Errata overview
Errata ID 77
Date 2017-07-05
Source package eject
Fixed in version 2.1.5+deb1+cvs20081104-13.A~
This update addresses the following issue(s):
* dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu,
  does not check the return value of the (1) setuid or (2) setgid function,
  which might cause dmcrypt-get-device to execute code, which was intended to
  run as an unprivileged user, as root. (CVE-2017-6964)
Additional notes
CVE ID CVE-2017-6964
UCS Bug number #44410