[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#928269: marked as done (unblock: cryptsetup/2.1.0-3)

Your message dated Sun, 05 May 2019 13:34:26 +0000
with message-id <E1hNHHe-0006Jq-Qp@respighi.debian.org>
and subject line unblock cryptsetup
has caused the Debian Bug report #928269,
regarding unblock: cryptsetup/2.1.0-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
928269: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928269
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi there,

The cryptsetup package found in Buster, currently at version 2:2.1.0-2,
contains regressions affecting unlocking using OpenSC (PKCS#15 compatible
Smart Card):

    [#926573] The `decrypt_opensc` keyscript poisons standard output,
    causing `cryptsetup open --key-file -` to fail.  (Since 2:2.0.3-7.)
    https://salsa.debian.org/cryptsetup-team/cryptsetup/merge_requests/8

    [#928263] The initramfs hook fails to copy libpcsclite.so to the
    initramfs on non-usrmerge systems, causing the pcscd daemon to fail to
    start, hence failing unlocking at initramfs stage.  (Since 2:2.0.3-2.)

These regressions are RC for users relying on OpenSC integration, but
the bugs have ‘Severity: important’ since src:cryptsetup is still usable
to others.

Debdiff between 2:2.1.0-2 and 2:2.1.0-3 attached.

Thanks for considering its inclusion in Buster!
Cheers,
-- 
Guilhem.

diff -Nru cryptsetup-2.1.0/debian/changelog cryptsetup-2.1.0/debian/changelog
--- cryptsetup-2.1.0/debian/changelog	2019-02-28 22:32:43.000000000 +0100
+++ cryptsetup-2.1.0/debian/changelog	2019-04-30 21:20:47.000000000 +0200
@@ -1,3 +1,12 @@
+cryptsetup (2:2.1.0-3) unstable; urgency=medium
+
+  * d/scripts/decrypt_opensc: Fix standard output poisoning.  Thanks to Nils
+    Mueller for the report and patch.  (Closes: #926573.)
+  * d/initramfs/hooks/cryptopensc: Ensure that libpcsclite.so is copied to the
+    initramfs on non-usrmerge systems.  (Closes: #928263.)
+
+ -- Guilhem Moulin <guilhem@debian.org>  Tue, 30 Apr 2019 21:20:47 +0200
+
 cryptsetup (2:2.1.0-2) unstable; urgency=medium
 
   * debian/copyright:
diff -Nru cryptsetup-2.1.0/debian/initramfs/hooks/cryptopensc cryptsetup-2.1.0/debian/initramfs/hooks/cryptopensc
--- cryptsetup-2.1.0/debian/initramfs/hooks/cryptopensc	2019-02-28 22:32:43.000000000 +0100
+++ cryptsetup-2.1.0/debian/initramfs/hooks/cryptopensc	2019-04-30 21:20:47.000000000 +0200
@@ -47,7 +47,7 @@
 # pcscd utilizes pthread_cancel
 copy_exec /usr/sbin/pcscd
 LIBC_DIR="$(ldd /usr/sbin/pcscd | sed -nr 's#.* => (/lib.*)/libc\.so\.[0-9.-]+ \(0x[[:xdigit:]]+\)$#\1#p')"
-find -L "$LIBC_DIR" -maxdepth 1 \( -name 'libgcc_s.*' -o -name 'libusb-*.so*' -o -name 'libpcsclite.so*' \) -type f | while read so; do
+find -L "$LIBC_DIR" "/usr$LIBC_DIR" -maxdepth 1 \( -name 'libgcc_s.*' -o -name 'libusb-*.so*' -o -name 'libpcsclite.so*' \) -type f | while read so; do
     copy_exec "$so"
 done
 
diff -Nru cryptsetup-2.1.0/debian/scripts/decrypt_opensc cryptsetup-2.1.0/debian/scripts/decrypt_opensc
--- cryptsetup-2.1.0/debian/scripts/decrypt_opensc	2019-02-28 22:32:43.000000000 +0100
+++ cryptsetup-2.1.0/debian/scripts/decrypt_opensc	2019-04-30 21:20:47.000000000 +0200
@@ -12,7 +12,7 @@
 check_card() {
     cardfound=0
 
-    if /usr/bin/opensc-tool -n 2>&1; then
+    if /usr/bin/opensc-tool -n >/dev/null 2>&1; then
         cardfound=1
     fi
 }

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Unblocked cryptsetup.

--- End Message ---
Reply to: