Stay Secure with the Latest Linux Advisories

security advisorysecurity issuefedora

Fedora 28: FEDORA-2018-5d6e80ab82 Critical: Dislocker Access Fix

- Update to 2.13.0 - CVE-2018-0497 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory: . --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-5d6e80ab82 2018-10-12 20:17:15.389360 --------------------------------------------------------------------------------Name : dislocker Product : Fedora 28 Version : 0.7.1 Release : 10.fc28 URL : https://github.com/Aorimn/dislocker Summary : Utility to access BitLocker encrypted volumes Description : Dislocker has been designed to read BitLocker encrypted partitions ("drives") under a Linux system. The driver has the capability to read/write partitions encrypted using Microsoft Windows Vista, 7, 8, 8.1 and 10 (AES-CBC, AES-XTS, 128 or 256 bits, with or without the Elephant diffuser, encrypted partitions); BitLocker-To-Go encrypted partitions (USB/FAT32 partitions). The file name where the BitLocker encrypted partition will be decrypted needs to be given. This may take a long time, depending on the size of the encrypted partition. But afterward, once the partition is decrypted, the access to the NTFS partition will be faster than with FUSE. Another thing to think about is the size of the disk (same size as the volume that is tried to be decrypted). Nevertheless, once the partition is decrypted, the file can be mounted as any NTFS partition and won't have any link to the original BitLocker partition. --------------------------------------------------------------------------------Update Information: - Update to 2.13.0 - CVE-2018-0497 Release notes: https://www.trustedfirmware.org/projects/mbed-tls/ Security Advisory: --------------------------------------------------------------------------------ChangeLog: * Thu Sep 27 2018 Morten Stevens - 0.7.1-10 - Rebuilt for mbed TLS 2.13.0 * Thu Jul 12 2018 Fedora Release Engineering - 0.7.1-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * ThuMay 17 2018 Robert Scheck 0.7.1-8 - Rebuilt for mbed TLS 2.7.3/2.9.0 (libmbedcrypto.so.2) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-5d6e80ab82' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Release of Dislocker 2.13.0 for Fedora 28 addressing vulnerability CVE-2018-0497. This update strengthens security measures for accessing BitLocker-encrypted drives.. dislocker update, fedora security, bitlocker access. . Severity: Critical. LinuxSecurity.com Team

Oct 12, 2018 •Critical Fedora