Your message dated Thu, 08 Dec 2016 01:08:54 +0000 with message-id <1481159334.3013.0.camel@decadent.org.uk> and subject line Re: Bug#815480: cryptsetup: versions before 1.7.1 incompatible with latest batch of Linux kernels (mainline and stable) has caused the Debian Bug report #815480, regarding Linux kernel crypto 'no key' patches break cryptsetup if not carefully backported to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 815480: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815480 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: cryptsetup: versions before 1.7.1 incompatible with latest batch of Linux kernels (mainline and stable)
- From: Henrique de Moraes Holschuh <hmh@debian.org>
- Date: Sun, 21 Feb 2016 17:40:27 -0300
- Message-id: <20160221204027.GA31980@khazad-dum.debian.net>
Source: cryptsetup Severity: important Tags: upstream fixed-upstream This bug is actually severity grave as it renders systems unbootable and data unaccessible, but since it can only trigger on non-Debian kernels ATM, I am reporting it at severity important. https://gitlab.com/cryptsetup/cryptsetup/issues/284 https://bugzilla.kernel.org/show_bug.cgi?id=112631 cryptsetup is rendered useless by the latest batch of upstream stable kernels, as well as by Linux mainline. On systems with encrypted root, this renders the system unbootable. Otherwise, it renders any encrypted partitions and media unaccessible. Reproduced in Debian stable with a custom 3.18.27 kernel. The issue has been fixed upstream in the cryptsetup master branch, and in the cryptsetup v1_7_x branch. The fix will land in the 1.7.1 release, I think. The kernel people did not reply yet due to the weekend, but I expect the change will be made optional or reverted... for a while (and I hope for the "optional"). Regardless, it would be nice to have updated cryptsetup uploaded to unstable ASAP, and an eventual Debian stable backport... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
--- End Message ---
--- Begin Message ---
- To: Jonas Meurer <jonas@freesources.org>, 815480-done@bugs.debian.org
- Subject: Re: Bug#815480: cryptsetup: versions before 1.7.1 incompatible with latest batch of Linux kernels (mainline and stable)
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Thu, 08 Dec 2016 01:08:54 +0000
- Message-id: <1481159334.3013.0.camel@decadent.org.uk>
- In-reply-to: <[🔎] 317d8a22-ae2b-d2dc-90a5-0d0020d91d55@freesources.org>
- References: <1457322317.2910.4.camel@decadent.org.uk> <1457322317.2910.4.camel@decadent.org.uk> <[🔎] 317d8a22-ae2b-d2dc-90a5-0d0020d91d55@freesources.org>
On Wed, 2016-12-07 at 12:49 +0100, Jonas Meurer wrote: > Hi Ben, > > > On Mon, 07 Mar 2016 03:45:17 +0000 Ben Hutchings <ben@decadent.org.uk> > wrote: > > Control: retitle -1 Linux kernel crypto 'no key'Â patches break cryptsetup if not carefully backported > > > > Linux 3.2.78 and 3.16.7-ckt25 have this problem, but I have fixed it > > (at least, the result works on my machine!) before uploading stable > > updates based on those versions. > > > > If you use any other stable kernel branch, you'll need to either > > upgrade to 4.4 or request the appropriate stable maintainer fixes their > > backport of the 'no key' patches. > > Probably this bugreport should be closed, no? To my understanding, the > Linux kernels in Debian are all patched to fix this problem and besides, > cryptsetup packages in Unstable and Stretch are fixed to work with the > backwards-incompatible changes anyway since quite some time. Right, I don't think this ever really affected the Debian package. Ben. -- Ben Hutchings When in doubt, use brute force. - Ken ThompsonAttachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---