[pkg-cryptsetup-devel] cryptsetup_2.0.3-2_amd64.changes ACCEPTED into unstable

Debian FTP Masters ftpmaster at ftp-master.debian.org
Mon Jun 18 02:04:18 BST 2018 


Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 18 Jun 2018 02:40:41 +0200
Source: cryptsetup
Binary: cryptsetup-run cryptsetup-bin cryptsetup-initramfs cryptsetup libcryptsetup12 libcryptsetup-dev cryptsetup-udeb libcryptsetup12-udeb
Architecture: source amd64 all
Version: 2:2.0.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Cryptsetup Team <pkg-cryptsetup-devel at lists.alioth.debian.org>
Changed-By: Jonas Meurer <jonas at freesources.org>
Description:
 cryptsetup - transitional dummy package for cryptsetup-{run,initramfs}
 cryptsetup-bin - disk encryption support - command line tools
 cryptsetup-initramfs - disk encryption support - initramfs integration
 cryptsetup-run - disk encryption support - startup scripts
 cryptsetup-udeb - disk encryption support - commandline tools (udeb) (udeb)
 libcryptsetup-dev - disk encryption support - development files
 libcryptsetup12 - disk encryption support - shared library
 libcryptsetup12-udeb - disk encryption support - shared library (udeb) (udeb)
Closes: 714380 720952 782843 783194 784881 826122 826124 826127 849335 859953 873840 886007 891219 898495 901641 901713
Changes:
 cryptsetup (2:2.0.3-2) unstable; urgency=medium
 .
   The "nights are long in summer" cryptsetup sprint release :-)
 .
   Guilhem and Jonas hacked together for three days (and nights), refactored
   almost all of the cryptsetup packages, squashed (at least) 19 bugs and
   started work on several new features. Yay!
 .
   [ Guilhem Moulin ]
   * cryptsetup-initramfs: Demote "Depends: console-setup, kbd" to Recommends:
     (Closes: #901641.)
   * debian/initramfs/*-hook: complete refactoring. Common functions are now in
     /lib/cryptsetup/functions (source-able from shell scripts).
     (Closes: #784881.)
   * debian/initramfs/cryptroot-hook:
     + Use sysfs(5) block (resp. fs) hierarchies to detect slave dm-crypt
       devices such as LVM2 on top of LUKS (resp. multiple device filesystems
       such as btrfs).  This approach is more robust than parsing the output of
       `lvs` or `btrfs filesystem`.
     + Export relevant crypttab(5) snippet (for devices that need to be
       unlocked at initramfs stage) to the initramfs' /cryptroot/crypttab.
     + Print a warning inviting the user to uninstall 'cryptsetup-initramfs'
       if 1/ the CRYPTSETUP configuration option is unset or null (the
       default), and 2/ the hook didn't detect any device to be unlocked at
       initramfs stage.  The benefit is two-fold: it guides users through the
       package split, and warns them that their system might not reboot if the
       hook script didn't work properly.
   * Remove the 'decrypt_openct' keyscript since openct was last seen in
     oldoldstable, cf. #760258 (ROM).
   * debian/initramfs/cryptroot-script: refactoring, using functions from
     /lib/cryptsetup/functions. (Closes: #720952, #826124.)
     + One can disable the cryptsetup initramfs scripts for a particular boot
       by passing "cryptopts=" as kernel boot argument. (Closes: #873840.)
     + No longer sleep for a full minute after exceeding the maximum number of
       unlocking tries.  (This was added in 2:1.7.3-2 as an attempt to mitigate
       CVE-2016-4484.)  Instead, the script sleeps for 1 second after each failed
       attempt in order to defeat online brute-force attacks. (Closes: #898495.)
   * debian/README.initramfs: Remove mention that the initramfs scripts and the
     crypsetup binary are using a different hash algorithm for plain dm-crypt
     volumes.  This is no longer true since 2:1.0.6~pre1+svn45-1, cf. #406317.
   * debian/cryptdisks.functions:
     + Refactoring, using functions from /lib/cryptsetup/functions.
       (Closes: #859953, #891219.)
     + Install to /lib/cryptsetup/cryptdisks-functions.
   * crypttab(5):
     + Remove support for the 'precheck' option.  The precheck for LUKS devices
       is still hardcoded to `cryptsetup isLuks`; the script refuses to unlock
       non-LUKS devices (plain dm-crypt and tcrypt devices) containing a known
       filesystem (other that swap).
     + Don't ignore the 'plain' option: disable auto-detection and treat the
       device as a plain dm-crypt device. (Closes: #886007.)
     + Add support for some option aliases to unify with systemd's crypttab(5)
       options.  Namely, 'read-only' is an alias for 'readonly', 'key-slot=' is
       an alias for 'keyslot=', 'tcrypt-hidden' is an alias for 'tcrypthidden',
       and 'tcrypt-veracrypt' is an alias for 'veracrypt'.
     + Add support for 'keyfile-size=' and 'keyfile-offset=' options.
       (Closes: #849335.)
     + Source devices can now be specified using their PARTUUID or PARTLABEL,
       similar to fstab(5).
   * debian/scripts/cryptdisks_start: Add support for '-r'/'--readonly' switch
     to setup readonly mappings. (Closes: #782843.)
   * debian/scripts/cryptdisks_stop: Add support for closing multiple disks at
     once.  (Closes: #783194.)
 .
   [ Jonas Meurer ]
   * debian/doc/crypttab.xml:
     + Add a section about the different crypttab formats of our package and
       the systemd cryptsetup wrapper.
     + Document, which options are ignored by the initramfs scripts and which
       are unsupported by the systemd implementation. (Closes: #714380)
     + Clarify documentation of option 'tries'. It also applies when using
       keyscripts, not only with interactive passphrases. (Closes: #826127)
     + Make it obvious that in case a keyscript is configured, the third option
       is passed as argument to the keyscript. Mention the optional requirement
       to quote the value. (Closes: #826122)
     + Some minor wording improvements.
   * debian/control, debian/combat: Bump debhelper compatibility level to 11.
   * debian/rules:
     + Completely refactor the rules file, adapt to debhelper 11 style.
       (Closes: #901713)
     + Run the upstream build-time testsuite thanks to dh_auto_test.
     + Move the luksformat script from cryptsetup-bin to cryptsetup-run.
     + Install the bug-script into all packages.
     + No longer install the sysvinit initscripts into cryptsetup-udeb.
     + Remove many old build and compile flags, debhelper takes care of most of
       them nowadays.
Checksums-Sha1:
 9e24a4d923ce4fac64bcc84c380c3b5862fda444 2876 cryptsetup_2.0.3-2.dsc
 caa54865a0c2793f4f48c7ff711aec5d370ab91c 94488 cryptsetup_2.0.3-2.debian.tar.xz
 4f9d4f236dab75639590e61cf52539c2eee4d0f8 165032 cryptsetup-bin-dbgsym_2.0.3-2_amd64.deb
 1505a33b256470e7bdf9af23753e548e561ec373 242520 cryptsetup-bin_2.0.3-2_amd64.deb
 fcd69e2941ee40c0a18e224b5be2b39e1af8eeaf 59828 cryptsetup-initramfs_2.0.3-2_all.deb
 aa24f39bdf244315daddbf0c2891ae097895add6 17124 cryptsetup-run-dbgsym_2.0.3-2_amd64.deb
 ace218419e640beb6f8955635829914fd7fd32ed 179024 cryptsetup-run_2.0.3-2_amd64.deb
 9f516f0f88b5330a97b4642b35b17a19ca12feb8 48272 cryptsetup-udeb_2.0.3-2_amd64.udeb
 1f4d2938dd38afeeeee5c6d710079be41e785b6d 45312 cryptsetup_2.0.3-2_all.deb
 475e5563c9d2200d54fd72c9d35282f3bd338090 9428 cryptsetup_2.0.3-2_amd64.buildinfo
 f57f744eb3887b549d29d4b831e02b21652653f2 60508 libcryptsetup-dev_2.0.3-2_amd64.deb
 5ef052c82ec108cb4caebdf21fb11da680d06efb 339932 libcryptsetup12-dbgsym_2.0.3-2_amd64.deb
 a826030e6885c6fe74756d76e52b87fc882e8116 128940 libcryptsetup12-udeb_2.0.3-2_amd64.udeb
 bf147449d1cce8feb7b041bf948cf28611592594 173040 libcryptsetup12_2.0.3-2_amd64.deb
Checksums-Sha256:
 f9e65284bfae2617feb4e9dd283bfd6234f12886a46bc0c7b2a78c5cf93f5d38 2876 cryptsetup_2.0.3-2.dsc
 becf1f02162d8efbe84e26d819151bc49c611c065816708b41ddfc8d513040a6 94488 cryptsetup_2.0.3-2.debian.tar.xz
 9f53d0529e41162fe2f5e69491bbe9a9419b6763e403acbd141503c38411b315 165032 cryptsetup-bin-dbgsym_2.0.3-2_amd64.deb
 4b30027751df6994f341502f0584882819fd54b3ace92457b4958734bee83127 242520 cryptsetup-bin_2.0.3-2_amd64.deb
