Debian Package Tracker

From: Guilhem Moulin <guilhem@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted cryptsetup 2:2.1.0-5+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Wed, 21 Aug 2019 21:32:09 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 16 Aug 2019 19:18:10 +0200
Source: cryptsetup
Architecture: source
Version: 2:2.1.0-5+deb10u1
Distribution: buster
Urgency: high
Maintainer: Debian Cryptsetup Team <pkg-cryptsetup-devel@alioth-lists.debian.net>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 934715
Changes:
 cryptsetup (2:2.1.0-5+deb10u1) buster; urgency=high
 .
   * Backport upstream commits c03e3fe8, 725720df and fe4e1de5 to fix support
     for LUKS2 headers without any bound keyslot.  Adding a new key slot using
     the volume key was failing, both via the crypt_keyslot_add_by_volume_key()
     API call and with `luksAddKey --master-key`.  The former in particular
     might yield data loss if, in order to change a passphrase, an application
     destroys the keyslot before adding a new one (using the volume key), cf.
     #928893.  Note that doing so is *unsafe*: applications should instead use
     crypt_keyslot_change_by_passphrase() from libcryptsetup >=1.6.0.
     Trying to open LUKS2 volume by supplying the volume key on the command
     line was also failing if there were no bound keyslot on the header.
     (Closes: #934715)
Checksums-Sha1:
 72b640acf3a8b6e7a73afafc23c30041000cfca6 2842 cryptsetup_2.1.0-5+deb10u1.dsc
 5242cff9caa69731b0b58220c833a298ae64d904 110872 cryptsetup_2.1.0-5+deb10u1.debian.tar.xz
 91f8d4dc4f5bca2918f3f74f5c8c8a97bd7df8ba 9337 cryptsetup_2.1.0-5+deb10u1_amd64.buildinfo
Checksums-Sha256:
 3df40697fadbef48f40cc8b935ab0bdc5cd6aaa5c379db06158a14c44ed3a27c 2842 cryptsetup_2.1.0-5+deb10u1.dsc
 5b05a8ad65e146a9bd5d36b6ef642aa0ab86954961e6b3cf3fa7713fd399c8bb 110872 cryptsetup_2.1.0-5+deb10u1.debian.tar.xz
 fc4091fdde72b8a991eb1d8209e6087e92681b3f05e149f63322fe8a5232c3a7 9337 cryptsetup_2.1.0-5+deb10u1_amd64.buildinfo
Files:
 d559dba72d95c3fc020d52615aa0e3a2 2842 admin optional cryptsetup_2.1.0-5+deb10u1.dsc
 1eed548ecf407ca9892ea14796aaa03f 110872 admin optional cryptsetup_2.1.0-5+deb10u1.debian.tar.xz
 13a717768bfaa69da19409ed4463814a 9337 admin optional cryptsetup_2.1.0-5+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAl1W55AACgkQ05pJnDwh
pVKsQA/7BiKjYa9UatgTbPQltHC7/PYXrD+4Tk8Wefj4qPuqokg8RI2ZnLaH+P9X
/qn5dIKRtavY20BvMY9XbcgMGOo4wYu/kVSojOLIde7q29ObqCJYtrnDqT+4d8YX
2aPfdg1wUBkykV2NmLbzQA74S9312asPiDrde/9uQoQuvJpzGLG2taLKwpeJb42/
DxcxpET3u1tP1tDxmpTM0EMLkO10IXkFFj5Wa+jSoURH4pQrZtqNBlYxw2CNsLFW
dHLPD67fUStN3wMzqQgHD+9lr+WhUjh5uIoLUbRIGKR6KbHr+GCvdzi636HLUnJo
LmPN9yRO0vcsnpv9RPBy5ydKJUgDJT+d13Qbsf9N2ZIarVVJKeUaGYvqdUnnXLNe
YOG2Y3yqc3BoOV43KNEaEq9V9+ERqF7uE33SBwfc4MkKKWKJC6VHPb/ny6CzLZZs
6lpOJG0JZxlDTUNADHe3E1P1MLWmmQEqN/rJNUFFGh1LpyzR+C0hheTb+KAcI8ES
ph92gltUPPbce9nYVHhxNl2dWlRxQZMl0lopAsrmqBRWVSXgioTABL5Tpwl51A8+
PRggsuK33eRxdvxQCuuT3xgY5aQVWjAEd2+H7ZAwW4+CV/lyCqBRbIl3IWYtwNMp
wcTOJwd9W8szoWPGNr36Q9UhaagS7RAZg21yF8bceni2AezC9pw=
=M07a
-----END PGP SIGNATURE-----
News for package cryptsetup
