[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 18 Nov 2008 13:56:59 +0100
From: Jan Lieskovsky <jlieskov@...hat.com>
To: coley@...re.org
Cc: oss-security@...ts.openwall.com, Jamie Strandboge <jamie@...onical.com>
Subject: CVE Request - ecryptfs-utils
Hello Steve,
noticed, the following issue still lacks a separate CVE identifier:
References:
http://secunia.com/Advisories/32382/
http://www.openwall.com/lists/oss-security/2008/10/23/3
http://www.openwall.com/lists/oss-security/2008/10/29/4
http://www.openwall.com/lists/oss-security/2008/10/29/7
Upstream commits:
http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=06de99afd53f03fe07eda0ad9d61ac6d5d4d9f53
http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=0af27a5d514dc4bbc077f07cf33a5d5b362a9193
Affected ecryptfs-utils versions:
Jamie mentions ecryptfs-utils > 45 for ecryptfs-setup-private script,
but the upstream commit applies also for ecryptfs_{add, wrap}_passphrase.c
utilities present in previous versions (checked presence in ecryptfs-utils-41-1).
Could you please allocate a new CVE id for this one?
Thanks, Jan.
--
Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
