commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2020-09-08 22:44:25 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new.3399 (New) Package is "cryptsetup" Tue Sep 8 22:44:25 2020 rev:110 rq:832027 version:2.3.4 Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2020-06-03 20:29:49.936682916 +0200 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new.3399/cryptsetup.changes 2020-09-08 22:44:43.123440137 +0200 @@ -1,0 +2,19 @@ +Fri Sep 4 09:49:31 CEST 2020 - Ludwig Nussel + +- Update to 2.3.4: + * Fix a possible out-of-bounds memory write while validating LUKS2 data +segments metadata (CVE-2020-14382, boo#1176128). + * Ignore reported optimal IO size if not aligned to minimal page size. + * Added support for new no_read/write_wrokqueue dm-crypt options (kernel 5.9). + * Added support panic_on_corruption option for dm-verity devices (kernel 5.9). + * Support --master-key-file option for online LUKS2 reencryption + * Always return EEXIST error code if a device already exists. + * Fix a problem in integritysetup if a hash algorithm has dash in the name. + * Fix crypto backend to properly handle ECB mode. + * TrueCrypt/VeraCrypt compatible mode now supports the activation of devices +with a larger sector. + * LUKS2: Do not create excessively large headers. + * Fix unspecified sector size for BitLocker compatible mode. + * Fix reading key data size in metadata for BitLocker compatible mode. + +--- Old: cryptsetup-2.3.3.tar.sign cryptsetup-2.3.3.tar.xz New: cryptsetup-2.3.4.tar.sign cryptsetup-2.3.4.tar.xz Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.TbNE7J/_old 2020-09-08 22:44:46.875441964 +0200 +++ /var/tmp/diff_new_pack.TbNE7J/_new 2020-09-08 22:44:46.875441964 +0200 @@ -22,7 +22,7 @@ %else Name: cryptsetup %endif -Version:2.3.3 +Version:2.3.4 Release:0 Summary:Setup program for dm-crypt Based Encrypted Block Devices License:SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.0-or-later ++ cryptsetup-2.3.3.tar.xz -> cryptsetup-2.3.4.tar.xz ++ /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup-2.3.3.tar.xz /work/SRC/openSUSE:Factory/.cryptsetup.new.3399/cryptsetup-2.3.4.tar.xz differ: char 15, line 1
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2020-06-03 20:29:42 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new.3606 (New) Package is "cryptsetup" Wed Jun 3 20:29:42 2020 rev:109 rq:810247 version:2.3.3 Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2020-04-05 20:49:09.304930613 +0200 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new.3606/cryptsetup.changes 2020-06-03 20:29:49.936682916 +0200 @@ -1,0 +2,22 @@ +Thu May 28 18:43:29 UTC 2020 - Andreas Stieger + +- Update to 2.3.3: + * Fix BitLocker compatible device access that uses native 4kB +sectors + * Support large IV count (--iv-large-sectors) cryptsetup option +for plain device mapping + * Fix a memory leak in BitLocker compatible handling + * Allow EBOIV (Initialization Vector algorithm) use + * LUKS2: Require both keyslot cipher and key size option, do +not fail silently +- includes changes from 2.3.2: + * Add option to dump content of LUKS2 unbound keyslot + * Add support for discards (TRIM) for standalone dm-integrity +devices (Kernel 5.7) via --allow-discards, not for LUKS2 + * Fix cryptsetup-reencrypt to work on devices that do not allow +direct-io device access. + * Fix a crash in the BitLocker-compatible code error path + * Fix Veracrypt compatible support for longer (>64 bytes) +passphrases + +--- Old: cryptsetup-2.3.1.tar.sign cryptsetup-2.3.1.tar.xz New: cryptsetup-2.3.3.tar.sign cryptsetup-2.3.3.tar.xz Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.GOVZbt/_old 2020-06-03 20:29:51.636688084 +0200 +++ /var/tmp/diff_new_pack.GOVZbt/_new 2020-06-03 20:29:51.640688096 +0200 @@ -22,7 +22,7 @@ %else Name: cryptsetup %endif -Version:2.3.1 +Version:2.3.3 Release:0 Summary:Setup program for dm-crypt Based Encrypted Block Devices License:SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.0-or-later ++ cryptsetup-2.3.1.tar.xz -> cryptsetup-2.3.3.tar.xz ++ /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup-2.3.1.tar.xz /work/SRC/openSUSE:Factory/.cryptsetup.new.3606/cryptsetup-2.3.3.tar.xz differ: char 15, line 1
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2020-04-05 20:49:04
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new.3248 (New)
Package is "cryptsetup"
Sun Apr 5 20:49:04 2020 rev:108 rq:790921 version:2.3.1
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2020-02-09
21:02:38.523361197 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new.3248/cryptsetup.changes
2020-04-05 20:49:09.304930613 +0200
@@ -1,0 +2,33 @@
+Thu Apr 2 14:27:18 UTC 2020 - Ludwig Nussel
+
+- Split translations to -lang package
+- New version to 2.3.1
+ * Support VeraCrypt 128 bytes passwords.
+VeraCrypt now allows passwords of maximal length 128 bytes
+(compared to legacy TrueCrypt where it was limited by 64 bytes).
+ * Strip extra newline from BitLocker recovery keys
+There might be a trailing newline added by the text editor when
+the recovery passphrase was passed using the --key-file option.
+ * Detect separate libiconv library.
+It should fix compilation issues on distributions with iconv
+implemented in a separate library.
+ * Various fixes and workarounds to build on old Linux distributions.
+ * Split lines with hexadecimal digest printing for large key-sizes.
+ * Do not wipe the device with no integrity profile.
+With --integrity none we performed useless full device wipe.
+ * Workaround for dm-integrity kernel table bug.
+Some kernels show an invalid dm-integrity mapping table
+if superblock contains the "recalculate" bit. This causes
+integritysetup to not recognize the dm-integrity device.
+Integritysetup now specifies kernel options such a way that
+even on unpatched kernels mapping table is correct.
+ * Print error message if LUKS1 keyslot cannot be processed.
+If the crypto backend is missing support for hash algorithms
+used in PBKDF2, the error message was not visible.
+ * Properly align LUKS2 keyslots area on conversion.
+If the LUKS1 payload offset (data offset) is not aligned
+to 4 KiB boundary, new LUKS2 keyslots area in now aligned properly.
+ * Validate LUKS2 earlier on conversion to not corrupt the device
+if binary keyslots areas metadata are not correct.
+
+---
Old:
cryptsetup-2.3.0.tar.sign
cryptsetup-2.3.0.tar.xz
New:
cryptsetup-2.3.1.tar.sign
cryptsetup-2.3.1.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.6ukHiO/_old 2020-04-05 20:49:10.160931432 +0200
+++ /var/tmp/diff_new_pack.6ukHiO/_new 2020-04-05 20:49:10.164931436 +0200
@@ -22,7 +22,7 @@
%else
Name: cryptsetup
%endif
-Version:2.3.0
+Version:2.3.1
Release:0
Summary:Setup program for dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.0-or-later
@@ -56,6 +56,8 @@
Requires(post): coreutils
Requires(postun): coreutils
+%lang_package(cryptsetup)
+
%description
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
@@ -166,7 +168,7 @@
%post -n libcryptsetup%{so_ver} -p /sbin/ldconfig
%postun -n libcryptsetup%{so_ver} -p /sbin/ldconfig
-%files -f %{name}.lang
+%files
%doc AUTHORS COPYING* FAQ README TODO docs/ChangeLog.old docs/*ReleaseNotes
/sbin/cryptsetup%{?is_backports:2}
%{_sbindir}/cryptsetup%{?is_backports:2}
@@ -182,6 +184,8 @@
%ghost %dir /run/cryptsetup
%endif
+%files lang -f %{name}.lang
+
%files -n libcryptsetup%{so_ver}
%{_libdir}/libcryptsetup.so.%{so_ver}*
++ cryptsetup-2.3.0.tar.xz -> cryptsetup-2.3.1.tar.xz ++
/work/SRC/openSUSE:Factory/cryptsetup/cryptsetup-2.3.0.tar.xz
/work/SRC/openSUSE:Factory/.cryptsetup.new.3248/cryptsetup-2.3.1.tar.xz differ:
char 15, line 1
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2020-02-09 21:02:18 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new.26092 (New) Package is "cryptsetup" Sun Feb 9 21:02:18 2020 rev:107 rq:770054 version:2.3.0 Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2019-12-17 13:29:39.899419748 +0100 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new.26092/cryptsetup.changes 2020-02-09 21:02:38.523361197 +0100 @@ -0,0 +1,57 @@ +--- +Tue Feb 4 07:59:24 UTC 2020 - Paolo Stivanin + +- Update to 2.3.0 (include release notes for 2.2.0) + * BITLK (Windows BitLocker compatible) device access + * Veritysetup now supports activation with additional PKCS7 signature +of root hash through --root-hash-signature option. + * Integritysetup now calculates hash integrity size according to algorithm +instead of requiring an explicit tag size. + * Integritysetup now supports fixed padding for dm-integrity devices. + * A lot of fixes to online LUKS2 reecryption. + * Add crypt_resume_by_volume_key() function to libcryptsetup. +If a user has a volume key available, the LUKS device can be resumed +directly using the provided volume key. +No keyslot derivation is needed, only the key digest is checked. + * Implement active device suspend info. +Add CRYPT_ACTIVATE_SUSPENDED bit to crypt_get_active_device() flags +that informs the caller that device is suspended (luksSuspend). + * Allow --test-passphrase for a detached header. +Before this fix, we required a data device specified on the command +line even though it was not necessary for the passphrase check. + * Allow --key-file option in legacy offline encryption. +The option was ignored for LUKS1 encryption initialization. + * Export memory safe functions. +To make developing of some extensions simpler, we now export +functions to handle memory with proper wipe on deallocation. + * Fail crypt_keyslot_get_pbkdf for inactive LUKS1 keyslot. + * Add optional global serialization lock for memory hard PBKDF. + * Abort conversion to LUKS1 with incompatible sector size that is +not supported in LUKS1. + * Report error (-ENOENT) if no LUKS keyslots are available. User can now +distinguish between a wrong passphrase and no keyslot available. + * Fix a possible segfault in detached header handling (double free). + * Add integritysetup support for bitmap mode introduced in Linux kernel 5.2. + * The libcryptsetup now keeps all file descriptors to underlying device +open during the whole lifetime of crypt device context to avoid excessive +scanning in udev (udev run scan on every descriptor close). + * The luksDump command now prints more info for reencryption keyslot +(when a device is in-reencryption). + * New --device-size parameter is supported for LUKS2 reencryption. + * New --resume-only parameter is supported for LUKS2 reencryption. + * The repair command now tries LUKS2 reencryption recovery if needed. + * If reencryption device is a file image, an interactive dialog now +asks if reencryption should be run safely in offline mode +(if autodetection of active devices failed). + * Fix activation through a token where dm-crypt volume key was not +set through keyring (but using old device-mapper table parameter mode). + * Online reencryption can now retain all keyslots (if all passphrases +are provided). Note that keyslot numbers will change in this case. + * Allow volume key file to be used if no LUKS2 keyslots are present. + * Print a warning if online reencrypt is called over LUKS1 (not supported). + * Fix TCRYPT KDF failure in FIPS mode. + * Remove FIPS mode restriction for crypt_volume_key_get. + * Reduce keyslots area size in luksFormat when the header device is too small. + * Make resize action accept --device-size parameter (supports units suffix). + +--- Old: cryptsetup-2.1.0.tar.sign cryptsetup-2.1.0.tar.xz New: cryptsetup-2.3.0.tar.sign cryptsetup-2.3.0.tar.xz Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.ZLbVCj/_old 2020-02-09 21:02:40.859362523 +0100 +++ /var/tmp/diff_new_pack.ZLbVCj/_new 2020-02-09 21:02:40.879362534 +0100 @@ -1,7 +1,7 @@ # # spec file for package cryptsetup # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2019-12-17 13:29:09
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new.4691 (New)
Package is "cryptsetup"
Tue Dec 17 13:29:09 2019 rev:106 rq:755886 version:2.1.0
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2019-05-14
13:29:50.959261460 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new.4691/cryptsetup.changes
2019-12-17 13:29:39.899419748 +0100
@@ -0,0 +1,6 @@
+Thu Oct 17 11:55:51 UTC 2019 - Vítězslav Čížek
+
+- Create a weak dependency cycle between libcryptsetup and
+ libcryptsetup-hmac to make sure they are installed together
+ (bsc#1090768)
+
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.zHLCCk/_old 2019-12-17 13:29:41.279419263 +0100
+++ /var/tmp/diff_new_pack.zHLCCk/_new 2019-12-17 13:29:41.287419260 +0100
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -66,7 +66,7 @@
%package -n libcryptsetup%{so_ver}
Summary:Library for setting up dm-crypt Based Encrypted Block Devices
Group: System/Libraries
-Suggests: libcryptsetup%{so_ver}-hmac
+Suggests: libcryptsetup%{so_ver}-hmac = %{version}-%{release}
%description -n libcryptsetup%{so_ver}
cryptsetup is used to conveniently set up dm-crypt based device-mapper
@@ -78,6 +78,7 @@
%package -n libcryptsetup%{so_ver}-hmac
Summary:Checksums for libcryptsetup%{so_ver}
Group: System/Base
+Requires: libcryptsetup%{so_ver} = %{version}-%{release}
%description -n libcryptsetup%{so_ver}-hmac
This package contains HMAC checksums for integrity checking of libcryptsetup4,
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2019-05-14 13:29:48 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new.5148 (New) Package is "cryptsetup" Tue May 14 13:29:48 2019 rev:105 rq:701789 version:2.1.0 Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2019-02-20 14:08:42.886991632 +0100 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new.5148/cryptsetup.changes 2019-05-14 13:29:50.959261460 +0200 @@ -274 +274 @@ -in FIPS mode. +in FIPS mode (bsc#1031998). Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.SIYk7R/_old 2019-05-14 13:29:52.471265516 +0200 +++ /var/tmp/diff_new_pack.SIYk7R/_new 2019-05-14 13:29:52.475265527 +0200 @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ #
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2019-02-20 14:08:36
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new.28833 (New)
Package is "cryptsetup"
Wed Feb 20 14:08:36 2019 rev:104 rq:677121 version:2.1.0
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2018-11-06
15:25:56.220471801 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new.28833/cryptsetup.changes
2019-02-20 14:08:42.886991632 +0100
@@ -1,0 +2,33 @@
+Fri Feb 15 15:01:18 UTC 2019 - Jan Engelhardt
+
+- Use noun phrase in summary.
