Articles / SuSE: New ecryptfs-utils pa...

SuSE: New ecryptfs-utils packages fix remote denial of service

This update of ecryptfs-utils fixes several security problems, including race conditions when checking mountpoint during mount and unmount, and an improper mtab handling allowing corruption due to resource limits, signals, etc.

  SUSE Security Update: Security update for ecryptfs-utils
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0898-1
Rating:             important
References:         #709771 
Cross-References:   CVE-2011-1831 CVE-2011-1832 CVE-2011-1833
                   CVE-2011-1834 CVE-2011-1835 CVE-2011-1836
                   CVE-2011-1837
Affected Products:
                   SUSE Linux Enterprise Server 11 SP1 for VMware
                   SUSE Linux Enterprise Server 11 SP1
                   SUSE Linux Enterprise Desktop 11 SP1
______________________________________________________________________________

  An update that fixes 7 vulnerabilities is now available.

Description:


  This update of ecryptfs-utils fixes several security
  problems:

  * CVE-2011-1831 - Race condition when checking
  mountpoint during mount.
  * CVE-2011-1832 - Race condition when checking
  mountpoint during unmount.
  * CVE-2011-1833 - Race condition when checking source
  during mount.
  * CVE-2011-1834 - Improper mtab handling allowing
  corruption due to resource limits, signals, etc.

  Security Issue references:

  * CVE-2011-1831
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1831

  * CVE-2011-1832
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1832

  * CVE-2011-1833
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1833

  * CVE-2011-1834
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1834

  * CVE-2011-1835
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1835

  * CVE-2011-1836
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1836

  * CVE-2011-1837
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1837


Indications:

  Please install this update.

Patch Instructions:

  To install this SUSE Security Update use YaST online_update.
  Alternatively you can run the command listed for your product:

  - SUSE Linux Enterprise Server 11 SP1 for VMware:

     zypper in -t patch slessp1-ecryptfs-utils-4956

  - SUSE Linux Enterprise Server 11 SP1:

     zypper in -t patch slessp1-ecryptfs-utils-4956

  - SUSE Linux Enterprise Desktop 11 SP1:

     zypper in -t patch sledsp1-ecryptfs-utils-4956

  To bring your system up-to-date, use "zypper patch".


Package List:

  - SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):

     ecryptfs-utils-61-1.29.1

  - SUSE Linux Enterprise Server 11 SP1 for VMware (x86_64):

     ecryptfs-utils-32bit-61-1.29.1

  - SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):

     ecryptfs-utils-61-1.29.1

  - SUSE Linux Enterprise Server 11 SP1 (ppc64 s390x x86_64):

     ecryptfs-utils-32bit-61-1.29.1

  - SUSE Linux Enterprise Server 11 SP1 (ia64):

     ecryptfs-utils-x86-61-1.29.1

  - SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):

     ecryptfs-utils-61-1.29.1

  - SUSE Linux Enterprise Desktop 11 SP1 (x86_64):

     ecryptfs-utils-32bit-61-1.29.1


References:

  http://support.novell.com/security/cve/CVE-2011-1831.html
  http://support.novell.com/security/cve/CVE-2011-1832.html
  http://support.novell.com/security/cve/CVE-2011-1833.html
  http://support.novell.com/security/cve/CVE-2011-1834.html
  http://support.novell.com/security/cve/CVE-2011-1835.html
  http://support.novell.com/security/cve/CVE-2011-1836.html
  http://support.novell.com/security/cve/CVE-2011-1837.html
  https://bugzilla.novell.com/709771
  http://download.novell.com/patch/finder/?keywords=e843e9dbd44e851ba600c4d0d266b6a8
Screenshot

Project Spotlight

libmikmod

Full-featured sound library

Screenshot

Project Spotlight

JSXGraph

A cross-browser library for plotting and interactive geometry.