Univention Bugzilla – Bug 44410
eject: Multiple issues (4.2)
Last modified: 2017-07-05 13:06:37 CEST
Upstream Debian package version 2.1.5+deb1+cvs20081104-13.1+deb8u1 fixes: * dmcrypt-get-device does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. (CVE-2017-6964)
Semi-Automatically imported through Bug #44451 Package: eject Version: 2.1.5+deb1+cvs20081104-13.A~4.2.1.201706301735 Branch: ucs_4.2-0 Scope: errata4.2-1 r80749 | Bug #44410: eject.yaml
Ok, I've trimmed down the advisory text a bit and adjusted the version field to also cover errata4.2-0.
<http://errata.software-univention.de/ucs/4.2/77.html>