+
+---
+Fri Feb 15 09:41:52 UTC 2019 - lnus...@suse.de
+
+- New version 2.1.0
+ * The default size of the LUKS2 header is increased to 16 MB.
+It includes metadata and the area used for binary keyslots;
+it means that LUKS header backup is now 16MB in size.
+ * Cryptsetup now doubles LUKS default key size if XTS mode is used
+(XTS mode uses two internal keys). This does not apply if key size
+is explicitly specified on the command line and it does not apply
+for the plain mode.
+This fixes a confusion with AES and 256bit key in XTS mode where
+code used AES128 and not AES256 as often expected.
+ * Default cryptographic backend used for LUKS header processing is now
+OpenSSL. For years, OpenSSL provided better performance for PBKDF.
+
+ * The Python bindings are no longer supported and the code was removed
+from cryptsetup distribution. Please use the libblockdev project
+that already covers most of the libcryptsetup functionality
+including LUKS2.
+ * Cryptsetup now allows using --offset option also for luksFormat.
+ * Cryptsetup now supports new refresh action (that is the alias for
+"open --refresh").
+ * Integritysetup now supports mode with detached data device through
+new --data-device option.
+- 2.1.0 would use LUKS2 as default, we stay with LUKS1 for now until
+ someone has time to evaluate the fallout from switching to LUKS2.
+
+---
Old:
cryptsetup-2.0.5.tar.sign
cryptsetup-2.0.5.tar.xz
New:
cryptsetup-2.1.0.tar.sign
cryptsetup-2.1.0.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.z0wfhH/_old 2019-02-20 14:08:44.154991212 +0100
+++ /var/tmp/diff_new_pack.z0wfhH/_new 2019-02-20 14:08:44.154991212 +0100
@@ -1,7 +1,7 @@
#
# spec file for package cryptsetup
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -22,25 +22,25 @@
%else
Name: cryptsetup
%endif
-Version:2.0.5
+Version:2.1.0
Release:0
-Summary:Set Up dm-crypt Based Encrypted Block Devices
+Summary:Setup program for dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.0-or-later
Group: System/Base
Url:https://gitlab.com/cryptsetup/cryptsetup/
-Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{version}.tar.xz
+Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.1/cryptsetup-%{version}.tar.xz
# GPG signature of the uncompressed tarball.
-Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{version}.tar.sign
+Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.1/cryptsetup-%{version}.tar.sign
Source2:baselibs.conf
Source3:cryptsetup.keyring
BuildRequires: device-mapper-devel
BuildRequires: fipscheck
BuildRequires: fipscheck-devel
-BuildRequires: libgcrypt-devel
BuildRequires: libjson-c-devel
BuildRequires: libpwquality-devel
BuildRequires: libselinux-devel
BuildRequires: libuuid-devel
+BuildRequires: pkgconfig(openssl)
# 2.6.38 has the required if_alg.h
BuildRequires: linux-glibc-devel >= 2.6.38
BuildRequires: pkgconfig
@@ -64,7 +64,7 @@
time via the config file %{_sysconfdir}/crypttab.
%package -n libcryptsetup%{so_ver}
-Summary:Set Up dm-crypt Based Encrypted Block Devices
+Summary:Library for setting up dm-crypt Based Encrypted Block Devices
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2018-11-06 15:25:37
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is "cryptsetup"
Tue Nov 6 15:25:37 2018 rev:103 rq:645684 version:2.0.5
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2018-08-28
09:23:05.376574368 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2018-11-06 15:25:56.220471801 +0100
@@ -1,0 +2,68 @@
+Tue Oct 30 10:10:35 UTC 2018 - lnus...@suse.de
+
+- Suggest hmac package (boo#1090768)
+- remove old upgrade hack for upgrades from 12.1
+- New version 2.0.5
+
+ Changes since version 2.0.4
+ ~~~
+
+ * Wipe full header areas (including unused) during LUKS format.
+
+Since this version, the whole area up to the data offset is zeroed,
+and subsequently, all keyslots areas are wiped with random data.
+This ensures that no remaining old data remains in the LUKS header
+areas, but it could slow down format operation on some devices.
+Previously only first 4k (or 32k for LUKS2) and the used keyslot
+was overwritten in the format operation.
+
+ * Several fixes to error messages that were unintentionally replaced
+in previous versions with a silent exit code.
+More descriptive error messages were added, including error
+messages if
+ - a device is unusable (not a block device, no access, etc.),
+ - a LUKS device is not detected,
+ - LUKS header load code detects unsupported version,
+ - a keyslot decryption fails (also happens in the cipher check),
+ - converting an inactive keyslot.
+
+ * Device activation fails if data area overlaps with LUKS header.
+
+ * Code now uses explicit_bzero to wipe memory if available
+(instead of own implementation).
+
+ * Additional VeraCrypt modes are now supported, including Camellia
+and Kuznyechik symmetric ciphers (and cipher chains) and Streebog
+hash function. These were introduced in a recent VeraCrypt upstream.
+
+Note that Kuznyechik requires out-of-tree kernel module and
+Streebog hash function is available only with the gcrypt cryptographic
+backend for now.
+
+ * Fixes static build for integritysetup if the pwquality library is used.
+
+ * Allows passphrase change for unbound keyslots.
+
+ * Fixes removed keyslot number in verbose message for luksKillSlot,
+luksRemoveKey and erase command.
+
+ * Adds blkid scan when attempting to open a plain device and warn the user
+about existing device signatures in a ciphertext device.
+
+ * Remove LUKS header signature if luksFormat fails to add the first keyslot.
+
+ * Remove O_SYNC from device open and use fsync() to speed up
+wipe operation considerably.
+
+ * Create --master-key-file in luksDump and fail if the file already exists.
+
+ * Fixes a bug when LUKS2 authenticated encryption with a detached header
+wiped the header device instead of dm-integrity data device area (causing
+unnecessary LUKS2 header auto recovery).
+
+---
+Tue Oct 30 09:55:50 UTC 2018 - lnus...@suse.de
+
+- make parallell installable version for SLE12
+
+---
Old:
cryptsetup-2.0.4.tar.sign
cryptsetup-2.0.4.tar.xz
New:
cryptsetup-2.0.5.tar.sign
cryptsetup-2.0.5.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.AIHMx8/_old 2018-11-06 15:26:07.848454137 +0100
+++ /var/tmp/diff_new_pack.AIHMx8/_new 2018-11-06 15:26:07.852454131 +0100
@@ -17,8 +17,12 @@
%define so_ver 12
+%if 0%{?is_backports}
+Name: cryptsetup2
+%else
Name: cryptsetup
-Version:2.0.4
+%endif
+Version:2.0.5
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.0-or-later
@@ -28,7 +32,7 @@
# GPG signature of the uncompressed tarball.
Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{version}.tar.sign
Source2:baselibs.conf
-Source3:%{name}.keyring
+Source3:cryptsetup.keyring
BuildRequires: device-mapper-devel
BuildRequires: fipscheck
BuildRequires: fipscheck-devel
@@ -44,6 +48,11 @@
BuildRequires: suse-module-tools
BuildRequires: pkgconfig(blkid)
BuildRequires: pkgconfig(libargon2)
+%if 0%{?is_backports}
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: libtool
+%endif
Requires(post): coreutils
Requires(postun): coreutils
@@ -57,6 +66,7 @@
%package -n
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2018-08-28 09:22:31 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) Package is "cryptsetup" Tue Aug 28 09:22:31 2018 rev:102 rq:630730 version:2.0.4 Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2018-02-13 10:25:33.509405741 +0100 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes 2018-08-28 09:23:05.376574368 +0200 @@ -1,0 +2,134 @@ +Tue Aug 21 07:40:54 UTC 2018 - lnus...@suse.de + +- New version 2.0.4 + + Changes since version 2.0.3 + ~~~ + + * Use the libblkid (blockid) library to detect foreign signatures +on a device before LUKS format and LUKS2 auto-recovery. +This change fixes an unexpected recovery using the secondary +LUKS2 header after a device was already overwritten with +another format (filesystem or LVM physical volume). +LUKS2 will not recreate a primary header if it detects a valid +foreign signature. In this situation, a user must always +use cryptsetup repair command for the recovery. +Note that libcryptsetup and utilities are now linked to libblkid +as a new dependence. +To compile code without blockid support (strongly discouraged), +use --disable-blkid configure switch. + * Add prompt for format and repair actions in cryptsetup and +integritysetup if foreign signatures are detected on the device +through the blockid library. +After the confirmation, all known signatures are then wiped as +part of the format or repair procedure. + * Print consistent verbose message about keyslot and token numbers. +For keyslot actions: Key slot unlocked/created/removed. +For token actions: Token created/removed. + * Print error, if a non-existent token is tried to be removed. + * Add support for LUKS2 token definition export and import. +The token command now can export/import customized token JSON file +directly from command line. See the man page for more details. + * Add support for new dm-integrity superblock version 2. + * Add an error message when nothing was read from a key file. + * Update cryptsetup man pages, including --type option usage. + * Add a snapshot of LUKS2 format specification to documentation +and accordingly fix supported secondary header offsets. + * Add bundled optimized Argon2 SSE (X86_64 platform) code. +If the bundled Argon2 code is used and the new configure switch +--enable-internal-sse-argon2 option is present, and compiler flags +support required optimization, the code will try to use optimized +and faster variant. +Always use the shared library (--enable-libargon2) if possible. +This option was added because an enterprise distribution +rejected to support the shared Argon2 library and native support +in generic cryptographic libraries is not ready yet. + * Fix compilation with crypto backend for LibreSSL >= 2.7.0. +LibreSSL introduced OpenSSL 1.1.x API functions, so compatibility +wrapper must be commented out. + * Fix on-disk header size calculation for LUKS2 format if a specific +data alignment is requested. Until now, the code used default size +that could be wrong for converted devices. + + Changes since version 2.0.2 + ~~~ + + * Expose interface to unbound LUKS2 keyslots. +Unbound LUKS2 keyslot allows storing a key material that is independent +of master volume key (it is not bound to encrypted data segment). + * New API extensions for unbound keyslots (LUKS2 only) +crypt_keyslot_get_key_size() and crypt_volume_key_get() +These functions allow to get key and key size for unbound keyslots. + * New enum value CRYPT_SLOT_UNBOUND for keyslot status (LUKS2 only). + * Add --unbound keyslot option to the cryptsetup luksAddKey command. + * Add crypt_get_active_integrity_failures() call to get integrity +failure count for dm-integrity devices. + * Add crypt_get_pbkdf_default() function to get per-type PBKDF default +setting. + * Add new flag to crypt_keyslot_add_by_key() to force update device +volume key. This call is mainly intended for a wrapped key change. + * Allow volume key store in a file with cryptsetup. +The --dump-master-key together with --master-key-file allows cryptsetup +to store the binary volume key to a file instead of standard output. + * Add support detached header for cryptsetup-reencrypt command. + * Fix VeraCrypt PIM handling - use proper iterations count formula +for PBKDF2-SHA512 and PBKDF2-Whirlpool used in system volumes. + * Fix cryptsetup tcryptDump for VeraCrypt PIM (support --veracrypt-pim). + * Add --with-default-luks-format
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2018-02-13 10:25:18
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is "cryptsetup"
Tue Feb 13 10:25:18 2018 rev:101 rq:574742 version:2.0.1
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2018-01-31
19:48:18.447476929 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2018-02-13 10:25:33.509405741 +0100
@@ -1,0 +2,22 @@
+Tue Jan 30 12:26:48 UTC 2018 - astie...@suse.com
+
+- update to 2.0.1:
+ * To store volume key into kernel keyring, kernel 4.15 with
+dm-crypt 1.18.1 is required
+ * Increase maximum allowed PBKDF memory-cost limit to 4 GiB
+ * Use /run/cryptsetup as default for cryptsetup locking dir
+ * Introduce new 64-bit byte-offset *keyfile_device_offset functions.
