From 43e9b52bc735a16180fac494fd4f63927f65a305cb6d11b88b9a71a12332dd59 Mon Sep 17 00:00:00 2001 From: Andreas Stieger Date: Sun, 12 Feb 2023 21:21:51 +0000 Subject: [PATCH] Accepting request 1064729 from home:AndreasStieger:branches:security cryptsetup 2.6.1 OBS-URL: https://build.opensuse.org/request/show/1064729 OBS-URL: https://build.opensuse.org/package/show/security/cryptsetup?expand=0&rev=186 --- cryptsetup-2.6.0.tar.sign | 16 ---------------- cryptsetup-2.6.0.tar.xz | 3 --- cryptsetup-2.6.1.tar.sign | 16 ++++++++++++++++ cryptsetup-2.6.1.tar.xz | 3 +++ cryptsetup.changes | 18 ++++++++++++++++++ cryptsetup.spec | 9 ++++----- 6 files changed, 41 insertions(+), 24 deletions(-) delete mode 100644 cryptsetup-2.6.0.tar.sign delete mode 100644 cryptsetup-2.6.0.tar.xz create mode 100644 cryptsetup-2.6.1.tar.sign create mode 100644 cryptsetup-2.6.1.tar.xz diff --git a/cryptsetup-2.6.0.tar.sign b/cryptsetup-2.6.0.tar.sign deleted file mode 100644 index 52837d2..0000000 --- a/cryptsetup-2.6.0.tar.sign +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAmOEnKwACgkQ2bBXe9k+ -mPxHlg//Wt73l0gBiMwNUQdCtXL37+lWwUz2lxhfcs3Ud/tWb5M8/csw449JnF4c -MnTMCX8qz51Sxxq4GEvk0L6+gv8d5w5hdIwZIE6ArQIVx0CH2BcG0qlQ53vcFlcr -wvSVZyiggHsQX0YZgxWwrDX3+WRt+0S+F2tHTwW/1e/XXsb5Tqb2ksQcvFCvM71/ -EhT5BAaEZRC7pfIiDjIXkMGOnjxWpvkiimYzwiFnlt+Veaq4Xie+dWqM/wgrWNpb -UYnD2ZIbQ3IXDTKUhCKoQHUcO743uB0WJf7I5DVNfWPAFmeSRvHrmgqk+Ijl5rnw -WMlKU/3l5f3rXp1H46cfBBmpqmnDz2ikuYYgkHBDmpYr7F1SRpz1OV25V4uctah3 -SZ+Q0LpIiJAWOlgP64lRMYRZBsy0Vlx5sN2Y4OLUlPiRMeB0kcAPtoEN1302bzbs -fGFsFqqImAHnaV+udGH/tHlrjNeJf8Yf3YmMaa46xJgqcLJE+GjIdAQ+IHrzATSg -W4SLu2SZojeJq5rOMVJlYT6Ywg9hKWls7ltJilPqgBiwsDh9LWEWduTTNTzkXNs0 -sye8ZdTJ5k5aT82mJWhh/opeD5D7nS1+A1kLwskcuUL/8Llp+fZw5nZrVWKLb9Ik -8NnlB0S90VDaQUh/bDzNRwH8P/EwdZ/W/iUAPONP48zUbxfd0Vk= -=lIrc ------END PGP SIGNATURE----- diff --git a/cryptsetup-2.6.0.tar.xz b/cryptsetup-2.6.0.tar.xz deleted file mode 100644 index 8966c18..0000000 --- a/cryptsetup-2.6.0.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:44397ba76e75a9cde5b02177bc63cd7af428a785788e3a7067733e7761842735 -size 11495092 diff --git a/cryptsetup-2.6.1.tar.sign b/cryptsetup-2.6.1.tar.sign new file mode 100644 index 0000000..5730336 --- /dev/null +++ b/cryptsetup-2.6.1.tar.sign @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAmPlHwIACgkQ2bBXe9k+ +mPwtxg/+PohA6Ygk3e61i0IZmLdvHO2PJG3JefLxf1QDqImkKcALgUdNrt/qv1SZ +CBtM4pmYXfhIpYzavSPZdAC0nLvKkx66PpQRCk/ZmUSNZJ8IzmoM5MPZhWLspYtK +Z4mVXJz+UVdCAf7ayK7li9A+a947jpVKFlc5hSiQ8SnmkT8X0MhqGPLsO9Z6ndNK ++VpBPozZ1YQ6THYp2so5lF3BW9G6YAkm5XhN6IQreDCdZwF0Y4lff6G9PNHFSLpC +k9yLmvUgDsDNTcEjXeKbtvIlOzjjHfhJkEmyo9jNDWNUSU6wt5RqnCZmd1VbCQyB +HVCKb9Y0Yoz9rvzFBWnU6d1ZCe3aKLrVF89yK6mJ7CYh4CVURMJmIJ+1rEeg2z5n +NhXSLrMMF+Q9P/VNupOMec1DOg2OMRKExps5r7kvDeVOz9FmJoguMxAu1+dt0Ze8 +4b86ii2F+Py2tOy5OzQu7PvQkKbl8dvi8qJM8cEovKIsWiHTp/2Heo0gjXaLJ/kK +v/821T9v3ZO7dmtlhgps9q4xEjWV/u3kWwXXFgEtKby48UVzTGNXsDDdkrVEdy2J +jKBnqO31mGa8ButNRQvZ6rEOPFaCmdpy95/u5v22LhlACdkEwt5Cky0t6NMKSpvp +sSgVzYmU6Pk5RdOzZCt1pyIPwEfJa1y5N1k/kuBasdqPw95RRsM= +=m/Re +-----END PGP SIGNATURE----- diff --git a/cryptsetup-2.6.1.tar.xz b/cryptsetup-2.6.1.tar.xz new file mode 100644 index 0000000..aeb3569 --- /dev/null +++ b/cryptsetup-2.6.1.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:410ded65a1072ab9c8e41added37b9729c087fef4d2db02bb4ef529ad6da4693 +size 11402380 diff --git a/cryptsetup.changes b/cryptsetup.changes index 2f76ec1..ae4e3c3 100644 --- a/cryptsetup.changes +++ b/cryptsetup.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Sun Feb 12 21:15:43 UTC 2023 - Andreas Stieger + +- cryptsetup 2.6.1 + * bitlk: Fixes for BitLocker-compatible on-disk metadata parser + * Fix possible iteration overflow in OpenSSL2 PBKDF2 crypto + backend + * portability and compilation fixes + * verity: Fix possible hash offset setting overflow. + * bitlk: Fix use of startup BEK key on big-endian platforms. + * Do not initiate encryption (reencryption command) when the + header and data devices are the same. If data device reduction + is not requsted, this leads to data corruption since LUKS + metadata was written over the data device. + * Fix possible memory leak if crypt_load() fails. + * Always use passphrases with a minimal 8 chars length for + benchmarking, as used in some implementation of FIPS mode + ------------------------------------------------------------------- Tue Dec 27 10:30:22 UTC 2022 - Ludwig Nussel diff --git a/cryptsetup.spec b/cryptsetup.spec index 09f5ef5..53a6e78 100644 --- a/cryptsetup.spec +++ b/cryptsetup.spec @@ -16,18 +16,17 @@ # -%define tar_version 2.6.0 %define so_ver 12 Name: cryptsetup -Version: 2.6.0 +Version: 2.6.1 Release: 0 Summary: Setup program for dm-crypt Based Encrypted Block Devices License: LGPL-2.0-or-later AND SUSE-GPL-2.0-with-openssl-exception Group: System/Base URL: https://gitlab.com/cryptsetup/cryptsetup/ -Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-%{tar_version}.tar.xz +Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-%{version}.tar.xz # GPG signature of the uncompressed tarball. -Source1: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-%{tar_version}.tar.sign +Source1: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-%{version}.tar.sign Source2: baselibs.conf Source3: cryptsetup.keyring Source4: %{name}-rpmlintrc @@ -121,7 +120,7 @@ includes support for automatically setting up encrypted volumes at boot time via the config file %{_sysconfdir}/crypttab. %prep -%autosetup -n cryptsetup-%{tar_version} +%autosetup -p1 %build %configure \