forked from pool/cryptsetup
Accepting request 770054 from security
OBS-URL: https://build.opensuse.org/request/show/770054 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cryptsetup?expand=0&rev=107
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
7252bcb7bd
@ -1,16 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAlxdkp0ACgkQ2bBXe9k+
|
||||
mPx0JxAAu+yx54yDHQO1QOZvINKVSrLwZ/nGAy+JDQsOsM/+zOlXictxD/yybzZv
|
||||
GFuWdn5POnZDfwjp9b9UvudOUbxTLWNimyavV58iG0ICgFbxC6wpCVn0NxC+lPtt
|
||||
3uThWXTgJzcDpGbi9oi7FWEoihG7DJHMsGVUeUnhcZC+NSdXl6/ZTb5i68/rNNzc
|
||||
YHwM7OSWczn39Bdr0+/gs3jxnO01OP1weNgFZ6ChcENkSp8n+TQJEVwa+yiuO+rP
|
||||
BcBws0zjBYTKcpm/ZtuPGczwOaEBwk/jyamgfoobIeCzIyyUdMrCxwE/3oYMJxqS
|
||||
faijxMd21RZ3yqnkwvhTO1CbGWHAlVCqjAzyX8okhgjVi8gQpWvD67WRSC7FX+vD
|
||||
72m9yZ5qTO0lNPTtze6xo88UvWskIZtSg1rPtP39vyBnAAgZflKFRu8r+IgXn612
|
||||
VRJLlit+mCmKOgi5ochkxlJgrMY6FmWbVMlq1sxFy1dk3wRQTh5DYzT5IGnhdXi8
|
||||
osY2swVKnVJhkThomVUJ8pXIwWGKZNGMzTU7Eofi9zSHwTMm0y6EdFNlXogrzmY3
|
||||
vEHOb3zEqPujWegBeqsHhuHgPQewgts+7bIPEbvEPsSwSqMvX8BPsyLv7c6bat9x
|
||||
GhXTLwGeJ2RcNmF5bH7GMe7b+XLVaeBzNjLE3Ty0iFWgzT3Uwd0=
|
||||
=gOH9
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:a3eeb2741f8f3376d16585191f3c60e067dd987e096c3c4b073fab7748b1c897
|
||||
size 10662576
|
||||
16
cryptsetup-2.3.0.tar.sign
Normal file
16
cryptsetup-2.3.0.tar.sign
Normal file
@ -0,0 +1,16 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQIzBAABCAAdFiEEKikYJD/eRmSNBob52bBXe9k+mPwFAl42+b4ACgkQ2bBXe9k+
|
||||
mPyC+w/+JY0R3jpt+iCfDjp/Terjwm+Q1NqOjTJ1pSps9ZzZF5vgqxDqF4IljxNX
|
||||
zM4YtEN9HUUoE0U12FXmFTYlfoD4rj1AzR4Er9oX+P4YlGVQ0dmkGGr9gsmh+mpY
|
||||
m9fZg3jLp+ebhkhIQqMgsUj2xjgQlYoc7hcRcNq9weatLBAidHIdd0JR/0ot2yAS
|
||||
eLRodVOtfMvLDGhatMgwxm+FEXbPbgQXYrOemcqlHYPzKLv6xir9ZsLowZxABRaB
|
||||
41LZ8o6+4VGqpoNA0r4M1XFqcJ0mDYLdLib7uNNFY97A5bZTUEmALuiHOBNdEygG
|
||||
AgBUPnZPJUgSRKmJP4QL2CM6U3si3eNLDwrIjwp0cFtqnZB3bUzGfeu0h/XXSkrV
|
||||
b6Yja7zneZNeWaxz8GWCiZwVVBtM2n7PamdVV4xqQF6GE0o84EkJ91oZBim+a/5B
|
||||
PUOgcctQaYUAKkuvYXVhZQBaL5D4ppBWaFthENZSQ4sSlEILtsz5LYvWq1oMLWkv
|
||||
rZN9lftPd5GqASkTIDQcTNL0GNdJR+P+0kMCNiWOCJzZNzEIk2D6tlyxjnJV8qrk
|
||||
rFcShE9R3dADDJ9Ew+91JRk8C2XSG9gOS29K3fF2Hdnv7nfiTns3dh2V6kz/821W
|
||||
E39CREgh0A67zppzKWyHnH1BayDeREgRA/TatjZWDAZOHWRM+Ig=
|
||||
=cfqp
|
||||
-----END PGP SIGNATURE-----
|
||||
3
cryptsetup-2.3.0.tar.xz
Normal file
3
cryptsetup-2.3.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:395690de99509428354d3cd15cf023bed01487e6f1565b2181e013dc847bbc85
|
||||
size 11035660
|
||||
@ -1,3 +1,60 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 4 07:59:24 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>
|
||||
|
||||
- Update to 2.3.0 (include release notes for 2.2.0)
|
||||
* BITLK (Windows BitLocker compatible) device access
|
||||
* Veritysetup now supports activation with additional PKCS7 signature
|
||||
of root hash through --root-hash-signature option.