+ * New set of fucntions that allows 64-bit offsets even on 32bit systems
+are now availeble:
+ - crypt_resume_by_keyfile_device_offset
+ - crypt_keyslot_add_by_keyfile_device_offset
+ - crypt_activate_by_keyfile_device_offset
+ - crypt_keyfile_device_read
+The new functions have added the _device_ in name.
+Old functions are just internal wrappers around these.
+ * Also cryptsetup --keyfile-offset and --new-keyfile-offset now
+allows 64-bit offsets as parameters.
+ * Add error hint for wrongly formatted cipher strings in LUKS1 and
+properly fail in luksFormat if cipher format is missing required IV.
+
+---
Old:
cryptsetup-2.0.0.tar.sign
cryptsetup-2.0.0.tar.xz
New:
cryptsetup-2.0.1.tar.sign
cryptsetup-2.0.1.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.NkEn75/_old 2018-02-13 10:25:34.473371010 +0100
+++ /var/tmp/diff_new_pack.NkEn75/_new 2018-02-13 10:25:34.473371010 +0100
@@ -18,10 +18,10 @@
%define so_ver 12
Name: cryptsetup
-Version:2.0.0
+Version:2.0.1
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
-License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
+License:SUSE-GPL-2.0-with-openssl-exception AND LGPL-2.0+
Group: System/Base
Url:https://gitlab.com/cryptsetup/cryptsetup/
Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{version}.tar.xz
@@ -37,12 +37,12 @@
BuildRequires: libpwquality-devel
BuildRequires: libselinux-devel
BuildRequires: libuuid-devel
-BuildRequires: pkgconfig(libargon2)
# 2.6.38 has the required if_alg.h
BuildRequires: linux-glibc-devel >= 2.6.38
BuildRequires: pkgconfig
BuildRequires: popt-devel
BuildRequires: suse-module-tools
+BuildRequires: pkgconfig(libargon2)
Requires(post): coreutils
Requires(postun): coreutils
@@ -108,7 +108,7 @@
%define __spec_install_post \
%{?__debug_package:%{__debug_install_post}} \
%{__arch_install_post} \
- %{__os_install_post} \
+ %__os_install_post \
fipshmac %{buildroot}/%{_libdir}/libcryptsetup.so.* \
%{nil}
@@ -141,6 +141,7 @@
fi
%{?regenerate_initrd_post}
+%tmpfiles_create %{_tmpfilesdir}/%{name}.conf
%postun
%{?regenerate_initrd_post}
@@ -152,10 +153,7 @@
%postun -n libcryptsetup%{so_ver} -p /sbin/ldconfig
%files -f %{name}.lang
-%defattr(-,root,root)
%doc AUTHORS COPYING* FAQ README TODO docs/ChangeLog.old docs/*ReleaseNotes
-#ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/crypttab
-#ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/cryptotab
/sbin/cryptsetup
%{_sbindir}/cryptsetup
%{_sbindir}/veritysetup
@@ -166,17 +164,15 @@
%{_mandir}/man8/veritysetup.8%{ext_man}
%{_mandir}/man8/integritysetup.8%{ext_man}
%{_tmpfilesdir}/cryptsetup.conf
+%ghost %dir /run/cryptsetup
%files -n libcryptsetup%{so_ver}
-%defattr(-,root,root)
%{_libdir}/libcryptsetup.so.%{so_ver}*
%files -n libcryptsetup%{so_ver}-hmac
-%defattr(-,root,root)
%{_libdir}/.libcryptsetup.so.%{so_ver}*hmac
%files -n libcryptsetup-devel
-%defattr(-,root,root)
%doc docs/examples/
%{_includedir}/libcryptsetup.h
%{_libdir}/libcryptsetup.so
++ cryptsetup-2.0.0.tar.xz -> cryptsetup-2.0.1.tar.xz ++
/work/SRC/openSUSE:Factory/cryptsetup/cryptsetup-2.0.0.tar.xz
/work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup-2.0.1.tar.xz differ: char
15, line 1
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2018-01-31 19:48:16
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is "cryptsetup"
Wed Jan 31 19:48:16 2018 rev:100 rq:562805 version:2.0.0
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2017-05-10
20:34:05.989837738 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2018-01-31 19:48:18.447476929 +0100
@@ -1,0 +2,11 @@
+Fri Dec 22 16:16:10 UTC 2017 - archie.co...@gmail.com
+
+- Update to version 2.0.0:
+ * Add support for new on-disk LUKS2 format
+ * Enable to use system libargon2 instead of bundled version
+ * Install tmpfiles.d configuration for LUKS2 locking directory
+ * New command integritysetup: support for the new dm-integrity kernel target
+ * Support for larger sector sizes for crypt devices
+ * Miscellaneous fixes and improvements
+
+---
Old:
cryptsetup-1.7.5.tar.sign
cryptsetup-1.7.5.tar.xz
New:
cryptsetup-2.0.0.tar.sign
cryptsetup-2.0.0.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.VYSc4g/_old 2018-01-31 19:48:19.619422439 +0100
+++ /var/tmp/diff_new_pack.VYSc4g/_new 2018-01-31 19:48:19.623422253 +0100
@@ -1,7 +1,7 @@
#
# spec file for package cryptsetup
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,26 +16,28 @@
#
-%define so_ver 4
+%define so_ver 12
Name: cryptsetup
-Version:1.7.5
+Version:2.0.0
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
Group: System/Base
Url:https://gitlab.com/cryptsetup/cryptsetup/
-Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-%{version}.tar.xz
+Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{version}.tar.xz
# GPG signature of the uncompressed tarball.
-Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-%{version}.tar.sign
+Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v2.0/cryptsetup-%{version}.tar.sign
Source2:baselibs.conf
Source3:%{name}.keyring
BuildRequires: device-mapper-devel
BuildRequires: fipscheck
BuildRequires: fipscheck-devel
BuildRequires: libgcrypt-devel
+BuildRequires: libjson-c-devel
BuildRequires: libpwquality-devel
BuildRequires: libselinux-devel
BuildRequires: libuuid-devel
+BuildRequires: pkgconfig(libargon2)
# 2.6.38 has the required if_alg.h
BuildRequires: linux-glibc-devel >= 2.6.38
BuildRequires: pkgconfig
@@ -95,7 +97,10 @@
--enable-selinux \
--enable-fips \
--enable-pwquality \
- --enable-gcrypt-pbkdf2
+ --enable-gcrypt-pbkdf2 \
+ --enable-libargon2 \
+ --with-luks2-lock-path=/run/cryptsetup \
+ --with-tmpfilesdir='%{_tmpfilesdir}'
make %{?_smp_mflags} V=1
%install
@@ -154,10 +159,13 @@
/sbin/cryptsetup
%{_sbindir}/cryptsetup
%{_sbindir}/veritysetup
+%{_sbindir}/integritysetup
%{_sbindir}/cryptsetup-reencrypt
%{_mandir}/man8/cryptsetup.8%{ext_man}
%{_mandir}/man8/cryptsetup-reencrypt.8%{ext_man}
%{_mandir}/man8/veritysetup.8%{ext_man}
+%{_mandir}/man8/integritysetup.8%{ext_man}
+%{_tmpfilesdir}/cryptsetup.conf
%files -n libcryptsetup%{so_ver}
%defattr(-,root,root)
++ baselibs.conf ++
--- /var/tmp/diff_new_pack.VYSc4g/_old 2018-01-31 19:48:19.671420021 +0100
+++ /var/tmp/diff_new_pack.VYSc4g/_new 2018-01-31 19:48:19.671420021 +0100
@@ -1,2 +1,2 @@
-libcryptsetup4
-libcryptsetup4-hmac
+libcryptsetup12
+libcryptsetup12-hmac
++ cryptsetup-1.7.5.tar.xz -> cryptsetup-2.0.0.tar.xz ++
/work/SRC/openSUSE:Factory/cryptsetup/cryptsetup-1.7.5.tar.xz
/work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup-2.0.0.tar.xz differ: char
8, line 1
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2017-05-10 20:34:03 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) Package is "cryptsetup" Wed May 10 20:34:03 2017 rev:99 rq:492821 version:1.7.5 Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2017-04-07 14:17:31.214280446 +0200 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes 2017-05-10 20:34:05.989837738 +0200 @@ -1,0 +2,10 @@ +Sat Apr 29 11:52:58 UTC 2017 - mplus...@suse.com + +- Update to version 1.7.5: + * Fixes to luksFormat to properly support recent kernel running +in FIPS mode. + * Fixes accesses to unaligned hidden legacy TrueCrypt header. + * Fixes to optional dracut ramdisk scripts for offline +re-encryption on initial boot. + +--- Old: cryptsetup-1.7.4.tar.sign cryptsetup-1.7.4.tar.xz New: cryptsetup-1.7.5.tar.sign cryptsetup-1.7.5.tar.xz Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.xS3EpU/_old 2017-05-10 20:34:07.253659430 +0200 +++ /var/tmp/diff_new_pack.xS3EpU/_new 2017-05-10 20:34:07.261658301 +0200 @@ -18,7 +18,7 @@ %define so_ver 4 Name: cryptsetup -Version:1.7.4 +Version:1.7.5 Release:0 Summary:Set Up dm-crypt Based Encrypted Block Devices License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+ ++ cryptsetup-1.7.4.tar.xz -> cryptsetup-1.7.5.tar.xz ++ 3964 lines of diff (skipped)
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2017-04-07 14:17:28
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is "cryptsetup"
Fri Apr 7 14:17:28 2017 rev:98 rq:481749 version:1.7.4
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2016-08-28
12:17:21.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2017-04-07 14:17:31.214280446 +0200
@@ -1,0 +2,33 @@
+Fri Mar 17 19:24:14 UTC 2017 - mplus...@suse.com
+
+- Update to version 1.7.4:
+ * Allow to specify LUKS1 hash algorithm in Python luksFormat
+wrapper.
