lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Mon, 22 Dec 2008 10:55:49 +0100
From: Ubuntu Privacy Remix Team <security_notice@...vacy-cd.org>
To: bugtraq@...urityfocus.com
Subject: [UPRSN] Ubuntu Privacy Remix 8.04r2 introduces "noexec"-mounting
 by default

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


###########################################################

UPR Security Notice UPRSN-08_02           December 22, 2008

###########################################################

Ubuntu Privacy Remix (UPR), based on Ubuntu 8.04 (LTS), is a live,
read-only CD that seals off your private data from the outside world. It
does this using encryption and isolation methods. This method of booting
off a read-only CD provides a isolated and unmodifiable system that is
exceedingly difficult to compromise by spyware.
The following security issues affect the "Ubuntu Privacy Remix" releases
prior 8.04_r2.

Ubuntu Privacy Remix 8.04_r2 can be downloaded from
https://www.privacy-cd.org/

A. UPR-specific
- ---------------
Removable media is mounted noexec by default
This closes the possibility of infecting the running system with
malicious software
executed from removable media formatted with vfat, ntfs, ext2 or ext3.


B. Security Updates adopted from Ubuntu
- ---------------------------------------
All Ubuntu Updates and Security Updates released since the last
UPR-release until
20081219 are added.
- --

- ---------

Ubuntu Privacy Remix Project
web:            www.privacy-cd.org
mail:            info@...vacy-cd.org
bugreports:        https://bugs.launchpad.net/upr
signing_key:        1E8E7D6A | Fingerprint: C87A 673C 4EDD F7CC 5C89
4B77 7AC5 2496 1E8E 7D6A
communication_key:    85AC2E72 | Fingerprint: 83A9 0DE1 17B1 F74B 8E1A
0353 29E6 DD3E 85AC 2E72

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJT2QkKebdPoWsLnIRAj56AKCt9D52BwY75d09dIxd1PpwT59x4gCgiCmC
uobOmTIOk0j3LVbPK9haALo=
=t73x
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