hello debian-release,
I'd like to request a freeze exception for cryptsetup 1.0.6-4. I didn't
upload it to unstable yet, but if no objections are raised, I'll do so
tomorrow.
at least one change (to use askpass in the init script) is very likely
to fix several issues, among others a security bug (#477203).
please note that current cryptsetup in testing is 1.0.6-1 which is
rather outdated. according to grep-excuses, 1.0.6-2 was unblocked by Luk
but didn't migrate to testing due to a version mismatch (maybe -3 was
uploaded exactly at the time the unblock request was made).
it would be really sad to not have the many improvements since 1.0.6-1
in lenny.
the exact changelog for -2 to -4 is attached below.
greetings,
jonas
cryptsetup (2:1.0.6-4) unstable; urgency=low
[ David Härdeman ]
* Make sure $IGNORE is reset as necessary, patch by
Thomas Luzat <thomas@luzat.com> (closes: #490199)
* Use askpass in init scripts as well (closes: #489033, #477203)
[ Jonas Meurer ]
* Don't copy_exec libgcc1 in cryptopensc initramfs hook, as it's already
copied by copy_exec /usr/sbin/pcscd automaticly. Thanks to Evgeni Golov
<sargentd@die-welt.net>. (closes: #490300)
* Remove the udev rules file again as the relevant rules are now provided
by dmsetup package which cryptsetup depends on.
-- Jonas Meurer <mejo@debian.org> Fri, 18 Jul 2008 01:08:54 +0200
cryptsetup (2:1.0.6-3) unstable; urgency=low
[ Jonas Meurer ]
* Fix cryptdisks.functions to actually recognize the noauto option. Thanks
to Christian Pernegger <pernegger@gmail.com> (closes: #483882)
* Update patches/02_manpage.patch to fix two more typos, thanks to Bruno
Barrera Yever <bbyever@gmail.com> (closes: #476624) and to remove a
duplicate sentence.
* Rephrase "Enter password for $crypttarget" to "Enter password to unlock
the disk $cryptsource ($crypttarget)" in initramfs/cryptroot.script.
* Bump Standards-Version to 3.8.0:
- Add a README.source which references /usr/share/doc/quilt/README.source.
- Add support for debian build option parallel=n to debian/rules.
* Add a udev rules file to ignore temporary-cryptsetup-* devices, as
suggested in bug #467200. Thanks to Sam Morris <sam@robots.org.uk>.
* Transform debian/copyright into machine-readable code as proposed in
http://wiki.debian.org/Proposals/CopyrightFormat. Update and add several
copyright notices.
* Change reference to docbook xml v4.2 driver file from an online version
to a local one in the manpage files, as the build process should not
depend on internet access. Add docbook-xml to build-depends. Thanks to
Lucas Nussbaum <lucas@lucas-nussbaum.net>. (closes: #487056)
[ David Härdeman ]
* Hopefully fix askpass to properly handle console and usplash input
(closes: #477203)
* Clarify crypttab manpage (closes: #487246)
* Make regex work if keyfile has extended attributes,
https://launchpad.net/bugs/231339 (closes: #488131)
* Support comments in options part of crypttab (closes: #488128)
-- Jonas Meurer <mejo@debian.org> Mon, 07 Jul 2008 00:30:07 +0200
cryptsetup (2:1.0.6-2) unstable; urgency=low
[ Jonas Meurer ]
* Taken from ubuntu:
- debian/scripts/luksformat: Use 256 bit key size by default. (LP: #78508)
- debian/patches/02_manpage.patch: Clarify default key sizes (128 for
luksFormat and 256 for create) in cryptsetup.8. (side-note in LP #78508)
* Use 'shred -uz' instead of 'rm -r' to remove a tempfile that contains a
key in gen-ssl-key example script.
[ David Härdeman ]
* Misc bugfixes to askpass, make sure it is installed to the correct
location and is built using pedantic mode.
* Change the initramfs script to use askpass to prompt for
passphrases, this should hopefully fix #382375 and #465902 once it
is enabled in the init scripts as well.
* Add a keyscript called passdev which allows a keyfile to be
retrieved from a device which is first mounted, mainly useful to get
keyfiles off USB devices etc.
* Unbreak MODULES=dep booting (closes: #478268)
* Relax checks for suspend devices a bit (closes: #477658)
* Convert man pages to docbook.
-- David Härdeman <david@hardeman.nu> Mon, 26 May 2008 08:12:32 +0200
Attachment:
signature.asc
Description: Digital signature