+ * Use LUKS1 compiled-in defaults also in Python wrapper.
+ * OpenSSL backend: Fix OpenSSL 1.1.0 support without backward
+compatible API.
+ * OpenSSL backend: Fix LibreSSL compatibility.
+ * Check for data device and hash device area overlap in
+veritysetup.
+ * Fix a possible race while allocating a free loop device.
+ * Fix possible file descriptor leaks if libcryptsetup is run from
+a forked process.
+ * Fix missing same_cpu_crypt flag in status command.
+ * Various updates to FAQ and man pages.
+- Changes for version 1.7.3:
+ * Fix device access to hash offsets located beyond the 2GB device
+boundary in veritysetup.
+ * Set configured (compile-time) default iteration time for
+devices created directly through libcryptsetup
+ * Fix PBKDF2 benchmark to not double iteration count for specific
+corner case.
+ * Verify passphrase in cryptsetup-reencrypt when encrypting a new
+drive.
+ * OpenSSL backend: fix memory leak if hash context was repeatedly
+reused.
+ * OpenSSL backend: add support for OpenSSL 1.1.0.
+ * Fix several minor spelling errors.
+ * Properly check maximal buffer size when parsing UUID from
+/dev/disk/.
+
+---
Old:
cryptsetup-1.7.2.tar.sign
cryptsetup-1.7.2.tar.xz
New:
cryptsetup-1.7.4.tar.sign
cryptsetup-1.7.4.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.NIv9Gn/_old 2017-04-07 14:17:32.078158453 +0200
+++ /var/tmp/diff_new_pack.NIv9Gn/_new 2017-04-07 14:17:32.078158453 +0200
@@ -1,7 +1,7 @@
#
# spec file for package cryptsetup
#
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define so_ver 4
Name: cryptsetup
-Version:1.7.2
+Version:1.7.4
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
@@ -43,7 +43,6 @@
BuildRequires: suse-module-tools
Requires(post): coreutils
Requires(postun): coreutils
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
cryptsetup is used to conveniently set up dm-crypt based device-mapper
@@ -91,7 +90,8 @@
%setup -q
%build
-%configure --enable-cryptsetup-reencrypt \
+%configure \
+ --enable-cryptsetup-reencrypt \
--enable-selinux \
--enable-fips \
--enable-pwquality \
@@ -107,7 +107,7 @@
fipshmac %{buildroot}/%{_libdir}/libcryptsetup.so.* \
%{nil}
-make DESTDIR=%{buildroot} install %{?_smp_mflags}
+%make_install
install -dm 0755 %{buildroot}/sbin
ln -s ..%{_sbindir}/cryptsetup %{buildroot}/sbin
# don't want this file in /lib (FHS compat check), and can't move it to
/usr/lib
@@ -144,7 +144,6 @@
%{?regenerate_initrd_posttrans}
%post -n libcryptsetup%{so_ver} -p /sbin/ldconfig
-
%postun -n libcryptsetup%{so_ver} -p /sbin/ldconfig
%files -f %{name}.lang
@@ -156,9 +155,9 @@
%{_sbindir}/cryptsetup
%{_sbindir}/veritysetup
%{_sbindir}/cryptsetup-reencrypt
-%{_mandir}/man8/cryptsetup.8.gz
-%{_mandir}/man8/cryptsetup-reencrypt.8.gz
-%{_mandir}/man8/veritysetup.8.gz
+%{_mandir}/man8/cryptsetup.8%{ext_man}
+%{_mandir}/man8/cryptsetup-reencrypt.8%{ext_man}
+%{_mandir}/man8/veritysetup.8%{ext_man}
%files -n libcryptsetup%{so_ver}
%defattr(-,root,root)
++ cryptsetup-1.7.2.tar.xz -> cryptsetup-1.7.4.tar.xz ++
16626 lines of diff (skipped)
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2016-08-28 12:17:20 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) Package is "cryptsetup" Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2016-02-12 11:21:01.0 +0100 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes 2016-08-28 12:17:21.0 +0200 @@ -1,0 +2,73 @@ +Thu Aug 25 15:15:15 UTC 2016 - alexander_nau...@opensuse.org + +- Update to version 1.7.2: + + * Update LUKS documentation format. +Clarify fixed sector size and keyslots alignment. + + * Support activation options for error handling modes in +Linux kernel dm-verity module: + --ignore-corruption - dm-verity just logs detected corruption + + --restart-on-corruption - dm-verity restarts the kernel if +corruption is detected + If the options above are not specified, default behavior for + dm-verity remains. Default is that I/O operation fails with + I/O error if corrupted block is detected. + + --ignore-zero-blocks - Instructs dm-verity to not verify + blocks that are expected to contain zeroes and always + return zeroes directly instead. + NOTE that these options could have security or functional + impacts, do not use them without assessing the risks! + + * Fix help text for cipher benchmark specification +(mention --cipher option). + + * Fix off-by-one error in maximum keyfile size. +Allow keyfiles up to compiled-in default and not that value +minus one. + + * Support resume of interrupted decryption in cryptsetup-reencrypt +utility. To resume decryption, LUKS device UUID (--uuid option) +option must be used. + + * Do not use direct-io for LUKS header with unaligned keyslots. +Such headers were used only by the first cryptsetup-luks-1.0.0 +release (2005). + * Fix device block size detection to properly work on particular + +file-based containers over underlying devices with 4k sectors. + +- Update to version 1.7.1: + + * Code now uses kernel crypto API backend according to new +changes introduced in mainline kernel +While mainline kernel should contain backward compatible +changes, some stable series kernels do not contain fully +backported compatibility patches. +Without these patches most of cryptsetup operations +(like unlocking device) fail. +This change in cryptsetup ensures that all operations using +kernel crypto API works even on these kernels. + + * The cryptsetup-reencrypt utility now properly detects removal +of underlying link to block device and does not remove +ongoing re-encryption log. +This allows proper recovery (resume) of reencrypt operation later. +NOTE: Never use /dev/disk/by-uuid/ path for reencryption utility, +this link disappears once the device metadata is temporarily +removed from device. + + * Cryptsetup now allows special "-" (standard input) keyfile handling +even for TCRYPT (TrueCrypt and VeraCrypt compatible) devices. + + * Cryptsetup now fails if there are more keyfiles specified +for non-TCRYPT device. + + * The luksKillSlot command now does not suppress provided password +in batch mode (if password is wrong slot is not destroyed). +Note that not providing password in batch mode means that keyslot +is destroyed unconditionally. + +--- Old: cryptsetup-1.7.0.tar.sign cryptsetup-1.7.0.tar.xz New: cryptsetup-1.7.2.tar.sign cryptsetup-1.7.2.tar.xz Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.BXFQq6/_old 2016-08-28 12:17:22.0 +0200 +++ /var/tmp/diff_new_pack.BXFQq6/_new 2016-08-28 12:17:22.0 +0200 @@ -18,7 +18,7 @@ %define so_ver 4 Name: cryptsetup -Version:1.7.0 +Version:1.7.2 Release:0 Summary:Set Up dm-crypt Based Encrypted Block Devices License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+ ++ cryptsetup-1.7.0.tar.xz -> cryptsetup-1.7.2.tar.xz ++ 52250 lines of diff (skipped)
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2016-02-12 11:20:59
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is "cryptsetup"
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2015-12-23
09:56:20.0 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2016-02-12 11:21:01.0 +0100
@@ -1,0 +2,14 @@
+Sat Jan 9 12:12:06 UTC 2016 - benoit.mo...@gmx.fr
+
+- update to 1.7.0:
+ * The cryptsetup 1.7 release changes defaults for LUKS,
+there are no API changes.
+ * Default hash function is now SHA256 (used in key derivation
+function and anti-forensic splitter).
+ * Default iteration time for PBKDF2 is now 2 seconds.
+ * Fix PBKDF2 iteration benchmark for longer key sizes.
+ * Remove experimental warning for reencrypt tool.
+ * Add optional libpasswdqc support for new LUKS passwords.
+ * Update FAQ document.
+
+---
Old:
cryptsetup-1.6.8.tar.sign
cryptsetup-1.6.8.tar.xz
New:
cryptsetup-1.7.0.tar.sign
cryptsetup-1.7.0.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.UocdKr/_old 2016-02-12 11:21:02.0 +0100
+++ /var/tmp/diff_new_pack.UocdKr/_new 2016-02-12 11:21:02.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package cryptsetup
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,15 +18,15 @@
%define so_ver 4
Name: cryptsetup
-Version:1.6.8
+Version:1.7.0
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
Group: System/Base
Url:https://gitlab.com/cryptsetup/cryptsetup/
-Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.xz
+Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-%{version}.tar.xz
# GPG signature of the uncompressed tarball.
-Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.sign
+Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-%{version}.tar.sign
Source2:baselibs.conf
Source3:%{name}.keyring
BuildRequires: device-mapper-devel
++ cryptsetup-1.6.8.tar.xz -> cryptsetup-1.7.0.tar.xz ++
7555 lines of diff (skipped)
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2015-12-23 09:56:19
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is "cryptsetup"
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2015-10-20
16:21:30.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2015-12-23 09:56:20.0 +0100
@@ -1,0 +2,6 @@
+Thu Dec 10 16:05:57 CET 2015 - ti...@suse.de
+
+- Fix missing dependency on coreutils for initrd macros (boo#958562)
+- Call missing initrd macro at postun (boo#958562)
+
+---
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.S0LEkI/_old 2015-12-23 09:56:21.0 +0100
+++ /var/tmp/diff_new_pack.S0LEkI/_new 2015-12-23 09:56:21.0 +0100
@@ -41,6 +41,8 @@
BuildRequires: pkgconfig
BuildRequires: popt-devel
BuildRequires: suse-module-tools
+Requires(post): coreutils
+Requires(postun): coreutils
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -135,6 +137,9 @@
%{?regenerate_initrd_post}
+%postun
+%{?regenerate_initrd_post}
+
%posttrans
%{?regenerate_initrd_posttrans}
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2015-04-21 12:02:13
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2015-04-10
09:44:58.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2015-04-21 12:02:13.0 +0200
@@ -1,0 +2,11 @@
+Sun Apr 12 18:45:26 UTC 2015 - crrodrig...@opensuse.org
+
+- Enable verbose build log.
+
+---
+Sun Apr 12 18:41:39 UTC 2015 - crrodrig...@opensuse.org
+
+- regenerate the initrd if cryptsetup tool changes
+ (wanted by 90crypt dracut module)
+
+---
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.glhp2g/_old 2015-04-21 12:02:14.0 +0200
+++ /var/tmp/diff_new_pack.glhp2g/_new 2015-04-21 12:02:14.0 +0200
@@ -40,6 +40,7 @@
BuildRequires: linux-glibc-devel = 2.6.38
BuildRequires: pkgconfig
BuildRequires: popt-devel
+BuildRequires: suse-module-tools
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -93,7 +94,7 @@
--enable-fips \
--enable-pwquality \
--enable-gcrypt-pbkdf2
-make %{?_smp_mflags}
+make %{?_smp_mflags} V=1
%install
# Generate HMAC checksums (FIPS)
@@ -132,6 +133,11 @@
fi
fi
+%{?regenerate_initrd_post}
+
+%posttrans
+%{?regenerate_initrd_posttrans}
+
%post -n libcryptsetup%{so_ver} -p /sbin/ldconfig
%postun -n libcryptsetup%{so_ver} -p /sbin/ldconfig
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2014-09-17 21:24:38
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2014-08-27
22:18:09.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2014-09-17 21:24:54.0 +0200
@@ -1,0 +2,17 @@
+Sun Sep 14 21:50:33 UTC 2014 - asterios.dra...@gmail.com
+
+- version 1.6.6
+ * LUKS: Fix keyslot device access for devices which
+do not support direct IO operations. (Regression in 1.6.5.)
