pool/cryptsetup
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 44ca5f7379 Accepting request 1229756 from security factory Ana Guerrero 2024-12-11 20:00:52 +0000
  • 885a1330e4 - cryptsetup-fips140-3.patch: extend the password for PBKDF2 benchmarking to be more than 20 chars to meet FIPS 140-3 requirements (bsc#1229975) devel Pedro Monreal Gonzalez 2024-12-03 09:35:06 +0000
  • 0c48009205 Accepting request 1200765 from security Ana Guerrero 2024-09-15 10:32:53 +0000
  • e7976f0568 - Update to 2.7.5: * Fix possible online reencryption data corruption (only in 2.7.x). In some situations (initializing a suspended device-mapper device), cryptsetup disabled direct-io device access. This caused unsafe online reencryption operations that could lead to data corruption. The code now adds strict checks (and aborts the operation) and changes direct-io detection code to prevent data corruption. * Fix a clang compilation error in SSH token plugin. As clang linker treats missing symbols as errors, the linker phase for the SSH token failed as the optional cryptsetup_token_buffer_free was not defined. * Fix crypto backend initialization in crypt_format_luks2_opal API call. Pedro Monreal Gonzalez 2024-09-13 07:39:51 +0000
  • 9fdef8bed1 back out x86-64-v3 change Andreas Stieger 2024-08-20 11:27:24 +0000
  • 7f4f0878f0 Accepting request 1194754 from home:RN:cryptsetup Andreas Stieger 2024-08-19 19:51:29 +0000
  • 9fbdfa5559 Accepting request 1190588 from security Dominique Leuenberger 2024-08-01 20:03:44 +0000
  • 05965c5900 Accepting request 1190586 from home:mschreiner:branches:security Andreas Stieger 2024-07-31 06:37:09 +0000
  • 9563f85232 Accepting request 1190462 from home:pmonrealgonzalez:branches:security Pedro Monreal Gonzalez 2024-07-30 11:55:40 +0000
  • fbbe067657 Accepting request 1187073 from home:pevik:branches:security Pedro Monreal Gonzalez 2024-07-30 11:52:06 +0000
  • a3b9b4d0c2 Accepting request 1166583 from security Ana Guerrero 2024-04-10 15:48:58 +0000
  • ab2a7c9655 Accepting request 1166516 from home:AndreasStieger:branches:security Pedro Monreal Gonzalez 2024-04-10 07:32:59 +0000
  • 17b57cbf7d Accepting request 1158211 from security Ana Guerrero 2024-03-17 21:10:48 +0000
  • a3ab8c2f62 Accepting request 1157608 from home:pmonrealgonzalez:branches:security Pedro Monreal Gonzalez 2024-03-15 11:46:26 +0000
  • 97f8c697a5 Accepting request 1142597 from security Ana Guerrero 2024-01-30 17:24:12 +0000
  • 9a7370c09b Accepting request 1142596 from home:pmonrealgonzalez:branches:security Pedro Monreal Gonzalez 2024-01-29 17:02:57 +0000
  • 540dc9dc26 Accepting request 1098512 from security Dominique Leuenberger 2023-07-15 21:14:26 +0000
  • 82af2dfa2d Accepting request 1098511 from home:pmonrealgonzalez:branches:security Pedro Monreal Gonzalez 2023-07-13 11:20:07 +0000
  • 0a7c78c1ff Accepting request 1093291 from security Dominique Leuenberger 2023-06-17 20:20:05 +0000
  • b44b295cd3 Accepting request 1093121 from home:pmonrealgonzalez:branches:security Pedro Monreal Gonzalez 2023-06-15 12:05:44 +0000
  • 60962f2300 Accepting request 1064730 from security Dominique Leuenberger 2023-02-14 15:42:30 +0000
  • 43e9b52bc7 Accepting request 1064729 from home:AndreasStieger:branches:security Andreas Stieger 2023-02-12 21:21:51 +0000
  • 2e667013fc Accepting request 1055943 from security Dominique Leuenberger 2023-01-05 14:00:19 +0000
  • cf385930c9 Accepting request 1052843 from home:lnussel:usrmerge Andreas Stieger 2023-01-04 16:08:29 +0000
  • e9929646b3 Accepting request 1038821 from security Dominique Leuenberger 2022-11-30 13:58:56 +0000
  • 8cea81ce7b Accepting request 1038690 from home:polslinux:branches:security Ludwig Nussel 2022-11-29 07:29:17 +0000
  • db4246dcb6 Accepting request 1003455 from security Dominique Leuenberger 2022-09-15 20:57:41 +0000
  • 59aec6d066 Accepting request 1003354 from home:bluca:branches:security Ludwig Nussel 2022-09-14 07:18:13 +0000
  • c067b49eca Accepting request 999047 from security Dominique Leuenberger 2022-08-25 13:33:10 +0000
  • 0ffce94442 Accepting request 999046 from home:lnussel:branches:security Ludwig Nussel 2022-08-24 11:32:11 +0000
  • de1f20aa9d Accepting request 946915 from security Dominique Leuenberger 2022-01-19 23:11:59 +0000
  • ee04894715 Accepting request 946498 from home:AndreasStieger:branches:security Ludwig Nussel 2022-01-17 09:00:02 +0000
  • 3ec70ab5a7 Accepting request 919547 from security Dominique Leuenberger 2021-09-21 19:12:23 +0000
  • 1e4cc6eca2 - cryptsetup 2.4.1 * Fix compilation for libc implementations without dlvsym(). * Fix compilation and tests on systems with non-standard libraries * Try to workaround some issues on systems without udev support. * Fixes for OpenSSL3 crypto backend (including FIPS mode). * Print error message when assigning a token to an inactive keyslot. * Fix offset bug in LUKS2 encryption code if --offset option was used. * Do not allow LUKS2 decryption for devices with data offset. * Fix LUKS1 cryptsetup repair command for some specific problems. - cryptsetup 2.4.0 (jsc#SLE-20275) Ludwig Nussel 2021-09-16 15:25:13 +0000
  • a9f0d82fe4 Accepting request 915495 from security Dominique Leuenberger 2021-09-02 21:20:08 +0000
  • cddcbab746 - As YaST passes necessary parameters to cryptsetup anyway, we do not necessarily need to take grub into consideration. So back to Argon2 to see how it goes. Ludwig Nussel 2021-08-25 13:47:31 +0000
  • 002330efa3 update Ludwig Nussel 2021-08-23 05:09:18 +0000
  • 9b4f111a1b add feature reference Ludwig Nussel 2021-08-12 13:00:47 +0000
  • c25748051d - need to use PBKDF2 by default for LUKS2 as grub can't decrypt when using Argon. Ludwig Nussel 2021-08-03 13:44:07 +0000
  • db71e925b5 merge Ludwig Nussel 2021-08-02 15:43:50 +0000
  • 8d2c1398f0 - crypsetup 2.4.0~rc1 * External LUKS token plugins * Experimental SSH token * Default LUKS2 PBKDF is now Argon2id * Increase minimal memory cost for Argon2 benchmark to 64MiB. * Autodetect optimal encryption sector size on LUKS2 format. * Use VeraCrypt option by default and add --disable-veracrypt option. * Support --hash and --cipher to limit opening time for TCRYPT type * Fixed default OpenSSL crypt backend support for OpenSSL3. * integritysetup: add integrity-recalculate-reset flag. * cryptsetup: retains keyslot number in luksChangeKey for LUKS2. * Fix cryptsetup resize using LUKS2 tokens. * Add close --deferred and --cancel-deferred options. * Rewritten command-line option parsing to avoid libpopt arguments memory leaks. * Add --test-args option. - switch to LUKS2 default format Ludwig Nussel 2021-08-02 15:10:27 +0000
  • 2ca5e2b515 Accepting request 903414 from security Dominique Leuenberger 2021-07-04 20:10:04 +0000
  • 45054f2786 - cryptsetup 2.3.6: Ludwig Nussel 2021-07-01 12:55:11 +0000
  • 5920c59684 Accepting request 879091 from security Richard Brown 2021-03-16 14:42:41 +0000
  • 8725925458 Accepting request 878732 from home:AndreasStieger:branches:security Ludwig Nussel 2021-03-15 07:59:10 +0000
  • f540257485 Accepting request 853733 from security Dominique Leuenberger 2020-12-08 12:23:17 +0000
  • d173fab52a typo Ludwig Nussel 2020-12-08 12:03:55 +0000
  • 9197d62a77 - SLE marker: implements jsc#SLE-5911, bsc#116558, jsc#SLE-145149 Ludwig Nussel 2020-12-08 08:53:32 +0000
  • 8fc7ca0b5c Accepting request 849585 from security Dominique Leuenberger 2020-11-23 15:38:36 +0000
  • c6c715c2f5 Accepting request 849583 from home:lnussel:usrmove Ludwig Nussel 2020-11-20 09:26:02 +0000
  • f349d69df6 Accepting request 832027 from security Dominique Leuenberger 2020-09-08 20:44:25 +0000
  • d9929bafef Accepting request 832026 from home:lnussel:branches:security Ludwig Nussel 2020-09-04 08:13:03 +0000
  • e7c9a9bb28 Accepting request 810247 from security Dominique Leuenberger 2020-06-03 18:29:42 +0000
  • 91d92afad9 Accepting request 810023 from home:AndreasStieger:branches:security Ludwig Nussel 2020-05-29 15:01:56 +0000
  • 26eae3b3c3 Accepting request 790921 from security Dominique Leuenberger 2020-04-05 18:49:04 +0000
  • 7b6ff2d0f5 - Split translations to -lang package Ludwig Nussel 2020-04-02 14:37:41 +0000
  • 8873d8f729 - New version to 2.3.1 * Support VeraCrypt 128 bytes passwords. VeraCrypt now allows passwords of maximal length 128 bytes (compared to legacy TrueCrypt where it was limited by 64 bytes). * Strip extra newline from BitLocker recovery keys There might be a trailing newline added by the text editor when the recovery passphrase was passed using the --key-file option. * Detect separate libiconv library. It should fix compilation issues on distributions with iconv implemented in a separate library. * Various fixes and workarounds to build on old Linux distributions. * Split lines with hexadecimal digest printing for large key-sizes. * Do not wipe the device with no integrity profile. With --integrity none we performed useless full device wipe. * Workaround for dm-integrity kernel table bug. Some kernels show an invalid dm-integrity mapping table if superblock contains the "recalculate" bit. This causes integritysetup to not recognize the dm-integrity device. Integritysetup now specifies kernel options such a way that even on unpatched kernels mapping table is correct. * Print error message if LUKS1 keyslot cannot be processed. If the crypto backend is missing support for hash algorithms used in PBKDF2, the error message was not visible. * Properly align LUKS2 keyslots area on conversion. If the LUKS1 payload offset (data offset) is not aligned to 4 KiB boundary, new LUKS2 keyslots area in now aligned properly. * Validate LUKS2 earlier on conversion to not corrupt the device if binary keyslots areas metadata are not correct. Ludwig Nussel 2020-04-02 14:27:54 +0000
  • 7252bcb7bd Accepting request 770054 from security Dominique Leuenberger 2020-02-09 20:02:18 +0000
  • c833c93fcf Accepting request 769866 from home:polslinux:branches:security Ludwig Nussel 2020-02-04 16:53:39 +0000
  • f33f765a5e Accepting request 755886 from security Dominique Leuenberger 2019-12-17 12:29:09 +0000
  • 6a28f3c770 Accepting request 739355 from home:vitezslav_cizek:branches:security Ludwig Nussel 2019-12-11 15:11:37 +0000
  • 1590108120 Accepting request 701789 from security Dominique Leuenberger 2019-05-14 11:29:48 +0000
  • a86aef0410 retrofit bug number for sle Ludwig Nussel 2019-05-09 11:56:46 +0000
  • 277dfb964c Accepting request 677121 from security Yuchen Lin 2019-02-20 13:08:36 +0000
  • b860f84edd Accepting request 676570 from home:jengelh:branches:security Ludwig Nussel 2019-02-18 12:27:45 +0000
  • 901c97104c - New version 2.1.0 * The default size of the LUKS2 header is increased to 16 MB. It includes metadata and the area used for binary keyslots; it means that LUKS header backup is now 16MB in size. * Cryptsetup now doubles LUKS default key size if XTS mode is used (XTS mode uses two internal keys). This does not apply if key size is explicitly specified on the command line and it does not apply for the plain mode. This fixes a confusion with AES and 256bit key in XTS mode where code used AES128 and not AES256 as often expected. * Default cryptographic backend used for LUKS header processing is now OpenSSL. For years, OpenSSL provided better performance for PBKDF. * The Python bindings are no longer supported and the code was removed from cryptsetup distribution. Please use the libblockdev project that already covers most of the libcryptsetup functionality including LUKS2. * Cryptsetup now allows using --offset option also for luksFormat. * Cryptsetup now supports new refresh action (that is the alias for "open --refresh"). * Integritysetup now supports mode with detached data device through new --data-device option. - 2.1.0 would use LUKS2 as default, we stay with LUKS1 for now until someone has time to evaluate the fallout from switching to LUKS2. Ludwig Nussel 2019-02-15 14:36:10 +0000
  • 96adeab889 Accepting request 645684 from security Dominique Leuenberger 2018-11-06 14:25:37 +0000
  • 3dd02a4dcc Accepting request 645498 from home:lnussel:branches:security Ludwig Nussel 2018-10-31 08:59:56 +0000
  • 873a55aadc Accepting request 630730 from security Dominique Leuenberger 2018-08-28 07:22:31 +0000
  • 405535408f fix Ludwig Nussel 2018-08-21 09:23:54 +0000
  • b9976bf5b8 - New version 2.0.4 Changes since version 2.0.3 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ * Use the libblkid (blockid) library to detect foreign signatures on a device before LUKS format and LUKS2 auto-recovery. This change fixes an unexpected recovery using the secondary LUKS2 header after a device was already overwritten with another format (filesystem or LVM physical volume). LUKS2 will not recreate a primary header if it detects a valid foreign signature. In this situation, a user must always use cryptsetup repair command for the recovery. Note that libcryptsetup and utilities are now linked to libblkid as a new dependence. To compile code without blockid support (strongly discouraged), use --disable-blkid configure switch. * Add prompt for format and repair actions in cryptsetup and integritysetup if foreign signatures are detected on the device through the blockid library. After the confirmation, all known signatures are then wiped as part of the format or repair procedure. * Print consistent verbose message about keyslot and token numbers. For keyslot actions: Key slot <number> unlocked/created/removed. For token actions: Token <number> created/removed. * Print error, if a non-existent token is tried to be removed. * Add support for LUKS2 token definition export and import. The token command now can export/import customized token JSON file directly from command line. See the man page for more details. * Add support for new dm-integrity superblock version 2. * Add an error message when nothing was read from a key file. * Update cryptsetup man pages, including --type option usage. Ludwig Nussel 2018-08-21 07:44:40 +0000
  • 7375ef6f52 Accepting request 574742 from security Dominique Leuenberger 2018-02-13 09:25:18 +0000
  • 6a3a5ab46f Accepting request 574741 from home:AndreasStieger:branches:security Ludwig Nussel 2018-02-09 15:48:12 +0000
  • d2aa865791 Accepting request 562805 from security Dominique Leuenberger 2018-01-31 18:48:16 +0000
  • d84b0a491a OBS-URL: https://build.opensuse.org/package/show/security/cryptsetup?expand=0&rev=137 Ludwig Nussel 2018-01-09 09:48:53 +0000
  • 7cb1ae6064 Accepting request 561151 from home:archie172:branches:security Ludwig Nussel 2018-01-09 08:52:58 +0000
  • e2bd3202b3 Accepting request 492821 from security Dominique Leuenberger 2017-05-10 18:34:03 +0000
  • 04c288cc69 Accepting request 492031 from home:pluskalm:branches:security Ludwig Nussel 2017-05-04 09:42:46 +0000
  • d82cae9dac Accepting request 481749 from security Yuchen Lin 2017-04-07 12:17:28 +0000
  • 96565497db Accepting request 480910 from home:pluskalm:branches:security Marcus Meissner 2017-03-21 11:44:43 +0000
  • 47cacbabc0 Accepting request 423052 from security Dominique Leuenberger 2016-08-28 10:17:20 +0000
  • 5b2dc6e33d Accepting request 422113 from home:Alexander_Naumov:branches:security Alexander Naumov 2016-08-26 11:48:47 +0000
  • 8d993e85ec Accepting request 357344 from security Dominique Leuenberger 2016-02-12 10:20:59 +0000
  • 4f8e236159 Accepting request 352690 from home:benoit_monin:branches:security Ludwig Nussel 2016-02-02 11:57:35 +0000
  • 323c74e83b Accepting request 350182 from security Dominique Leuenberger 2015-12-23 08:56:19 +0000
  • 36e909287e Accepting request 349019 from home:tiwai:branches:security Marcus Meissner 2015-12-21 11:53:09 +0000
  • 8c796b5e04 Accepting request 338019 from security Dominique Leuenberger 2015-10-20 14:21:29 +0000
  • ce789c545b Accepting request 329788 from home:adra:branches:security Ludwig Nussel 2015-10-12 09:14:03 +0000
  • 8bdd24a00d Accepting request 295656 from security Dominique Leuenberger 2015-04-21 10:02:13 +0000
  • 2ebbcc2226 Accepting request 295595 from home:elvigia:branches:security Ludwig Nussel 2015-04-13 09:46:51 +0000
  • d3e63f96b0 Accepting request 294961 from security Dominique Leuenberger 2015-04-10 07:44:54 +0000
  • da8c646220 Accepting request 294152 from home:pluskalm:branches:security Ludwig Nussel 2015-04-08 12:54:34 +0000
  • c702d47d37 Accepting request 249222 from security Stephan Kulow 2014-09-17 19:24:38 +0000
  • 245087ea13 Accepting request 249180 from home:adra:branches:security Ludwig Nussel 2014-09-15 09:54:57 +0000
  • 6136ac7941 Accepting request 246424 from security Stephan Kulow 2014-08-27 20:18:06 +0000
  • a823d6ea4c Accepting request 245748 from home:msmeissn:branches:security Ludwig Nussel 2014-08-26 06:33:53 +0000
  • 10401f6d08 Accepting request 244510 from security Ludwig Nussel 2014-08-15 07:55:25 +0000
  • 9d75fbda81 Accepting request 244369 from home:adra:branches:security Ludwig Nussel 2014-08-13 07:59:19 +0000
  • 110c3d1016 Accepting request 244329 from home:msmeissn:branches:security Ludwig Nussel 2014-08-12 13:38:20 +0000
  • 46036de7cc Accepting request 239882 from security Stephan Kulow 2014-07-13 15:15:27 +0000