 7ede88f94f8440b2748340ecf62efd527688573caf9d6dcce6892ccf444dd089 59828 cryptsetup-initramfs_2.0.3-2_all.deb
 5d229256806d6e0e7a6cf0d0a87679d43d350652bbe98db3c5641b2d2f1ce553 17124 cryptsetup-run-dbgsym_2.0.3-2_amd64.deb
 ed53ef51adb1aa4974330eaa062a27ff867058069e62a431d5e22dac74e19728 179024 cryptsetup-run_2.0.3-2_amd64.deb
 00fe5f90512ed514f9e0de3ae4483d1f05e7a4f72e096a43ebe372ca59881872 48272 cryptsetup-udeb_2.0.3-2_amd64.udeb
 d60fe40571001edf8d72198728f7c95ce57fb1c330ec606b601075f14a69cfe1 45312 cryptsetup_2.0.3-2_all.deb
 affa5da486686a3e3c546e7ffcbea3fa3e22adc75049c9603eac44f8421c5b91 9428 cryptsetup_2.0.3-2_amd64.buildinfo
 bb314080c38d8a85619ea1e66b0d2d5e0261f1dc42ca3936fc13ecb1209167bd 60508 libcryptsetup-dev_2.0.3-2_amd64.deb
 0035b99a713d0bd19f7437f3e0b88956540bca802a119b19149acc0981cd0cd9 339932 libcryptsetup12-dbgsym_2.0.3-2_amd64.deb
 c1844fe09ec3215a69ea322c13dc26c9bec39f07b55cbdf04987b27bb135365d 128940 libcryptsetup12-udeb_2.0.3-2_amd64.udeb
 d84c3f02386bd5fed940f6022c0b95c23ae0f83c3ece78dca41269a1f01c8451 173040 libcryptsetup12_2.0.3-2_amd64.deb
Files:
 fbf0675106eee4f5b591282d41fed37e 2876 admin optional cryptsetup_2.0.3-2.dsc
 e8668c77734e77aedec6042640060733 94488 admin optional cryptsetup_2.0.3-2.debian.tar.xz
 3c73819417b4ea1bd0d3c2a9616bec11 165032 debug optional cryptsetup-bin-dbgsym_2.0.3-2_amd64.deb
 bfa863656e5e996225bd24d1a6f17057 242520 admin optional cryptsetup-bin_2.0.3-2_amd64.deb
 e60c9cb022547f7438023822d13facbd 59828 admin optional cryptsetup-initramfs_2.0.3-2_all.deb
 44c196d67f4f327d3de53198df072e15 17124 debug optional cryptsetup-run-dbgsym_2.0.3-2_amd64.deb
 bacc6514f686012ee21ead1a5f3abfb7 179024 admin optional cryptsetup-run_2.0.3-2_amd64.deb
 0e36b9f3de5fde610403c98e95c56ebb 48272 debian-installer optional cryptsetup-udeb_2.0.3-2_amd64.udeb
 6770011c4b325c93ace1010e1b013b96 45312 oldlibs optional cryptsetup_2.0.3-2_all.deb
 c1ab6cb0d4e35128243c7ef66038aed7 9428 admin optional cryptsetup_2.0.3-2_amd64.buildinfo
 c4354dcf198a962874426cc6cb0aee3f 60508 libdevel optional libcryptsetup-dev_2.0.3-2_amd64.deb
 2ea010d53fb99c127eb4546e84d0a671 339932 debug optional libcryptsetup12-dbgsym_2.0.3-2_amd64.deb
 fc7631f69f993d6eb8699771490cbc9c 128940 debian-installer optional libcryptsetup12-udeb_2.0.3-2_amd64.udeb
 ffdd73657eb4e400eaefafe9d3730bfa 173040 libs optional libcryptsetup12_2.0.3-2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEELIzSg9Pv30M4kOeDUmLn/0kQSf4FAlsnALcACgkQUmLn/0kQ
Sf7t0hAApxmGqvvhNQNAQw8y8ZsrqWSmjnkzoPR13XC/mjZOEWD6fWkMtd24B63P
+TeLu9q6xS1t8k/pD3DJRcjrIR9cDSMqBmHS7B7ZQd6wtYPKDqjugFSzdHgu15kg
4xlwxyb9cDURmvgXes1we3psRp0YxFrSA5amSfGP1xJgmW+pgaRB6K2VtouWHbr2
x7AwW1pO+SThVqVEmcbnfdLHJjFuOfC4m08U5CRUjegasZyuA5jzRZWCSTdGdh8K
CTYiKqR7of4/fiAgcNmz7ofr2Ct/KN+mjnw6XnecEVhLc9UXtv5pla5wCrr0Z9tz
2YPph4gJ1/8f+Lf9B701FzGtCU/O2iPJ7n7n0foN9e06PeUj9veqhrp9VIw6kTCS
S2668guPneSQp3hexIY4TfSEqLwhdIEe2xhYbj7bkaz5oTHqWs+rxb5IpGB1MA/7
47QjJWEUnJ8r6NMFmAh4/TN70fdli1RxhR9vIpaU7mSlf7tEKefGO81KOLBKw3Gi
pmu7kfIoHNlawpzF6XHifLlpdq1tNkcotRzh8BXbLjPUJhv2o+R9I5xAqtW3pekB
Y4NMvMcF0y7W2rQQ3nsOQpR2qx4FqgKpwA+fBZVD2nsfa3DOKssrqF+ZwaOywe1B
0gGdO9N6nL+KK018fUg6rkexuQD7Wbe///4KyZh6ciMzBKoJs0I=
=nTPE
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.

More information about the pkg-cryptsetup-devel mailing list