Bug#780900: unblock: ecryptfs-utils/103-4

To: "László Böszörményi (GCS)" <gcs@debian.org>, 780900@bugs.debian.org
Subject: Bug#780900: unblock: ecryptfs-utils/103-4
From: Niels Thykier <niels@thykier.net>
Date: Sun, 22 Mar 2015 10:55:58 +0100
Message-id: <[🔎] 550E91AE.8010307@thykier.net>
Reply-to: Niels Thykier <niels@thykier.net>, 780900@bugs.debian.org
In-reply-to: <[🔎] CAKjSHr03hq0-4t9Gk8Rs4nj0Mq25tMP1qimegSJMZz6YcHLNug@mail.gmail.com>
References: <[🔎] CAKjSHr03hq0-4t9Gk8Rs4nj0Mq25tMP1qimegSJMZz6YcHLNug@mail.gmail.com>

Control: tags -1 moreinfo

On 2015-03-21 09:45, László Böszörményi (GCS) wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Hi Release Team,
> 
> I've recently fixed CVE-2014-9687 [1] with the upload of
> ecryptfs-utils, which is a fix for a user security hole[2]. Please
> unblock and let it migrate to Jessie.
> Debfiff is attached as usual.
> 
> Thanks,
> Laszlo/GCS
> 
> unblock ecryptfs-utils/103-4
> 
> [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9687
> [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780385
> 

Hi,

Thanks for reporting this.  Unfortunately, I do have a concern with one
of the changes.

 * The function "static int read_v1_wrapped_passphrase_file":
   - The documentation says it will return negatively on failure, but
     AFAICT it will unconditionally return 0.
   - I guess the last line should have been "return rc" rather than
     "return 0".



Thanks,
~Niels

Reply to:

Follow-Ups:
- Bug#780900: unblock: ecryptfs-utils/103-4
  - From: László Böszörményi (GCS) <gcs@debian.org>

References:
- Bug#780900: unblock: ecryptfs-utils/103-4
  - From: László Böszörményi (GCS) <gcs@debian.org>

Prev by Date: Processed: Re: Bug#780900: unblock: ecryptfs-utils/103-4
Next by Date: Bug#780942: unblock: libforks-perl/0.36-2
Previous by thread: Processed: Re: Bug#780900: unblock: ecryptfs-utils/103-4
Next by thread: Bug#780900: unblock: ecryptfs-utils/103-4
Index(es):
- Date
- Thread