Package: cryptsetup Version: 2:1.0.6-1 Severity: grave Tags: security Justification: user security hole
I have an encrypted /home partition and usplash is installed. Whenever I'm not quick enough entering the LUKS passphrase, usplash times out and in order to continue the boot process I need to switch to tty 8 where I can enter the passphrase. And here's the security problem: As I type, the passphrase appears as cleartext on the screen... cheers, Daniel -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing'), (200, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages cryptsetup depends on: ii dmsetup 2:1.02.24-4 The Linux Kernel Device Mapper use ii libc6 2.7-10 GNU C Library: Shared libraries ii libdevmapper1.02.1 2:1.02.24-4 The Linux Kernel Device Mapper use ii libpopt0 1.10-3 lib for parsing cmdline parameters ii libuuid1 1.40.8-2 universally unique id library cryptsetup recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]