+ * LUKS: Fallback to old temporary keyslot device mapping method
+if hash (for ESSIV) is not supported by userspace crypto
+library. (Regression in 1.6.5.)
+ * Properly activate device with discard (TRIM for SSDs)
+if requested even if dm_crypt module is not yet loaded.
+Only if discard is not supported by the old kernel then
+the discard option is ignored.
+ * Fix some static analysis build warnings (scan-build).
+ * Report crypto lib version only once (and always add kernel
+version) in debug output.
+
+---
Old:
cryptsetup-1.6.5.tar.sign
cryptsetup-1.6.5.tar.xz
New:
cryptsetup-1.6.6.tar.sign
cryptsetup-1.6.6.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.1rB7hC/_old 2014-09-17 21:24:56.0 +0200
+++ /var/tmp/diff_new_pack.1rB7hC/_new 2014-09-17 21:24:56.0 +0200
@@ -19,7 +19,7 @@
%define so_ver 4
Name: cryptsetup
-Version:1.6.5
+Version:1.6.6
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
@@ -154,7 +154,7 @@
%defattr(-,root,root)
%{_libdir}/libcryptsetup.so.%{so_ver}*
-%files -n libcryptsetup4-hmac
+%files -n libcryptsetup%{so_ver}-hmac
%defattr(-,root,root)
%{_libdir}/.libcryptsetup.so.%{so_ver}*hmac
++ cryptsetup-1.6.5.tar.xz - cryptsetup-1.6.6.tar.xz ++
7557 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2014-08-27 22:18:06
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2014-08-15
09:55:26.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2014-08-27 22:18:09.0 +0200
@@ -1,0 +2,5 @@
+Fri Aug 22 12:02:56 UTC 2014 - meiss...@suse.com
+
+- Use --enable-gcrypt-pbkdf2 to use the PBKDFv2 method from libgcrypt.
+
+---
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.qkgyV9/_old 2014-08-27 22:18:10.0 +0200
+++ /var/tmp/diff_new_pack.qkgyV9/_new 2014-08-27 22:18:10.0 +0200
@@ -92,7 +92,8 @@
%configure --enable-cryptsetup-reencrypt \
--enable-selinux \
--enable-fips \
- --enable-pwquality
+ --enable-pwquality \
+ --enable-gcrypt-pbkdf2
make %{?_smp_mflags}
%install
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2014-08-15 09:55:25
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2014-07-13
17:15:28.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2014-08-15 09:55:26.0 +0200
@@ -0,0 +1,32 @@
+---
+Tue Aug 12 16:34:04 UTC 2014 - asterios.dra...@gmail.com
+
+- version 1.6.5
+ * Allow LUKS header operation handling without requiring root privilege.
+It means that you can manipulate with keyslots as a regular user, only
+write access to device (or image) is required.
+ * Fix internal PBKDF2 key derivation function implementation for alternative
+crypto backends (kernel, NSS) which do not support PBKDF2 directly and have
+issues with longer HMAC keys.
+ * Support for Python3 for simple Python binding.
+Python = 2.6 is now required. You can set Python compiled version by
setting
+--with-python_version configure option (together with --enable-python).
+ * Use internal PBKDF2 in Nettle library for Nettle crypto backend.
+Cryptsetup compilation requires Nettle = 2.6 (if using Nettle crypto
backend).
+ * Allow simple status of crypt device without providing metadata header.
+The command cryptsetup status will print basic info, even if you
+do not provide detached header argument.
+ * Allow to specify ECB mode in cryptsetup benchmark.
+ * Add some LUKS images for regression testing.
+Note that if image with Whirlpool fails, the most probable cause is that
+you have old gcrypt library with flawed whirlpool hash.
+Read FAQ section 8.3 for more info.
+- Removed e2fsprogs-devel and libtool build requirements (not needed).
+- Added libpwquality-devel and libuuid-devel build requirements.
+
+---
+Mon Aug 11 15:21:03 UTC 2014 - meiss...@suse.com
+
+- libcryptsetup4-hmac split off contain the hmac for FIPS certification
+
+---
Old:
cryptsetup-1.6.4.tar.sign
cryptsetup-1.6.4.tar.xz
New:
cryptsetup-1.6.5.tar.sign
cryptsetup-1.6.5.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.ojQ3Ne/_old 2014-08-15 09:55:27.0 +0200
+++ /var/tmp/diff_new_pack.ojQ3Ne/_new 2014-08-15 09:55:27.0 +0200
@@ -16,31 +16,32 @@
#
+%define so_ver 4
+
Name: cryptsetup
-Url:http://code.google.com/p/cryptsetup/
-Version:1.6.4
+Version:1.6.5
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
Group: System/Base
-
-Source:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.xz
-# this is the signature of the uncompressed tarball
+Url:http://code.google.com/p/cryptsetup/
+Source0:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.xz
+# GPG signature of the uncompressed tarball.
Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.sign
Source2:baselibs.conf
Source3:%{name}.keyring
-BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: device-mapper-devel
-BuildRequires: e2fsprogs-devel
BuildRequires: fipscheck
BuildRequires: fipscheck-devel
BuildRequires: libgcrypt-devel
+BuildRequires: libpwquality-devel
BuildRequires: libselinux-devel
-BuildRequires: libtool
+BuildRequires: libuuid-devel
# 2.6.38 has the required if_alg.h
BuildRequires: linux-glibc-devel = 2.6.38
BuildRequires: pkgconfig
BuildRequires: popt-devel
+BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
cryptsetup is used to conveniently set up dm-crypt based device-mapper
@@ -49,25 +50,33 @@
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
-%package -n libcryptsetup4
+%package -n libcryptsetup%{so_ver}
Summary:Set Up dm-crypt Based Encrypted Block Devices
-Group: System/Base
+Group: System/Libraries
-%description -n libcryptsetup4
+%description -n libcryptsetup%{so_ver}
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
includes
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2014-07-13 17:15:27
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2014-04-26
17:01:56.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2014-07-13 17:15:28.0 +0200
@@ -0,0 +1,25 @@
+Tue May 27 14:38:57 UTC 2014 - meiss...@suse.com
+
+- version 1.6.4
+ - new tarball / signature location
+ * Implement new erase (with alias luksErase) command.
+ * Add internal whirlpool_gcryptbug hash for accessing flawed
+Whirlpool hash in gcrypt (requires gcrypt 1.6.1 or above).
+ * Allow to use --disable-gcrypt-pbkdf2 during configuration
+to force use internal PBKDF2 code.
+ * Require gcrypt 1.6.1 for imported implementation of PBKDF2
+(PBKDF2 in gcrypt 1.6.0 is too slow).
+ * Add --keep-key to cryptsetup-reencrypt.
+ * By default verify new passphrase in luksChangeKey and luksAddKey
+commands (if input is from terminal).
+ * Fix memory leak in Nettle crypto backend.
+ * Support --tries option even for TCRYPT devices in cryptsetup.
+ * Support --allow-discards option even for TCRYPT devices.
+(Note that this could destroy hidden volume and it is not suggested
+by original TrueCrypt security model.)
+ * Link against -lrt for clock_gettime to fix undefined reference
+to clock_gettime error (introduced in 1.6.2).
+ * Fix misleading error message when some algorithms are not available.
+ * Count system time in PBKDF2 benchmark if kernel returns no self
+usage info.
+
Old:
cryptsetup-1.6.3.tar.bz2
cryptsetup-1.6.3.tar.bz2.asc
New:
cryptsetup-1.6.4.tar.sign
cryptsetup-1.6.4.tar.xz
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.ALFTz5/_old 2014-07-13 17:15:29.0 +0200
+++ /var/tmp/diff_new_pack.ALFTz5/_new 2014-07-13 17:15:29.0 +0200
@@ -18,19 +18,22 @@
Name: cryptsetup
Url:http://code.google.com/p/cryptsetup/
-Version:1.6.3
+Version:1.6.4
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
Group: System/Base
-Source:
http://cryptsetup.googlecode.com/files/cryptsetup-%version.tar.bz2
-Source1:
http://cryptsetup.googlecode.com/files/cryptsetup-%version.tar.bz2.asc
+Source:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.xz
+# this is the signature of the uncompressed tarball
+Source1:
https://www.kernel.org/pub/linux/utils/cryptsetup/v1.6/cryptsetup-%{version}.tar.sign
Source2:baselibs.conf
Source3:%{name}.keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: device-mapper-devel
BuildRequires: e2fsprogs-devel
+BuildRequires: fipscheck
+BuildRequires: fipscheck-devel
BuildRequires: libgcrypt-devel
BuildRequires: libselinux-devel
BuildRequires: libtool
@@ -84,10 +87,18 @@
%configure \
--disable-static --enable-shared \
--enable-cryptsetup-reencrypt \
- --enable-selinux
+ --enable-selinux --enable-fips
make %{?_smp_mflags}
%install
+# Generate HMAC checksums (FIPS)
+%define __spec_install_post \
+ %{?__debug_package:%{__debug_install_post}} \
+ %{__arch_install_post} \
+ %{__os_install_post} \
+ fipshmac %{buildroot}/%{_libdir}/libcryptsetup.so.* \
+%{nil}
+
make install DESTDIR=$RPM_BUILD_ROOT
install -d -m 755 $RPM_BUILD_ROOT/sbin
ln -s ..%{_sbindir}/cryptsetup $RPM_BUILD_ROOT/sbin
@@ -96,8 +107,6 @@
#
%find_lang %name --all-name
-%pre
-
%post
test -n $FIRST_ARG || FIRST_ARG=$1
#
@@ -137,6 +146,7 @@
%files -n libcryptsetup4
%defattr(-,root,root)
/%{_libdir}/libcryptsetup.so.4*
+/%{_libdir}/.libcryptsetup.so.4*hmac
%files -n libcryptsetup-devel
%defattr(-,root,root)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2014-04-26 17:01:54
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2013-12-19
12:39:35.0 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2014-04-26 17:01:56.0 +0200
@@ -1,0 +2,6 @@
+Wed Apr 23 16:08:09 UTC 2014 - dmuel...@suse.com
+
+- remove dependency on gpg-offline (source_validator already
+ checks for gpg integrity)
+
+---
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.mwUEt6/_old 2014-04-26 17:01:57.0 +0200
+++ /var/tmp/diff_new_pack.mwUEt6/_new 2014-04-26 17:01:57.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package cryptsetup
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -31,9 +31,6 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: device-mapper-devel
BuildRequires: e2fsprogs-devel
-%if 0%{?suse_version} 1220
-BuildRequires: gpg-offline
-%endif
BuildRequires: libgcrypt-devel
BuildRequires: libselinux-devel
BuildRequires: libtool
@@ -77,9 +74,6 @@
time via the config file /etc/crypttab.
%prep
-%if 0%{?gpg_verify:1}
-%gpg_verify %{S:1}
-%endif
%setup -q
%build
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2013-12-19 12:39:34 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) Package is cryptsetup Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2013-08-30 11:33:19.0 +0200 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes 2013-12-19 12:39:35.0 +0100 @@ -1,0 +2,10 @@ +Sun Dec 15 20:04:00 UTC 2013 - crrodrig...@opensuse.org + +- version 1.6.3 +* Fix cryptsetup reencryption tool to work properly + with devices using 4kB sectors. +* Rewrite cipher benchmark loop which was unreliable on very fast machines. +* Support activation of old TrueCrypt containers (requires kernel 3.13) +* Other bugfixes. + +--- Old: cryptsetup-1.6.2.tar.bz2 cryptsetup-1.6.2.tar.bz2.asc New: cryptsetup-1.6.3.tar.bz2 cryptsetup-1.6.3.tar.bz2.asc Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.dUTbvg/_old 2013-12-19 12:39:36.0 +0100 +++ /var/tmp/diff_new_pack.dUTbvg/_new 2013-12-19 12:39:36.0 +0100 @@ -18,7 +18,7 @@ Name: cryptsetup Url:http://code.google.com/p/cryptsetup/ -Version:1.6.2 +Version:1.6.3 Release:0 Summary:Set Up dm-crypt Based Encrypted Block Devices License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+ ++ cryptsetup-1.6.2.tar.bz2 - cryptsetup-1.6.3.tar.bz2 ++ 29746 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2013-08-30 11:33:17
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2013-07-03
16:29:39.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2013-08-30 11:33:19.0 +0200
@@ -1,0 +2,11 @@
+Sun Aug 4 20:54:31 UTC 2013 - crrodrig...@opensuse.org
+
+- cryptsetup 1.6.2
+* Print error and fail if more device arguments
+ are present for isLuks command.
