| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 04 Dec 2008 15:46:55 +0100 From: Ubuntu Privacy Remix Team <security_notice@...vacy-cd.org> To: bugtraq@...urityfocus.com Subject: [UPRSN] Ubuntu Privacy Remix 8.04r1 fixes security issues -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ########################################################### UPR Security Notice UPRSN-08_01 December 04, 2008 several vulnerabilities ########################################################### Ubuntu Privacy Remix (UPR), based on Ubuntu 8.04 (LTS), is a live, read-only CD that seals off your private data from the outside world. It does this using encryption and isolation methods. This method of booting off a read-only CD provides a isolated and unmodifiable system that is exceedingly difficult to compromise by spyware. The following security issues affect the "Ubuntu Privacy Remix" releases prior 8.04_r1. Ubuntu Privacy Remix 8.04_r1 can be downloaded from https://www.privacy-cd.org/ A. UPR-specific - --------------- The UPR-Kernel was able to mount some RAID-Arrays, because the RAID-controllers are identified by the system as a SCSI-controller, even if (S)-ATA-Disks are used. For UPR this is a security issue, because removing the kernels ability of mounting local S-/ATA-Disks is part of the concept to seal off users to assure their privacy. - From the new Kernel we removed support for * all SCSI/IDE/SATA/SAS RAID-controllers * iSCSI HBAs * Fibre Chanel Controllers ... and some more. This solves https://bugs.launchpad.net/bugs/301285 The sources, the UPR-Kernel ist based on, were updated to Ubuntu source-package 2.6.24-22.45 because of security fixes. B. Security Updates adopted from Ubuntu - --------------------------------------- All Ubuntu Security Updates released since the last UPR-release until 20081202 are installed: alacarte base-files dbus dbus-x11 firefox firefox-3.0 firefox-3.0-gnome-support firefox-gnome-support foo2zjs hpijs hplip hplip-data libdbus-1-3 libgnutls13 libsmbclient libxml2 libxml2-utils linux-restricted-modules-common login logrotate module-init-tools openoffice.org-base-core openoffice.org-calc openoffice.org-common openoffice.org-core openoffice.org-draw openoffice.org-gnome openoffice.org-gtk openoffice.org-impress openoffice.org-java-common openoffice.org-style-human openoffice.org-writer passwd python-apt python-libxml2 python-uno ttf-opensymbol xulrunner-1.9 xulrunner-1.9-gnome-support libvorbis0a libvorbisenc2 libvorbisfile3 - -- - --------- Ubuntu Privacy Remix Project web: www.privacy-cd.org mail: info@...vacy-cd.org bugreports: https://bugs.launchpad.net/upr signing_key: 1E8E7D6A | Fingerprint: C87A 673C 4EDD F7CC 5C89 4B77 7AC5 2496 1E8E 7D6A communication_key: 85AC2E72 | Fingerprint: 83A9 0DE1 17B1 F74B 8E1A 0353 29E6 DD3E 85AC 2E72 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJN+1fKebdPoWsLnIRAvuLAKCpSlQ1J9xVOsJkmKRY2+F/zBvIMgCfRDYB CQkBk+W9BWQBsURy1EEdGso= =D3oT -----END PGP SIGNATURE-----
Powered by blists - more mailing lists