fscrypt 0.2.2-0ubuntu2.1 source package in Ubuntu
Changelog
fscrypt (0.2.2-0ubuntu2.1) bionic-security; urgency=medium
* SECURITY UPDATE: Privilege escalation via improperly restored
supplementary groups in libpam-fscrypt (LP: #1787548)
- CVE-2018-6558.patch: Save the euid, egid, and supplementary groups when
entering the PAM module, drop privileges to perform actions on behalf of
the user, and then properly restore the saved values before exiting the
PAM module. Based on patch from upstream.
- CVE-2018-6558
* 0001-security-drop-and-regain-privileges-in-all-threads.patch: Drop and
regain privileges in all threads of the current process
* 0001-Ensure-keyring-privilege-changes-are-reversible.patch: Ensure keyring
privilege changes are reversible to prevent failures when, for example,
"su <user>" is executed as an unprivileged user
-- Tyler Hicks <email address hidden> Wed, 22 Aug 2018 18:57:26 +0000
Upload details
- Uploaded by:
- Tyler Hicks
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- linux-any
- Section:
- misc
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | universe | misc | |
| Bionic | security | universe | misc |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| fscrypt_0.2.2.orig.tar.xz | 78.0 KiB | 4fa41ceb80fdced1a244cf0f5e73124f3c45b5b08d0dab475be98b7301109ae4 |
| fscrypt_0.2.2-0ubuntu2.1.debian.tar.xz | 8.7 KiB | 0026eef2cf8785e39a5cfff2f6541481f7e10b16516a491ced014508117bc0fe |
| fscrypt_0.2.2-0ubuntu2.1.dsc | 2.2 KiB | d233ca8342d61db5de7327003e6b9b027bb15334f608706ec63d2f01675f89d5 |
Available diffs
Binary packages built by this source
- fscrypt: Tool for managing Linux filesystem encryption
fscrypt is a high-level tool for the management of Linux filesystem
encryption. This tool manages metadata, key generation, key wrapping, PAM
integration, and provides a uniform interface for creating and modifying
encrypted directories.
.
To use fscrypt, you must have a filesystem with encryption enabled and a
kernel that supports reading/writing from that filesystem. Currently, ext4,
F2FS, and UBIFS support Linux filesystem encryption.
- golang-github-google-fscrypt-dev: Linux filesystem encryption source code
fscrypt is a high-level tool for the management of Linux filesystem
encryption. This tool manages metadata, key generation, key wrapping, PAM
integration, and provides a uniform interface for creating and modifying
encrypted directories.
.
This package contains the source tree of the fscrypt project.
- libpam-fscrypt: PAM module for Linux filesystem encryption
fscrypt is a high-level tool for the management of Linux filesystem
encryption. This tool manages metadata, key generation, key wrapping, PAM
integration, and provides a uniform interface for creating and modifying
encrypted directories.
.
This PAM module can be used to unlock one or more directories upon user login
and then lock those directories when the user ends their session.