+* Fix cipher specification string parsing
+(found by gcc -fsanitize=address option).
+* Try to map TCRYPT system encryption through partitions
+* Workaround for some recent changes in automake
+
+---
Old:
cryptsetup-1.6.1.tar.bz2
cryptsetup-1.6.1.tar.bz2.asc
New:
cryptsetup-1.6.2.tar.bz2
cryptsetup-1.6.2.tar.bz2.asc
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.qgL5Fn/_old 2013-08-30 11:33:20.0 +0200
+++ /var/tmp/diff_new_pack.qgL5Fn/_new 2013-08-30 11:33:20.0 +0200
@@ -18,7 +18,7 @@
Name: cryptsetup
Url:http://code.google.com/p/cryptsetup/
-Version:1.6.1
+Version:1.6.2
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
@@ -87,9 +87,6 @@
%{?suse_update_config:%{suse_update_config}}
autoreconf -f -i
test -e po/Makevars || cp po/Makevars.template po/Makevars
-# remove for version 1.6.1 ##
-export CFLAGS=%optflags -DHAVE_ENDIAN_H -DHAVE_BYTESWAP_H
-
%configure \
--disable-static --enable-shared \
--enable-cryptsetup-reencrypt \
++ cryptsetup-1.6.1.tar.bz2 - cryptsetup-1.6.2.tar.bz2 ++
21017 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2013-07-03 16:29:37
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2013-03-26
14:05:45.0 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2013-07-03 16:29:39.0 +0200
@@ -1,0 +2,14 @@
+Tue Jul 2 18:53:21 UTC 2013 - crrodrig...@opensuse.org
+
+- cryptsetup 1.6.1
+ * Fix loop-AES keyfile parsing.
+ * Fix passphrase pool overflow for too long TCRYPT passphrase.
+ * Fix deactivation of device when failed underlying node disappeared.
+
+- There is a bug in the released tarball, due to HAVE_BYTESWAP_H
+ and HAVE_ENDIAN_H not properly handled by the buildsystem. A
+ patch with permanent solution was sent and accepted upstream
+ and will appear in the next release, for now an spec file workaround
+ is in place, remove in the next update.
+
+---
Old:
cryptsetup-1.6.0.tar.bz2
cryptsetup-1.6.0.tar.bz2.asc
New:
cryptsetup-1.6.1.tar.bz2
cryptsetup-1.6.1.tar.bz2.asc
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.w2NN6U/_old 2013-07-03 16:29:40.0 +0200
+++ /var/tmp/diff_new_pack.w2NN6U/_new 2013-07-03 16:29:40.0 +0200
@@ -18,7 +18,7 @@
Name: cryptsetup
Url:http://code.google.com/p/cryptsetup/
-Version:1.6.0
+Version:1.6.1
Release:0
Summary:Set Up dm-crypt Based Encrypted Block Devices
License:SUSE-GPL-2.0-with-openssl-exception and LGPL-2.0+
@@ -87,6 +87,9 @@
%{?suse_update_config:%{suse_update_config}}
autoreconf -f -i
test -e po/Makevars || cp po/Makevars.template po/Makevars
+# remove for version 1.6.1 ##
+export CFLAGS=%optflags -DHAVE_ENDIAN_H -DHAVE_BYTESWAP_H
+
%configure \
--disable-static --enable-shared \
--enable-cryptsetup-reencrypt \
++ cryptsetup-1.6.0.tar.bz2 - cryptsetup-1.6.1.tar.bz2 ++
8075 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2013-03-14 10:55:57
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup, Maintainer is lnus...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2012-12-21
14:32:59.0 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2013-03-14 10:55:58.0 +0100
@@ -1,0 +2,11 @@
+Tue Jan 15 13:17:57 UTC 2013 - lnus...@suse.de
+
+- version 1.6.0
+ * Change LUKS default cipher to to use XTS encryption mode,
+ aes-xts-plain64 (i.e. using AES128-XTS).
+ * license change to GPL-2.0+ from GPL-1.0
+ * new unified command open and close.
+ * direct support for TCRYPT (TrueCrypt and compatible tc-play) on-disk format
+ * new benchmark command
+
+---
Old:
cryptsetup-1.5.1.tar.bz2
cryptsetup-1.5.1.tar.bz2.asc
New:
cryptsetup-1.6.0.tar.bz2
cryptsetup-1.6.0.tar.bz2.asc
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.05cHPs/_old 2013-03-14 10:56:00.0 +0100
+++ /var/tmp/diff_new_pack.05cHPs/_new 2013-03-14 10:56:00.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package cryptsetup
#
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -23,13 +23,15 @@
Url:http://code.google.com/p/cryptsetup/
BuildRequires: device-mapper-devel
BuildRequires: e2fsprogs-devel
+%if 0%{?suse_version} 1220
BuildRequires: gpg-offline
+%endif
BuildRequires: libgcrypt-devel
BuildRequires: libselinux-devel
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: popt-devel
-Version:1.5.1
+Version:1.6.0
Release:0
#Release:%{?beta:0.}CI_CNT.B_CNT%{?beta:.}%{?beta}
Summary:Set Up dm-crypt Based Encrypted Block Devices
@@ -80,7 +82,9 @@
time via the config file /etc/crypttab.
%prep
+%if 0%{?gpg_verify:1}
%gpg_verify %{S:1}
+%endif
%setup -n %name-%ver -q
%build
++ cryptsetup-1.5.1.tar.bz2 - cryptsetup-1.6.0.tar.bz2 ++
43604 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2012-12-21 14:32:57
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup, Maintainer is lnus...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2012-11-03
08:18:18.0 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2012-12-21 14:32:59.0 +0100
@@ -1,0 +2,24 @@
+Thu Dec 13 10:46:43 UTC 2012 - lnus...@suse.de
+
+- version 1.5.1:
+ * Added keyslot checker
+ * Add crypt_keyslot_area() API call.
+ * Optimize seek to keyfile-offset (Issue #135, thx to dreisner).
+ * Fix luksHeaderBackup for very old v1.0 unaligned LUKS headers.
+ * Allocate loop device late (only when real block device needed).
+ * Rework underlying device/file access functions.
+ * Create hash image if doesn't exist in veritysetup format.
+ * Provide better error message if running as non-root user (device-mapper,
loop).
+
+---
+Wed Dec 12 16:00:29 UTC 2012 - lnus...@suse.de
+
+- split off hashalot and boot.crypto
+- move to /usr
+
+---
+Tue Nov 20 18:41:11 CET 2012 - sbra...@suse.cz
+
+- Verify GPG signature.
+
+---
Old:
boot.crypto-0_201206151440.tar.bz2
bug-476290_hashalot-hashlen.diff
cryptsetup-1.5.0.tar.bz2
cryptsetup-1.5.0.tar.bz2.asc
cryptsetup-mktar
hashalot-0.3.tar.bz2
hashalot-ctrl-d.diff
hashalot-fixes.diff
hashalot-glibc210.diff
hashalot-libgcrypt.diff
hashalot-manpage.diff
hashalot-timeout.diff
New:
cryptsetup-1.5.1.tar.bz2
cryptsetup-1.5.1.tar.bz2.asc
cryptsetup.keyring
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.ty6ACN/_old 2012-12-21 14:33:01.0 +0100
+++ /var/tmp/diff_new_pack.ty6ACN/_new 2012-12-21 14:33:01.0 +0100
@@ -23,16 +23,13 @@
Url:http://code.google.com/p/cryptsetup/
BuildRequires: device-mapper-devel
BuildRequires: e2fsprogs-devel
+BuildRequires: gpg-offline
BuildRequires: libgcrypt-devel
BuildRequires: libselinux-devel
BuildRequires: libtool
BuildRequires: pkgconfig
BuildRequires: popt-devel
-# hashalot version
-%define haver 0.3
-# boot.crypto version
-%define bcver 0_201206151440
-Version:1.5.0
+Version:1.5.1
Release:0
#Release:%{?beta:0.}CI_CNT.B_CNT%{?beta:.}%{?beta}
Summary:Set Up dm-crypt Based Encrypted Block Devices
@@ -41,26 +38,8 @@
Source:
http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2
Source1:
http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2.asc
Source2:baselibs.conf
-Source10: hashalot-%haver.tar.bz2
-# git://gitorious.org/opensuse/boot_crypto.git
-Source20: boot.crypto-%{bcver}.tar.bz2
-# use this to create the tarball from svn
-Source99: cryptsetup-mktar
-#Patch0: cryptsetup-svn131-noascii.diff
-Patch10:hashalot-fixes.diff
-Patch11:hashalot-libgcrypt.diff
-Patch12:hashalot-ctrl-d.diff
-Patch13:hashalot-timeout.diff
-Patch14:hashalot-manpage.diff
-Patch15:bug-476290_hashalot-hashlen.diff
-Patch16:hashalot-glibc210.diff
+Source3:%{name}.keyring
BuildRoot: %{_tmppath}/%{name}-%{version}-build
-Provides: aaa_base:/etc/init.d/boot.crypto
-Obsoletes: util-linux-crypto = 2.12r
-# we need losetup
-Requires: util-linux
-PreReq: %fillup_prereq %insserv_prereq
-PreReq: coreutils diffutils
%description
cryptsetup is used to conveniently set up dm-crypt based device-mapper
@@ -101,20 +80,8 @@
time via the config file /etc/crypttab.
%prep
-%setup -n %name-%ver -q -b 10 -b 20
-#patch0 -p1
-pushd ../hashalot-%haver
-%patch10 -p1
-%patch11 -p1
-%patch12 -p1
-%patch13 -p1
-%patch14 -p1
-%patch15 -p1
-%patch16 -p1
-popd
-pushd ../boot.crypto-%bcver
-#patch20 -p1
-popd
+%gpg_verify %{S:1}
+%setup -n %name-%ver -q
%build
# cryptsetup build
@@ -122,61 +89,24 @@
autoreconf -f -i
test -e po/Makevars || cp po/Makevars.template po/Makevars
%configure \
- --libdir=/%_lib \
- --bindir=/sbin --sbindir=/sbin \
--disable-static --enable-shared \
--enable-cryptsetup-reencrypt \
--enable-selinux
make %{?_smp_mflags}
-#
-# hashalot build
-pushd ../hashalot-%haver
-autoreconf -f -i
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2012-11-03 08:18:17 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) Package is cryptsetup, Maintainer is lnus...@suse.com Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2012-09-17 13:49:58.0 +0200 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes 2012-11-03 08:18:18.0 +0100 @@ -1,0 +2,5 @@ +Tue Sep 25 11:40:07 UTC 2012 - fcro...@suse.com + +- Remove crypttab manpage, it is now provided by systemd. + +--- Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.UA2FFi/_old 2012-11-03 08:18:20.0 +0100 +++ /var/tmp/diff_new_pack.UA2FFi/_new 2012-11-03 08:18:20.0 +0100 @@ -160,6 +160,9 @@ # %find_lang %name --all-name +# systemd is now providing cryptsetup manpage +rm -f $RPM_BUILD_ROOT%_mandir/man5/crypttab.5* + %pre # hack to catch update case from aaa_base/util-linux-crypto if [ -f /etc/init.d/boot.d/S??boot.crypto ]; then @@ -222,7 +225,6 @@ %_mandir/man8/cryptsetup.8.gz %_mandir/man8/cryptsetup-reencrypt.8.gz %_mandir/man8/veritysetup.8.gz -%_mandir/man5/crypttab.5.gz %_mandir/man5/cryptotab.5.gz /lib/cryptsetup -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2012-09-17 13:48:24
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup, Maintainer is lnus...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2012-07-10
13:39:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2012-09-17 13:49:58.0 +0200
@@ -1,0 +2,24 @@
+Wed Aug 1 13:37:04 UTC 2012 - lnus...@suse.de
+
+- version 1.5.0:
+ * Add --device-size option for reencryption tool.
