Bug#1020417: marked as done (plasma-vault: encfs security warning during Debian-Installer when KDE desktop selected)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sun, 02 Oct 2022 16:56:22 +0000
with message-id <E1of2GM-00G7eQ-Mh@fasolo.debian.org>
and subject line Bug#1020417: fixed in plasma-vault 5.25.5-2
has caused the Debian Bug report #1020417,
regarding plasma-vault: encfs security warning during Debian-Installer when KDE desktop selected
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1020417: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020417
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: plasma-vault: encfs security warning during Debian-Installer when KDE desktop selected
• From: Philip Hands <phil@hands.com>
• Date: Wed, 21 Sep 2022 15:56:38 +0200
• Message-id: <166376859887.88891.4825271549866780938.reportbug@rummy.hk.hands.com>

Package: plasma-vault
Version: 5.25.4-1
Severity: normal

Attached is a screenshot from installing Debian with KDE selected as the Desktop
Environment.

As you can see, it's giving a scarry looking security warning, which is probably
not the first impression we want to present.

My asumption is that when selecting KDE, one pulls in plasma-vault, which in
turn depends upon encfs, which results in this message being presented to the
user.

Is encfs essential to the operation of plasma-vault? If not, perhaps it could be
dropped from a recommends to a suggests?

BTW You can see a test install of KDE here, with the warning:

  https://openqa.debian.net/tests/77193#step/grub/3

Cheers, Phil.

Attachment: encfs-warning.png
Description: PNG image

--- End Message ---

--- Begin Message ---

• To: 1020417-close@bugs.debian.org
• Subject: Bug#1020417: fixed in plasma-vault 5.25.5-2
• From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
• Date: Sun, 02 Oct 2022 16:56:22 +0000
• Message-id: <E1of2GM-00G7eQ-Mh@fasolo.debian.org>
• Reply-to: Aurélien COUDERC <coucouf@debian.org>

Source: plasma-vault
Source-Version: 5.25.5-2
Done: Aurélien COUDERC <coucouf@debian.org>

We believe that the bug you reported is fixed in the latest version of
plasma-vault, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1020417@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurélien COUDERC <coucouf@debian.org> (supplier of updated plasma-vault package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 02 Oct 2022 18:25:01 +0200
Source: plasma-vault
Architecture: source
Version: 5.25.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Aurélien COUDERC <coucouf@debian.org>
Closes: 1020417
Changes:
 plasma-vault (5.25.5-2) unstable; urgency=medium
 .
   [ Sune Vuorela ]
   * Remove encfs dependency. It provides unsecure warnings on install and on
     usage. The plasma-vault UI handles it nicely when encfs is not available.
     (Closes: 1020417)
   * Suggest gocryptfs. It is also possible to use that, though it is not the
     default like CryFS is.
Checksums-Sha1:
 50ee4d4a8fd454beae8c672c80e43d044598ee0d 2880 plasma-vault_5.25.5-2.dsc
 abc22cf7a4ba585ff5b522d05420d21734e40ed1 13876 plasma-vault_5.25.5-2.debian.tar.xz
 73ebc68ad5b319ac95f3b5e70928e2309374520e 19811 plasma-vault_5.25.5-2_amd64.buildinfo
Checksums-Sha256:
 57d2e6dc6dd68671963352b21883b7400ab623bce997e1d0326b067f1f0dacb0 2880 plasma-vault_5.25.5-2.dsc
 9018de47877ac54f9ddf5e9edf7e0f2907735267ac92a89ed3470e1e2f0de636 13876 plasma-vault_5.25.5-2.debian.tar.xz
 7f6f70ba691c585b40da76f91c9e18620e1119ba8d453d8269d9e2b7ce0ffbd0 19811 plasma-vault_5.25.5-2_amd64.buildinfo
Files:
 5318be238d8adfee0daa301f9417a3ed 2880 kde optional plasma-vault_5.25.5-2.dsc
 1f18019164fa620cd96a8a2ebc39ae47 13876 kde optional plasma-vault_5.25.5-2.debian.tar.xz
 1101fb20fb631a9bd60a8e1655dd2055 19811 kde optional plasma-vault_5.25.5-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEEIW//QAAaDgcOKDsfcaflM/KRoyQFAmM5u8MTHGNvdWNvdWZA
ZGViaWFuLm9yZwAKCRBxp+Uz8pGjJHclD/430pQPVee2Ahg51YwhS92yR6HmGmUp
hfNswNkDlWaMCCBblM46VTDmXkXSU9Y3zYF6NbUOXy6hFgL9IvBv0l7LZ3e4fga4
c34fci+d0l2iMVQT8V9PbrmojhG8wqZlV1HEondH+BLGahTrB/crP8kTYcS0vcRS
yW8eYhCOUsdZhxEQcNl4IKcPGu2kdobmnZmvB5ndS5FoHMgKwJTPcRaRmdK404Kw
xfDPQpHUqD088sSP4lDO+P++14T8Z6HaNqbqCdjq2wZgb+6v6XCONB8kCEOj2yQD
kJTY+0+MQek/TZ7DuYyrXeqe6CT7UBslMEMn8Vo6SfupEONhSHjmXIAKwn+REbKa
e8OTJhDQWJFkQ73DwWZnD56V/ZXXMWjjzTFGF08e4zowqpHLILuQZIXH8m3JdExw
gbkz/wLUyN2u2PtsMNFGL1IQGYakpg64QdzbVs3JtEqWl7x8HZJeopXMXtaktslp
Sp3S9zjyYXLoXZ6G0KmHjfwH2I73nVK0n6Me4FKJ9Ar8ET3+wssxfDuQt9OUMMiP
N51MRrh3WbVyc3Cm2RPjnWUahYhsaijXUDETwP5bNuZcClqXsrooxwpdw41sIFaw
2AvAdQk7UIv4uhKSokQG8bfm15dalR/Bi4Q6N3y0fKOTRtjnhEgDrwmMIwc1fNTk
M3DKehTtQts7Ow==
=coXA
-----END PGP SIGNATURE-----

--- End Message ---