udisks 2.1.3 / 1.0.5 security updates
Martin Pitt
martin.pitt at ubuntu.com
Mon Mar 10 02:27:28 PDT 2014
Hello all,
Florian Weimer of the Red Hat Product Security Team found a flaw in
the way udisks and udisks2 handled long path names. A malicious, local
user could use this flaw to create a specially-crafted directory
structure that could lead to arbitrary code execution with the
privileges of the udisks daemon (root). This has been assigned
CVE-2014-0004.
This has been fixed in udisks 2.1.3. I also did a new 1.0.5 release
for udisks 1 with that fix backported, as udisks 1 is still around in
supported Linux distribution releases.
------------
udisks 2.1.3
------------
http://udisks.freedesktop.org/releases/udisks-2.1.3.tar.bz2
sha1sum: 093dc9a32752b63819e5d6856a8b0e3ba6d6d902
The udisks project provides a daemon, tools and libraries to access
and manipulate disks and storage devices.
This version fixes a security vulnerability (CVE-2014-0004), so please update
as soon as possible!
Changes since udisks 2.1.2:
David Zeuthen (4):
Identify SD Card Reader in ChromeBook Pixel
Send SCSI START STOP UNIT when powering down a drive
udisksctl: add power-off verb to power off drives
udisksctl: fix grammar
Marius Vollmer (1):
Prefer /dev/VG/LV for LVM2 volumes.
Martin Pitt (2):
Fix buffer overflow in mount path parsing. If users have the possibility
to create very long mount points, such as with FUSE, they could cause
udisksd to crash, or even to run arbitrary code as root with specially
crafted mount paths. [CVE-2014-0004]
Peter Paluch (1):
Use SECTOR_COUNT=1 when issuing ATA IDENTIFY COMMAND
Tomas Bzatek (3):
Use reentrant version of getpwuid() for thread safety
udisks_daemon_util_get_caller_uid_sync(): Add missing goto
Fix crash when loop-deleting non-loop device
Thanks to all our contributors.
Martin Pitt
March 10, 2014
------------
udisks 1.0.5
------------
http://hal.freedesktop.org/releases/udisks-1.0.5.tar.gz
sha1sum: cdc254579a32a6c7b9e94758bb55d544bb807bf5
udisks provides a daemon, D-Bus API and command line tools
for managing disks and storage devices.
All releases in the udisks 1.0 series will retain ABI compatibility at
the D-Bus interface level. This means that any application built
against udisks 1.0.x will work with udisks 1.0.y provided that y >=
x. At this point we do not provide any ABI guarantees for the
udisks(1) command-line tool (neither options nor the name). See the
README file for more discussion of ABI guarantees.
This version fixes a security vulnerability (CVE-2014-0004), so please update
as soon as possible!
Changes from udisks 1.0.4:
Brice De Bruyne (1):
Fix segfault and detection for SATA-II RAID controller
David Zeuthen (2):
udisks-daemon: Add --no-debug option and use this for D-Bus activation
Bug 51439 – udisks should hide lvm PVs
Edward Sheldrake (1):
Fix power/level deprecation kernel warning
Martin Pitt (9):
Fix buffer overflow in mount path parsing. If users have the possibility
to create very long mount points, such as with FUSE, they could cause
udisksd to crash, or even to run arbitrary code as root with specially
crafted mount paths. [CVE-2014-0004]
tests/run: Fix crash if first hard disk is not SMART capable
Add some safe and useful ntfs-3g allowed mount options
Drop deprecated g_io_channel_seek()
test suite: Fix test_swap to not expect successful fsck
test suite: Fix test_reiserfs for current reiserfsprogs
Bug 48173 — Ignore add/change events for a nonexisting native path
Mark rts_bpp devices as SD card readers
Tom Gundersen (1):
add systemd service file and dbus activation to the udisks1 branch
Thanks to all our contributors.
Martin Pitt
March 10, 2014
--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.freedesktop.org/archives/devkit-devel/attachments/20140310/2cd8c48d/attachment.pgp>
More information about the devkit-devel
mailing list