+ * Switch to use unit suffix for --reduce-device-size option.
+ * Remove open device debugging feature (no longer needed).
+ * Introduce cryptsetup-reencrypt - experimental offline LUKS reencryption
tool.
+ * Fix luks-header-from-active script (do not use LUKS header on-disk, add
UUID).
+ * Add --test-passphrase option for luksOpen (check passphrase only).
+ * Introduce veritysetup for dm-verity target management.
+ * Both data and header device can now be a file.
+ * Loop is automatically allocated in crypt_set_data_device().
+ * Require only up to last keyslot area for header device (ignore data
offset).
+ * Fix header backup and restore to work on files with large data offset.
+ * Fix readonly activation if underlying device is readonly (1.4.0).
+ * Fix keyslot removal (wipe keyslot) for device with 4k hw block (1.4.0).
+ * Allow empty cipher (cipher_null) for testing.
+ * Fix loop mapping on readonly file.
+ * Relax --shared test, allow mapping even for overlapping segments.
+ * Support shared flag for LUKS devices (dangerous).
+ * Switch on retry on device remove for libdevmapper.
+ * Allow private activation (skip some udev global rules) flag.
+
+---
Old:
cryptsetup-1.4.2.tar.bz2
cryptsetup-1.4.2.tar.bz2.asc
New:
cryptsetup-1.5.0.tar.bz2
cryptsetup-1.5.0.tar.bz2.asc
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.hSccNv/_old 2012-09-17 13:49:59.0 +0200
+++ /var/tmp/diff_new_pack.hSccNv/_new 2012-09-17 13:49:59.0 +0200
@@ -32,7 +32,7 @@
%define haver 0.3
# boot.crypto version
%define bcver 0_201206151440
-Version:1.4.2
+Version:1.5.0
Release:0
#Release:%{?beta:0.}CI_CNT.B_CNT%{?beta:.}%{?beta}
Summary:Set Up dm-crypt Based Encrypted Block Devices
@@ -125,6 +125,7 @@
--libdir=/%_lib \
--bindir=/sbin --sbindir=/sbin \
--disable-static --enable-shared \
+ --enable-cryptsetup-reencrypt \
--enable-selinux
make %{?_smp_mflags}
#
@@ -213,10 +214,14 @@
/lib/mkinitrd/scripts/setup-luks_final.sh
/usr/sbin/convert_cryptotab
/sbin/cryptsetup
+/sbin/veritysetup
/sbin/hashalot
/sbin/rccrypto
+/sbin/cryptsetup-reencrypt
%_mandir/man1/hashalot.1.gz
%_mandir/man8/cryptsetup.8.gz
+%_mandir/man8/cryptsetup-reencrypt.8.gz
+%_mandir/man8/veritysetup.8.gz
%_mandir/man5/crypttab.5.gz
%_mandir/man5/cryptotab.5.gz
/lib/cryptsetup
++ cryptsetup-1.4.2.tar.bz2 - cryptsetup-1.5.0.tar.bz2 ++
33868 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2012-06-15 19:39:02 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) Package is cryptsetup, Maintainer is lnus...@suse.com Changes: --- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2012-04-17 21:58:11.0 +0200 +++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes 2012-06-15 19:39:04.0 +0200 @@ -1,0 +2,7 @@ +Fri Jun 15 12:41:00 UTC 2012 - lnus...@suse.de + +- boot.crypto: + * update man page to mention systemd and wiki article + * sanitize dm target names (bnc#716240) + +--- Old: boot.crypto-0_201204171450.tar.bz2 New: boot.crypto-0_201206151440.tar.bz2 Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.B6nRl7/_old 2012-06-15 19:39:06.0 +0200 +++ /var/tmp/diff_new_pack.B6nRl7/_new 2012-06-15 19:39:06.0 +0200 @@ -27,7 +27,7 @@ # hashalot version %define haver 0.3 # boot.crypto version -%define bcver 0_201204171450 +%define bcver 0_201206151440 License:GPL-2.0+ Group: System/Base Version:1.4.2 ++ boot.crypto-0_201204171450.tar.bz2 - boot.crypto-0_201206151440.tar.bz2 ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/boot.crypto-0_201204171450/crypttab.5 new/boot.crypto-0_201206151440/crypttab.5 --- old/boot.crypto-0_201204171450/crypttab.5 2012-04-17 14:50:27.0 +0200 +++ new/boot.crypto-0_201206151440/crypttab.5 2012-06-15 14:40:42.0 +0200 @@ -1,22 +1,13 @@ '\ t .\ Title: crypttab .\Author: [see the AUTHOR section] -.\ Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\ Date: 11/24/2011 +.\ Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ +.\ Date: 06/15/2012 .\Manual: Cryptsetup Manual .\Source: cryptsetup .\ Language: English .\ -.TH CRYPTTAB 5 11/24/2011 cryptsetup Cryptsetup Manual -.\ - -.\ * Define some portability stuff -.\ - -.\ ~ -.\ http://bugs.debian.org/507673 -.\ http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html -.\ ~ -.ie \n(.g .ds Aq \(aq -.el .ds Aq ' +.TH CRYPTTAB 5 06/15/2012 cryptsetup Cryptsetup Manual .\ - .\ * set default formatting .\ - @@ -127,6 +118,8 @@ \...] .RE .SH OPTIONS +.sp +Note: the options listed here refer to boot\.crypto as used by sysvinit\. Systemd has a separate implementation that does not support all options\. .PP \fBcipher\fR=cipher .RS 4 @@ -345,7 +338,7 @@ .RE .SH SEE ALSO .sp -cryptsetup(8), /etc/crypttab, fstab(8) +cryptsetup(8), /etc/crypttab, fstab(8), http://en\.opensuse\.org/Encrypted_Filesystems .SH AUTHOR .sp Manual page converted to asciidoc by Michael Gebetsroither michael\.geb@gmx\.at\. Originally written by Bastian Kleineidam calvin@debian\.org for the Debian distribution of cryptsetup\. Improved by Jonas Meurer jonas@freesources\.org\. Modified for SUSE Linux by Ludwig Nussel ludwig\.nussel@suse\.de\. Parts of this manual were taken and adapted from the fstab(5) manual page\. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/boot.crypto-0_201204171450/crypttab.5.txt new/boot.crypto-0_201206151440/crypttab.5.txt --- old/boot.crypto-0_201204171450/crypttab.5.txt 2012-04-17 14:50:27.0 +0200 +++ new/boot.crypto-0_201206151440/crypttab.5.txt 2012-06-15 14:40:42.0 +0200 @@ -60,6 +60,10 @@ OPTIONS --- +Note: the options listed here refer to boot.crypto as used by +sysvinit. Systemd has a separate implementation that does not +support all options. + *cipher*=cipher:: Encryption algorithm. See *cryptsetup -c*. Ignored for LUKS volumes. @@ -219,7 +223,7 @@ SEE ALSO -cryptsetup(8), /etc/crypttab, fstab(8) +cryptsetup(8), /etc/crypttab, fstab(8), http://en.opensuse.org/Encrypted_Filesystems AUTHOR diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/boot.crypto-0_201204171450/mkinitrd/boot-luks.sh new/boot.crypto-0_201206151440/mkinitrd/boot-luks.sh --- old/boot.crypto-0_201204171450/mkinitrd/boot-luks.sh2012-04-17
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2012-04-17 21:57:44
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup, Maintainer is lnus...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2011-12-27
18:34:52.0 +0100
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2012-04-17 21:58:11.0 +0200
@@ -1,0 +2,31 @@
+Tue Apr 17 13:03:28 UTC 2012 - lnus...@suse.de
+
+- boot.crypto:
+ * prefer physdev from crypttab
+ * fix non-plymouth use
+
+---
+Mon Apr 16 12:08:30 UTC 2012 - lnus...@suse.de
+
+- new version 1.4.2
+ * Fix header check to support old (cryptsetup 1.0.0) header alignment.
(1.4.0)
+ * Add --keyfile-offset and --new-keyfile-offset parameters to API and CLI.
+ * Add repair command and crypt_repair() for known LUKS metadata problems
repair.
+ * Allow to specify --align-payload only for luksFormat.
+ * Unify password verification option.
+ * Support password verification with quiet flag if possible. (1.2.0)
+ * Fix retry if entered passphrases (with verify option) do not match.
+ * Support UUID=LUKS_UUID format for device specification.
+ * Add --master-key-file option to luksOpen (open using volume key).
+ * Fix use of empty keyfile.
+ * Fix error message for luksClose and detached LUKS header.
+ * Allow --header for status command to get full info with detached header.
+
+---
+Mon Apr 16 09:56:40 UTC 2012 - lnus...@suse.de
+
+- boot.crypto:
+ * avoid warning about module 'kernel' (bnc#741468)
+ * incorporate plymouth support
+
+---
Old:
boot.crypto-0_201110101134.tar.bz2
cryptsetup-1.4.1.tar.bz2
cryptsetup-1.4.1.tar.bz2.asc
New:
boot.crypto-0_201204171450.tar.bz2
cryptsetup-1.4.2.tar.bz2
cryptsetup-1.4.2.tar.bz2.asc
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.aXO1Xc/_old 2012-04-17 21:58:12.0 +0200
+++ /var/tmp/diff_new_pack.aXO1Xc/_new 2012-04-17 21:58:12.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package cryptsetup
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,18 +20,18 @@
%define ver %version%{?beta:-%beta}
Name: cryptsetup
-URL:http://code.google.com/p/cryptsetup/
+Url:http://code.google.com/p/cryptsetup/
BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel
BuildRequires: libselinux-devel pkgconfig
BuildRequires: libtool
# hashalot version
%define haver 0.3
# boot.crypto version
-%define bcver 0_201110101134
+%define bcver 0_201204171450
License:GPL-2.0+
Group: System/Base
-Version:1.4.1
-Release:2
+Version:1.4.2
+Release:1
#Release:%{?beta:0.}CI_CNT.B_CNT%{?beta:.}%{?beta}
Summary:Set Up dm-crypt Based Encrypted Block Devices
Source:
http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2
++ boot.crypto-0_201110101134.tar.bz2 - boot.crypto-0_201204171450.tar.bz2
++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/boot.crypto-0_201110101134/crypttab.5
new/boot.crypto-0_201204171450/crypttab.5
--- old/boot.crypto-0_201110101134/crypttab.5 2011-10-10 11:34:41.0
+0200
+++ new/boot.crypto-0_201204171450/crypttab.5 2012-04-17 14:50:27.0
+0200
@@ -1,13 +1,22 @@
'\ t
.\ Title: crypttab
.\Author: [see the AUTHOR section]
-.\ Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/
-.\ Date: 02/02/2010
+.\ Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
+.\ Date: 11/24/2011
.\Manual: Cryptsetup Manual
.\Source: cryptsetup
.\ Language: English
.\
-.TH CRYPTTAB 5 02/02/2010 cryptsetup Cryptsetup Manual
+.TH CRYPTTAB 5 11/24/2011 cryptsetup Cryptsetup Manual
+.\ -
+.\ * Define some portability stuff
+.\ -
+.\ ~
+.\ http://bugs.debian.org/507673
+.\ http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
+.\
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at 2011-12-27 18:34:50
Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old)
and /work/SRC/openSUSE:Factory/.cryptsetup.new (New)
Package is cryptsetup, Maintainer is lnus...@suse.com
Changes:
--- /work/SRC/openSUSE:Factory/cryptsetup/cryptsetup.changes2011-10-27
19:34:44.0 +0200
+++ /work/SRC/openSUSE:Factory/.cryptsetup.new/cryptsetup.changes
2011-12-27 18:34:52.0 +0100
@@ -1,0 +2,11 @@
+Fri Dec 16 13:06:18 UTC 2011 - jeng...@medozas.de
+
+- Update to new upstream release 1.4.1
+* support for trim/discard
+* The on-disk LUKS header can now be detached (e.g. placed on
+ separate device or in file)
+* Support key-slot option for luksOpen (use only explicit keyslot)
+* API: Removal of deprecated API from libcryptsetup (all functions
+ using struct crypt_options)
+
+---
Old:
cryptsetup-1.3.1.tar.bz2
cryptsetup-1.3.1.tar.bz2.asc
New:
cryptsetup-1.4.1.tar.bz2
cryptsetup-1.4.1.tar.bz2.asc
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.9WGM80/_old 2011-12-27 18:34:54.0 +0100
+++ /var/tmp/diff_new_pack.9WGM80/_new 2011-12-27 18:34:54.0 +0100
@@ -20,7 +20,7 @@
%define ver %version%{?beta:-%beta}
Name: cryptsetup
-Url:http://code.google.com/p/cryptsetup/
+URL:http://code.google.com/p/cryptsetup/
BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel
BuildRequires: libselinux-devel pkgconfig
BuildRequires: libtool
@@ -30,7 +30,7 @@
%define bcver 0_201110101134
License:GPL-2.0+
Group: System/Base
-Version:1.3.1
+Version:1.4.1
Release:2
#Release:%{?beta:0.}CI_CNT.B_CNT%{?beta:.}%{?beta}
Summary:Set Up dm-crypt Based Encrypted Block Devices
@@ -65,12 +65,12 @@
includes support for automatically setting up encrypted volumes at boot
time via the config file /etc/crypttab.
