------------------------------------------------------------
ChangeLog:

* Tue Jul 24 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 99-1
- ecryptfs-utils updated to 99
- fixes: suid helper does not restrict mounting filesystems with 
  nosuid, nodev leading to possible privilege escalation (CVE-2012-3409)
* Mon Jun 25 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 97-1
- ecryptfs-utils updated to 97
* Mon Jun  4 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 96-3
- for file name encryption support check, module must be loaded already
* Mon Apr 16 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 96-2
- when ecryptfs-mount-fails, check if user is member of ecryptfs group
* Mon Feb 20 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 96-1
- ecryptfs-utils updated to 96
* Thu Feb  9 2012 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 95-2
- blowfish and twofish support check did not work with on 3.2.x kernels
(#785036)
* Fri Dec 16 2011 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 95-1
- updated to v. 95
* Tue Nov  1 2011 Michal Hlavinka <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 93-1
- updated to v. 93
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #841940 - CVE-2012-3409 ecryptfs-utils: suid helper does not
restrict mounting filesystems with nosuid,nodev leading to possible privilege
escalation
        https://bugzilla.redhat.com/show_bug.cgi?id=841940
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ecryptfs-utils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Ispravljen propust vezan uz ecryptfs-utils

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Ispravljen propust vezan uz ecryptfs-utils

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti