[pkg-cryptsetup-devel] Bug#949336: integritysetup: volume formatted with 2.0.4 might not open with ≥2.0.5 (different key truncation)

[Guilhem Moulin]

Control: forwarded -1 https://gitlab.com/cryptsetup/cryptsetup/-/issues/648
Control: retitle -1 integritysetup: volume formatted with 2.0.4 might not open with ≥2.0.5 (different key truncation)
Control: found -1 2:2.0.5-1
Control: severity -1 normal

On Wed, 12 May 2021 at 18:25:20 +0000, nbf at waifu.club wrote:
> 4) I tried to find out how many are actually used ("BITS v.s. BYTES"):
> integritysetup 2.0.2 cares only about first 106 bytes (strange number)
> integritysetup 2.2.2 cares only about first 114 bytes (strange number, +8)

Thanks!  I was able to confirm this and locate the change between Debian
uploads 2:2.0.4-3 and 2:2.0.5-1 and, bisecting the upstream tree, at
https://gitlab.com/cryptsetup/cryptsetup/-/commit/a6e3a3169041987e9812b5033358ce3366ee3853 .

Fortunately there are no Debian releases with integritysetup ≤2.0.4 so
as far as Debian is concerned the impact is limited.  Thanks to your
workaround I'm also lowering the severity.

-- 
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20210513/717cc2af/attachment.sig>