-%package -n libcryptsetup1
+%package -n libcryptsetup4
License:GPL-2.0+
Summary:Set Up dm-crypt Based Encrypted Block Devices
Group: System/Base
-%description -n libcryptsetup1
+%description -n libcryptsetup4
cryptsetup is used to conveniently set up dm-crypt based device-mapper
targets. It allows to set up targets to read cryptoloop compatible
volumes as well as LUKS formatted ones. The package additionally
@@ -84,7 +84,7 @@
# cryptsetup-devel last used 11.1
Provides: cryptsetup-devel = %{version}
Obsoletes: cryptsetup-devel %{version}
-Requires: libcryptsetup1 = %{version}
+Requires: libcryptsetup4 = %{version}
Requires: device-mapper-devel libgcrypt-devel libgpg-error-devel
e2fsprogs-devel glibc-devel
%description -n libcryptsetup-devel
@@ -135,7 +135,7 @@
# move devel stuff to %%{libdir}
rm -f $RPM_BUILD_ROOT/%{_lib}/libcryptsetup.so
mkdir -p $RPM_BUILD_ROOT%{_libdir}
-ln -s /%{_lib}/libcryptsetup.so.1 $RPM_BUILD_ROOT%{_libdir}/libcryptsetup.so
+ln -s /%{_lib}/libcryptsetup.so.4 $RPM_BUILD_ROOT%{_libdir}/libcryptsetup.so
mv $RPM_BUILD_ROOT/%_lib/pkgconfig $RPM_BUILD_ROOT/%_libdir
# don't want this file in /lib (FHS compat check), and can't move it to
/usr/lib
rm -f $RPM_BUILD_ROOT/%_lib/*.la
@@ -189,9 +189,9 @@
[ -x /sbin/mkinitrd_setup ] mkinitrd_setup
%{insserv_cleanup}
-%post -n libcryptsetup1 -p /sbin/ldconfig
+%post -n libcryptsetup4 -p /sbin/ldconfig
-%postun -n libcryptsetup1 -p /sbin/ldconfig
+%postun -n libcryptsetup4 -p /sbin/ldconfig
%files -f %name.lang
%defattr(-,root,root)
@@ -215,9 +215,9 @@
%_mandir/man5/cryptotab.5.gz
/lib/cryptsetup
-%files -n libcryptsetup1
+%files -n libcryptsetup4
%defattr(-,root,root)
-/%_lib/libcryptsetup.so.1*
+/%_lib/libcryptsetup.so.4*
%files -n libcryptsetup-devel
%defattr(-,root,root)
++ baselibs.conf ++
--- /var/tmp/diff_new_pack.9WGM80/_old 2011-12-27 18:34:54.0 +0100
+++ /var/tmp/diff_new_pack.9WGM80/_new 2011-12-27 18:34:54.0 +0100
@@ -1 +1 @@
-libcryptsetup1
+libcryptsetup4
++ cryptsetup-1.3.1.tar.bz2 - cryptsetup-1.4.1.tar.bz2 ++
29936 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at 2011-12-06 18:04:45 Comparing /work/SRC/openSUSE:Factory/cryptsetup (Old) and /work/SRC/openSUSE:Factory/.cryptsetup.new (New) Package is cryptsetup, Maintainer is lnus...@suse.com Changes: Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.EFZfND/_old 2011-12-06 18:07:37.0 +0100 +++ /var/tmp/diff_new_pack.EFZfND/_new 2011-12-06 18:07:37.0 +0100 @@ -28,7 +28,7 @@ %define haver 0.3 # boot.crypto version %define bcver 0_201110101134 -License:GPLv2+ +License:GPL-2.0+ Group: System/Base Version:1.3.1 Release:2 @@ -66,7 +66,7 @@ time via the config file /etc/crypttab. %package -n libcryptsetup1 -License:GPLv2+ +License:GPL-2.0+ Summary:Set Up dm-crypt Based Encrypted Block Devices Group: System/Base @@ -78,7 +78,7 @@ time via the config file /etc/crypttab. %package -n libcryptsetup-devel -License:GPLv2+ +License:GPL-2.0+ Summary:Set Up dm-crypt Based Encrypted Block Devices Group: Development/Libraries/C and C++ # cryptsetup-devel last used 11.1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community, here is the log from the commit of package cryptsetup for openSUSE:Factory checked in at Mon Oct 3 09:15:17 CEST 2011. --- openSUSE:Factory/cryptsetup/cryptsetup.changes 2011-09-26 10:30:05.0 +0200 +++ cryptsetup/cryptsetup.changes 2011-09-30 22:11:10.0 +0200 @@ -1,0 +2,5 @@ +Fri Sep 30 20:07:51 UTC 2011 - co...@suse.com + +- add libtool as buildrequire to make the spec file more reliable + +--- calling whatdependson for head-i586 Other differences: -- ++ cryptsetup.spec ++ --- /var/tmp/diff_new_pack.qK1xjN/_old 2011-10-03 09:15:12.0 +0200 +++ /var/tmp/diff_new_pack.qK1xjN/_new 2011-10-03 09:15:12.0 +0200 @@ -23,6 +23,7 @@ Url:http://code.google.com/p/cryptsetup/ BuildRequires: device-mapper-devel e2fsprogs-devel libgcrypt-devel popt-devel BuildRequires: libselinux-devel pkgconfig +BuildRequires: libtool # hashalot version %define haver 0.3 # boot.crypto version continue with q... Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at Mon May 30 09:29:46 CEST 2011.
--- cryptsetup/cryptsetup.changes 2011-05-25 08:42:47.0 +0200
+++ /mounts/work_src_done/STABLE/cryptsetup/cryptsetup.changes 2011-05-27
15:21:11.0 +0200
@@ -1,0 +2,6 @@
+Fri May 27 13:20:27 UTC 2011 - lnus...@suse.de
+
+- boot.crypto:
+ * don't hard require boot.device-mapper in boot.crypto
+
+---
calling whatdependson for head-i586
Old:
boot.crypto-0_201102170853.tar.bz2
New:
boot.crypto-0_201105271519.tar.bz2
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.WjyUIO/_old 2011-05-30 09:28:48.0 +0200
+++ /var/tmp/diff_new_pack.WjyUIO/_new 2011-05-30 09:28:48.0 +0200
@@ -27,12 +27,12 @@
# hashalot version
%define haver 0.3
# boot.crypto version
-%define bcver 0_201102170853
+%define bcver 0_201105271519
License:GPLv2+
Group: System/Base
AutoReqProv:on
Version:1.3.1
-Release:1
+Release:2
#Release:%{?beta:0.}CI_CNT.B_CNT%{?beta:.}%{?beta}
Summary:Set Up dm-crypt Based Encrypted Block Devices
Source:
http://cryptsetup.googlecode.com/files/cryptsetup-%{ver}.tar.bz2
++ boot.crypto-0_201102170853.tar.bz2 - boot.crypto-0_201105271519.tar.bz2
++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/boot.crypto-0_201102170853/boot.crypto
new/boot.crypto-0_201105271519/boot.crypto
--- old/boot.crypto-0_201102170853/boot.crypto 2011-02-17 08:53:08.0
+0100
+++ new/boot.crypto-0_201105271519/boot.crypto 2011-05-27 15:19:38.0
+0200
@@ -24,9 +24,9 @@
#
### BEGIN INIT INFO
# Provides: boot.crypto
-# Required-Start:boot.localfs boot.device-mapper
+# Required-Start:boot.localfs
# Should-Start: boot.crypto-early
-# Required-Stop: boot.localfs boot.device-mapper
+# Required-Stop: boot.localfs
# Should-Stop: $null
# Default-Start: B
# Default-Stop: $null
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/boot.crypto-0_201102170853/boot.crypto-early
new/boot.crypto-0_201105271519/boot.crypto-early
--- old/boot.crypto-0_201102170853/boot.crypto-early2011-02-17
08:53:08.0 +0100
+++ new/boot.crypto-0_201105271519/boot.crypto-early2011-05-27
15:19:38.0 +0200
@@ -24,10 +24,10 @@
#
### BEGIN INIT INFO
# Provides: boot.crypto-early
-# Required-Start:boot.device-mapper
+# Required-Start:boot.udev
# X-Start-Before:boot.lvm boot.md boot.localfs
# Should-Start: $null
-# Required-Stop: boot.device-mapper
+# Required-Stop: $null
# Should-Stop: $null
# Default-Start: B
# Default-Stop: $null
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit cryptsetup for openSUSE:Factory
Hello community,
here is the log from the commit of package cryptsetup for openSUSE:Factory
checked in at Thu May 26 10:29:59 CEST 2011.
--- cryptsetup/cryptsetup.changes 2011-04-11 16:07:17.0 +0200
+++ /mounts/work_src_done/STABLE/cryptsetup/cryptsetup.changes 2011-05-25
08:42:47.0 +0200
@@ -1,0 +2,9 @@
+Wed May 25 06:42:03 UTC 2011 - lnus...@suse.de
+
+- new version 1.3.1:
+ * Fix keyfile=- processing in create command (regression in 1.3.0).
+ * Simplify device path status check (use /sys and do not scan /dev).
+ * Do not ignore device size argument for create command (regression in 1.2.0).
+ * Fix error paths in blockwise code and lseek_write call.
+
+---
calling whatdependson for head-i586
Old:
cryptsetup-1.3.0.tar.bz2
cryptsetup-1.3.0.tar.bz2.asc
New:
cryptsetup-1.3.1.tar.bz2
cryptsetup-1.3.1.tar.bz2.asc
Other differences:
--
++ cryptsetup.spec ++
--- /var/tmp/diff_new_pack.gOSoGU/_old 2011-05-26 10:25:14.0 +0200
+++ /var/tmp/diff_new_pack.gOSoGU/_new 2011-05-26 10:25:14.0 +0200
@@ -31,7 +31,7 @@
License:GPLv2+
Group: System/Base
AutoReqProv:on
-Version:1.3.0
+Version:1.3.1
Release:1
#Release:%{?beta:0.}CI_CNT.B_CNT%{?beta:.}%{?beta}
Summary:Set Up dm-crypt Based Encrypted Block Devices
++ cryptsetup-1.3.0.tar.bz2 - cryptsetup-1.3.1.tar.bz2 ++
28955 lines of diff (skipped)
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
