[Bug 1548137] Re: cryptsetup: consider merging 2:1.7.0-2 from debian

Launchpad Bug Tracker 1548137 at bugs.launchpad.net
Sun Jul 3 21:40:45 UTC 2016 

This bug was fixed in the package cryptsetup - 2:1.7.2-0ubuntu1

---------------
cryptsetup (2:1.7.2-0ubuntu1) yakkety; urgency=medium

  * New upstream release, merge from Debian unstable (LP: #1548137). Remaining
    Ubuntu changes:
    - debian/control:
      + Bump initramfs-tools Suggests to Depends: so system is not
        potentially rendered unbootable.
      + Depend on plymouth.
      + Invert the "busybox | busybox-static" Recommends, as the latter
        is the one we ship in main as part of the ubuntu-standard task.
      + Drop explicit libgcrypt20 dependency from libcryptsetup4.

cryptsetup (2:1.7.0-2) unstable; urgency=medium

  [ Guilhem Moulin ]
  * Fix cryptsetup shutdown procedure on sysvinit, broken since 2:1.7.0-1 for
    systems without active crypttab entry at the time fo the shutdown.
    (Closes: #792552, #810380)

cryptsetup (2:1.7.0-1) unstable; urgency=medium

  [ Jonas Meurer ]
  * new upstream release 1.7.0. Highlights include:
    - cryptsetup TCRYPT mode now supports VeraCrypt devices (in 1.6.7)
    - fix activation using (UNSECURE) ECB mode (in 1.6.7) (closes: #784129)
    - properly support stdin "-" handling for luksAddKey for both new and old
      keyfile parameters. (in 1.6.8)
    - default hash function is now SHA256 (used in key derivation function
      and anti-forensic splitter) (in 1.7.0)
  * debian/cryptsetup.functions, debian/initramfs/cryptroot.{hook,script}: add
    support for veracrypt option to cryptdisks initscript and cryptroot
    initramfs script. (closes: #806290)
  * debian/cryptdisks.functions: don't use '--key-file=-' with the tcrypt
    extension. This fixes the tcrypt implementation in the initscript and
    provides a workaround for upstream issue #269.
  * debian/cryptsetup.bug-script: do not send potentially private information
    without prior user confirmation in reportbug script. (Closes: #783298)
  * debian/cryptsetup.apport: do not send potentially private information
    without prior user confirmation in apport hook.
  * debian/control, debian/NEWS: fix links to cryptsetup homepage/FAQ. Homepage
    (and FAQ) moved from code.google.com to gitlab.com. (closes: #781674)
  * debian/*: update hyperlinks to use https instead of http where appropriate.
  * debian/rules, debian/post{inst,rm}: don't install cryptdisks_st{art,op}
    symlinks to /usr/sbin if everything-in-usr directories scheme is used.
    Thanks to Marco d'Itri for the patch. (closes: #767921)
  * debian/scripts/luksformat: search for mkfs binaries in /usr/sbin, /usr/bin,
    /sbin and /bin (default order in $PATH). This fixes luksformat for btrfs
    filesystems. (closes: #805353)
  * debian/dirs, debian/rules: install cryptdisks bash-completion script into
    /usr/share/bash-completion/completions.
  * debian/cryptdisks.functions: iterate over remaining open crypttab devices
    in do_stop() in order to close dependent devices and don't freeze the
    shutdown process. Thanks to Avatar for the patch. (closes: #792552)
  * debian/rules: set V=1 in order to make build logs usable for blhc.
  * debian/rules: set DEB_VERSION and DEB_DATE in a way to make cryptsetup
    build reproducible. Thanks to Dhole and Valentin Lorentz for patches.
    (closes: #780864, #794106)
  * debian/cryptdisks.functions: bring the passphrase prompt in line with the
    one from initramfs script in order to make the user experience more
    consistent. (closes: #772943)
  * debian/initramfs/cryptroot-script: move sanity checks of $cryptkeyscript
    and potential expansion to '/lib/cryptsetup/askpass' to the beginning of
    setup_mapping().

  [ Guilhem Moulin ]
  * debian/README.{Debian,remote}: remove dropbear-specific configuration and
    point to dropbear-initramfs instead. Since version 2015.70-1, dropbear
    ships dropbear-specific initramfs configuration and documentation in an
    own binary package dropbear-initramfs. (closes: #801471)
  * debian/initramfs/cryptroot-{hook,script}: add support for 'keyslot' option
    to cryptroot initramfs script. (closes: #801479)
  * debian/README.initramfs, debian/initramfs/cryptroot-hook: add support for
    storing keyfiles directly in the initrd. (closes: #786578)
  * debian/initramfs/cryptroot-hook: display a warning for invalid source
    devices. (closes: #720515, #781955, #784435)
  * debian/askpass.c: add plymouth support to the askpass helper command.
  * debian/cryptdisks.functions, debian/initramfs/cryptroot-script: remove
    special treatment of plymouth installations now that askpass supports
    plymouth natively.
  * debian/initramfs/cryptroot-unlock(-hook): add initramfs hook and script
    to remotely unlock cryptroot devices. (closes: #782024, #697156)

 -- Unit 193 <unit193 at ubuntu.com>  Wed, 22 Jun 2016 16:30:01 -0400

** Changed in: cryptsetup (Ubuntu)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1548137

Title:
  cryptsetup: consider merging 2:1.7.0-2 from debian

Status in cryptsetup package in Ubuntu:
  Fix Released

Bug description:
  DalekSec | https://bugs.debian.org/815480 so someone might want to merge from Debian, then bump the version.  (Debian has had changes: http://metadata.ftp-master.debian.org/changelogs/main/c/cryptsetup/unstable_changelog )
  ubot5 | Debian bug 815480 in src:cryptsetup "cryptsetup: versions before 1.7.1 incompatible with latest batch of Linux kernels (mainline and stable)"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1548137/+subscriptions

More information about the foundations-bugs mailing list