git Service of IN-Ulm e.V. Explore Help
Sign In
cbiedl
/
tang
1
0
Fork 0
Files
Browse Source

tang 8-3+deb11u2

Christoph Biedl 2 years ago
parent
7561ffb4a8
commit
6dda456ab0
2 changed files with 24 additions and 0 deletions
Split View Show Diff Stats
  1. 11 0
      debian/changelog
  2. 13 0
      debian/tang.NEWS

+ 11 - 0
debian/changelog
View File 

@@ -1,3 +1,14 @@
 
+tang (8-3+deb11u2) bullseye; urgency=high
 
+
 
+  * Fix CVE-2023-1672:
 
+    - Cherry-pick "Fix race condition when creating/rotating keys"
 
+    - Assert restrictive permissions on tang's key directory
 
+    In existing multi-user bullseye installations, rotating the keys
 
+    is suggested.
 
+  * Make the tangd-rotate-keys program executable
 
+
 
+ -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de>  Sat, 08 Jul 2023 12:41:29 +0200
 
+
 
 tang (8-3+deb11u1) bullseye-security; urgency=high
 
 
   * Fix data leak [CVE-2021-4076]

+ 13 - 0
debian/tang.NEWS
View File 

@@ -0,0 +1,13 @@
 
+tang (8-3+deb11u2) bullseye; urgency=high
 
+
 
+  * In existing bullseye installations, the key directory has world-
 
+    readable access permissions. If untrusted users have access to that
 
+    systems, administrators might want to do a key rotation after this
 
+    upgrade.
 
+
 
+    To do so, run: /usr/libexec/tangd-rotate-keys -v -d /var/db/tang
 
+
 
+    See https://manpages.debian.org/bookworm/tang-common/tangd-rotate-keys.1.en.html
 
+    for details.
 
+
 
+ -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de>  Sat, 08 Jul 2023 12:41:29 +0200