|
||||
* Integritysetup now calculates hash integrity size according to algorithm
|
||||
instead of requiring an explicit tag size.
|
||||
* Integritysetup now supports fixed padding for dm-integrity devices.
|
||||
* A lot of fixes to online LUKS2 reecryption.
|
||||
* Add crypt_resume_by_volume_key() function to libcryptsetup.
|
||||
If a user has a volume key available, the LUKS device can be resumed
|
||||
directly using the provided volume key.
|
||||
No keyslot derivation is needed, only the key digest is checked.
|
||||
* Implement active device suspend info.
|
||||
Add CRYPT_ACTIVATE_SUSPENDED bit to crypt_get_active_device() flags
|
||||
that informs the caller that device is suspended (luksSuspend).
|
||||
* Allow --test-passphrase for a detached header.
|
||||
Before this fix, we required a data device specified on the command
|
||||
line even though it was not necessary for the passphrase check.
|
||||
* Allow --key-file option in legacy offline encryption.
|
||||
The option was ignored for LUKS1 encryption initialization.
|
||||
* Export memory safe functions.
|
||||
To make developing of some extensions simpler, we now export
|
||||
functions to handle memory with proper wipe on deallocation.
|
||||
* Fail crypt_keyslot_get_pbkdf for inactive LUKS1 keyslot.
|
||||
* Add optional global serialization lock for memory hard PBKDF.
|
||||
* Abort conversion to LUKS1 with incompatible sector size that is
|
||||
not supported in LUKS1.
|
||||
* Report error (-ENOENT) if no LUKS keyslots are available. User can now
|
||||
distinguish between a wrong passphrase and no keyslot available.
|
||||
* Fix a possible segfault in detached header handling (double free).
|
||||
* Add integritysetup support for bitmap mode introduced in Linux kernel 5.2.
|
||||
* The libcryptsetup now keeps all file descriptors to underlying device
|
||||
open during the whole lifetime of crypt device context to avoid excessive
|
||||
scanning in udev (udev run scan on every descriptor close).
|
||||
* The luksDump command now prints more info for reencryption keyslot
|
||||
(when a device is in-reencryption).
|
||||
* New --device-size parameter is supported for LUKS2 reencryption.
|
||||
* New --resume-only parameter is supported for LUKS2 reencryption.
|
||||
* The repair command now tries LUKS2 reencryption recovery if needed.
|
||||
* If reencryption device is a file image, an interactive dialog now
|
||||
asks if reencryption should be run safely in offline mode
|
||||
(if autodetection of active devices failed).
|
||||
* Fix activation through a token where dm-crypt volume key was not
|
||||
set through keyring (but using old device-mapper table parameter mode).
|
||||
* Online reencryption can now retain all keyslots (if all passphrases
|
||||
are provided). Note that keyslot numbers will change in this case.
|
||||
* Allow volume key file to be used if no LUKS2 keyslots are present.
|
||||
* Print a warning if online reencrypt is called over LUKS1 (not supported).
|
||||
* Fix TCRYPT KDF failure in FIPS mode.
|
||||
* Remove FIPS mode restriction for crypt_volume_key_get.
|
||||
* Reduce keyslots area size in luksFormat when the header device is too small.
|
||||
* Make resize action accept --device-size parameter (supports units suffix).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 17 11:55:51 UTC 2019 - Vítězslav Čížek <vcizek@suse.com>
|
||||
|
||||
- Create a weak dependency cycle between libcryptsetup and
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package cryptsetup
|
||||
#
|
||||
# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2020 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -22,15 +22,15 @@ Name: cryptsetup2
|
||||
%else
|
||||
Name: cryptsetup
|
||||
%endif
|
||||
Version: 2.1.0
|
||||
Version: 2.3.0
|
||||
Release: 0
|
||||
Summary: Setup program for dm-crypt Based Encrypted Block Devices
|
||||
License: SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.0-or-later
|
||||
Group: System/Base
|
||||
Url: https://gitlab.com/cryptsetup/cryptsetup/
|
||||
Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.1/cryptsetup-%{version}.tar.xz
|
||||
URL: https://gitlab.com/cryptsetup/cryptsetup/
|
||||
Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.3/cryptsetup-%{version}.tar.xz
|
||||
# GPG signature of the uncompressed tarball.
|
||||
Source1: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.1/cryptsetup-%{version}.tar.sign
|
||||
Source1: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.3/cryptsetup-%{version}.tar.sign
|
||||
Source2: baselibs.conf
|
||||
Source3: cryptsetup.keyring
|
||||
BuildRequires: device-mapper-devel
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user