All of lore.kernel.org
 help / color / mirror / Atom feed
From: Milan Broz <gmazyland@gmail.com>
To: dm-crypt <dm-crypt@saout.de>
Subject: [dm-crypt] [ANNOUNCE] cryptsetup 2.4.2
Date: Thu, 18 Nov 2021 12:09:36 +0100	[thread overview]
Message-ID: <06f2cbdf-9e4c-bed7-6237-e0b923ffc6dc@gmail.com> (raw)


[-- Attachment #1.1.1: Type: text/plain, Size: 1697 bytes --]

The cryptsetup 2.4.2 stable release is available at

      https://gitlab.com/cryptsetup/cryptsetup

Please note that release packages are located on kernel.org

      https://www.kernel.org/pub/linux/utils/cryptsetup/v2.4/

Feedback and bug reports are welcomed.

Cryptsetup 2.4.2 Release Notes
==============================
Stable bug-fix release.

All users of cryptsetup 2.4.1 should upgrade to this version.

Changes since version 2.4.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~

* Fix possible large memory allocation if LUKS2 header size is invalid.
   LUKS2 code read the full header to buffer to verify the checksum.
   The maximal supported header size now limits the memory allocation.

* Fix memory corruption in debug message printing LUKS2 checksum.

* veritysetup: remove link to the UUID library for the static build.

* Remove link to pwquality library for integritysetup and veritysetup.
   These tools do not read passphrases.

* OpenSSL3 backend: avoid remaining deprecated calls in API.
   Crypto backend no longer use API deprecated in OpenSSL 3.0


* Check if kernel device-mapper create device failed in an early phase.
   This happens when a concurrent creation of device-mapper devices
   meets in the very early state.

* Do not set compiler optimization flag for Argon2 KDF if the memory
   wipe is implemented in libc.

* Do not attempt to unload LUKS2 tokens if external tokens are disabled.
   This allows building a static binary with  --disable-external-tokens.

* LUKS convert: also check sysfs for device activity.
   If udev symlink is missing, code fallbacks to sysfs scan to prevent
   data corruption for the active device.

[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

[-- Attachment #2: Type: text/plain, Size: 147 bytes --]

_______________________________________________
dm-crypt mailing list -- dm-crypt@saout.de
To unsubscribe send an email to dm-crypt-leave@saout.de

                 reply	other threads:[~2021-11-18 11:12 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=06f2cbdf-9e4c-bed7-6237-e0b923ffc6dc@gmail.com \
    --to=gmazyland@gmail.com \
    --cc=dm-crypt@saout.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.