-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 22 Dec 2007 14:04:14 +0000 Source: loop-aes-utils Binary: loop-aes-utils Architecture: source i386 Version: 2.12p-4sarge2 Distribution: oldstable-security Urgency: high Maintainer: Max Vozeler <xam@debian.org> Changed-By: Steffen Joeris <white@debian.org> Description: loop-aes-utils - Tools for mounting and manipulating filesystems Changes: loop-aes-utils (2.12p-4sarge2) oldstable-security; urgency=high . * Non-maintainer upload by the security team * Fix privilege escalation by calling setuid() and setgid() in the wrong order and not checking the return values in mount and umount Fixes: CVE-2007-5191 Files: df895a3729db10a19896a9251d4af5b2 684 admin optional loop-aes-utils_2.12p-4sarge2.dsc c9e24c3959fbac7e69f4d3ac1c6e672b 69885 admin optional loop-aes-utils_2.12p-4sarge2.diff.gz caa1aa50c22e9de3beb71ee7ab40df94 142336 admin optional loop-aes-utils_2.12p-4sarge2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHbRsn62zWxYk/rQcRAgUzAJ4kri3bFzKUTLgQmaE8TFUSi+5InACgzxT7 zYdTTaMDVJfSYESpb0cG+6U= =a72P -----END PGP SIGNATURE----- Accepted: loop-aes-utils_2.12p-4sarge2.diff.gz to pool/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge2.diff.gz loop-aes-utils_2.12p-4sarge2.dsc to pool/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge2.dsc loop-aes-utils_2.12p-4sarge2_i386.deb to pool/main/l/loop-aes-utils/loop-aes-utils_2.12p-4sarge2_i386.deb