lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Sat, 19 Sep 2009 19:25:27 +0200
From: Ubuntu Privacy Remix Team <security_notice@...vacy-cd.org>
To: bugtraq@...urityfocus.com
Subject: [UPRSN] Ubuntu Privacy Remix 9.04r2 fixes security issues

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

###########################################################

UPR Security Notice UPRSN-09_01          September 19, 2009
several vulnerabilities

###########################################################

Ubuntu Privacy Remix (UPR), based on Ubuntu 9.04, is a live,
read-only CD that seals off your private data from the outside world to
offer protection against spying measures such as the german
„Bundestrojaner“, with which the German government and federal police
tries to spy on its citizens.
UPR does this using encryption and isolation methods. This method of
booting off a read-only CD provides a isolated and unmodifiable system
that is exceedingly difficult to compromise by spyware.
The following security issues affect the "Ubuntu Privacy Remix" releases
prior 9.04_r2.

Ubuntu Privacy Remix 9.04_r2 can be downloaded from
https://www.privacy-cd.org/
Please note that all files are signed with the *new signing key* 2E887042.


A. UPR-specific
- ---------------
The UPR Team has released the second stable release of Ubuntu Privacy
Remix 9.04,
which includes a new kernel to fix USN-819-1 (local root privilege
escalation). We think that this hole is very difficult to exploit under the
UPR environment, nevertheless we recommend all users to use the new version.


B. Security Updates adopted from Ubuntu
- ---------------------------------------
All packages with security-fixes in Ubuntu 9.04 until 09/01/2009 have
been updated.


See the complete changelog (new functions and features, bugfixes) here:
https://www.privacy-cd.org/en/using-upr/download

- --

- ---------
Ubuntu Privacy Remix Project
web:			www.privacy-cd.org
mail:			info@...vacy-cd.org
bugreports:		https://bugs.launchpad.net/upr
signing_key:		1E8E7D6A | Fingerprint: C87A 673C 4EDD F7CC 5C89 4B77 7AC5
2496 1E8E 7D6A
communication_key:	85AC2E72 | Fingerprint: 83A9 0DE1 17B1 F74B 8E1A 0353
29E6 DD3E 85AC 2E72

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFKtRQGKebdPoWsLnIRAjhMAKDPO3EZZDipUeCts6YCWy9+wnI3PQCg03W7
IsvZWAULGOuASFJLCQAF9LA=
=o4xA
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists