diff --git a/boot.crypto-0_200909211050.tar.bz2 b/boot.crypto-0_200909211050.tar.bz2
deleted file mode 100644
index 3ab0113..0000000
--- a/boot.crypto-0_200909211050.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:32bdc236d3d90ee0d099d78b0d931fb3d179907a547fea83bc8d043bedb3d752
-size 17650
diff --git a/boot.crypto-0_200909241541.tar.bz2 b/boot.crypto-0_200909241541.tar.bz2
new file mode 100644
index 0000000..8e675da
--- /dev/null
+++ b/boot.crypto-0_200909241541.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7ac820de8fc0c338c0686854dd8d923bc4e50040ed4147a0dcd84715e9f6cc16
+size 17758
diff --git a/cryptsetup-1.0.7-eofpw.diff b/cryptsetup-1.0.7-eofpw.diff
new file mode 100644
index 0000000..6914ea7
--- /dev/null
+++ b/cryptsetup-1.0.7-eofpw.diff
@@ -0,0 +1,13 @@
+Index: cryptsetup-1.0.7/lib/utils.c
+===================================================================
+--- cryptsetup-1.0.7.orig/lib/utils.c
++++ cryptsetup-1.0.7/lib/utils.c
+@@ -452,6 +452,8 @@ int get_key(char *prompt, char **key, un
+ 		}
+ 		if(key_file)
+ 			close(fd);
++		if(!i) // we didn't read anything, user pressed ^D?
++			goto out_err;
+ 		pass[i] = 0;
+ 		*key = pass;
+ 		*passLen = i;
diff --git a/cryptsetup.changes b/cryptsetup.changes
index 66d3ec4..b56e376 100644
--- a/cryptsetup.changes
+++ b/cryptsetup.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Thu Sep 24 13:36:52 UTC 2009 - lnussel@suse.de
+
+- boot.crypto:
+  * don't use hashalot if keyfile is specified
+  * to comply with Debian, keyscripts must only output the password.
+    In order to allow keyscript to use different methods to retrieve
+    a key, add a keyscript_rawkey option.
+- cryptsetup:
+  * When reading no single byte for the key abort.
+
 -------------------------------------------------------------------
 Mon Sep 21 08:51:40 UTC 2009 - lnussel@suse.de
 
diff --git a/cryptsetup.spec b/cryptsetup.spec
index 7271d6c..22a1896 100644
--- a/cryptsetup.spec
+++ b/cryptsetup.spec
@@ -25,12 +25,12 @@ BuildRequires:  libselinux-devel
 # hashalot version
 %define haver 0.3 
 # boot.crypto version
-%define bcver 0_200909211050
+%define bcver 0_200909241541
 License:        BSD 3-clause (or similar) ; GPL v2 only ; GPL v2 or later
 Group:          System/Base
 AutoReqProv:    on
 Version:        1.0.7
-Release:        4
+Release:        5
 Summary:        Set Up dm-crypt Based Encrypted Block Devices
 Source:         cryptsetup-%{version}.tar.bz2
 Source1:        hashalot-%haver.tar.bz2
@@ -38,6 +38,7 @@ Source1:        hashalot-%haver.tar.bz2
 Source2:        boot.crypto-%{bcver}.tar.bz2
 # use this to create the tarball from svn
 Source99:       cryptsetup-mktar
+Patch0:         cryptsetup-1.0.7-eofpw.diff
 Patch10:        hashalot-fixes.diff
 Patch11:        hashalot-libgcrypt.diff
 Patch12:        hashalot-ctrl-d.diff
@@ -114,6 +115,7 @@ Authors:
 
 %prep
 %setup -q -b 1 -b 2
+%patch0 -p1
 pushd ../hashalot-%haver
 %patch10 -p1
 %patch11 -p1