rpms
/
cryptsetup
20
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: rpms:c9
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i9c
rpms:c9
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:i8c
rpms:c8
rpms:c9-beta
...
pull from: rpms:i10c-beta
Branches Tags
rpms:i10c-beta
rpms:c10-beta
rpms:i9c
rpms:c9
rpms:i10cs
rpms:cs10
rpms:i9c-beta
rpms:i8c
rpms:c8
rpms:c9-beta

No commits in common. 'c9' and 'i10c-beta' have entirely different histories.
c9 ... i10c-beta

11 changed files with 633 additions and 406 deletions
Show Stats

2
.cryptsetup.metadata
Unescape View File

@ -1 +1 @@
db48bcfaf135b627d9d5f0447d746e253a190843 SOURCES/cryptsetup-2.7.2.tar.xz
7e1f94e2bbbef12797e057d755caa18c7442de93 SOURCES/cryptsetup-2.7.3.tar.xz

2
.gitignore vendored
Unescape View File

@ -1 +1 @@
SOURCES/cryptsetup-2.7.2.tar.xz
SOURCES/cryptsetup-2.7.3.tar.xz

39
SOURCES/cryptsetup-2.7.5-Abort-online-reencryption-for-misconfigured-devices.patch
Unescape View File

@ -1,39 +0,0 @@
From 63bb997b41b8e92fe09ce8cb6582e094e00e19a6 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Mon, 26 Aug 2024 10:46:52 +0200
Subject: [PATCH 08/10] Abort online reencryption for misconfigured devices.
Hard abort is justified here. The online reencryption on
data devices that do not support O_DIRECT io flag is
dangerous and leads to data corruption. This should be
impossible to hit due to a patch that handles it
in initialization phase. Better safe than sorry.
---
lib/luks2/luks2_reencrypt.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c
index 6519c1e3..05f69d18 100644
--- a/lib/luks2/luks2_reencrypt.c
+++ b/lib/luks2/luks2_reencrypt.c
@@ -4230,9 +4230,14 @@ int crypt_reencrypt_run(
log_dbg(cd, "Resuming LUKS2 reencryption.");
- if (rh->online && reencrypt_init_device_stack(cd, rh)) {
- log_err(cd, _("Failed to initialize reencryption device stack."));
- return -EINVAL;
+ if (rh->online) {
+ /* This is last resort to avoid data corruption. Abort is justified here. */
+ assert(device_direct_io(crypt_data_device(cd)));
+
+ if (reencrypt_init_device_stack(cd, rh)) {
+ log_err(cd, _("Failed to initialize reencryption device stack."));
+ return -EINVAL;
+ }
}
log_dbg(cd, "Progress %" PRIu64 ", device_size %" PRIu64, rh->progress, rh->device_size);
--
2.46.0

35
SOURCES/cryptsetup-2.7.5-Do-not-handle-device-as-suspended-on-error.patch
Unescape View File

@ -1,35 +0,0 @@
From 53198bdea94e610e1e0378e3aff56e8d9f45ac09 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Thu, 22 Aug 2024 13:39:06 +0200
Subject: [PATCH 01/10] Do not handle device as suspended on error.
Consider device is suspended only if dm_status_suspended return code
is true.
This function returned -EEXIST for dm devices with target types unknown
to libcryptsetup (for example dm-cache) and turned off O_DIRECT flag
for devices unexpectedly.
Turned out ignoring direct-io was a problem after all :).
Fixes: 0f51b5bacbf7 (Do not run sector read check on suspended device.)
---
lib/utils_device.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/utils_device.c b/lib/utils_device.c
index 3e2ac4f3..eccaf048 100644
--- a/lib/utils_device.c
+++ b/lib/utils_device.c
@@ -178,7 +178,7 @@ static int device_ready(struct crypt_device *cd, struct device *device)
if (devfd >= 0) {
/* skip check for suspended DM devices */
dm_name = device_dm_name(device);
- if (dm_name && dm_status_suspended(cd, dm_name)) {
+ if (dm_name && dm_status_suspended(cd, dm_name) > 0) {
close(devfd);
devfd = -1;
} else if (device_read_test(devfd) == 0) {
--
2.46.0

78
SOURCES/cryptsetup-2.7.5-Fix-detection-of-direct-io-with-suspended-devices.patch
Unescape View File

@ -1,78 +0,0 @@
From 4cdd022ba42df17b027be7c35c7028d01b54cecc Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Tue, 27 Aug 2024 12:13:54 +0200
Subject: [PATCH 06/10] Fix detection of direct-io with suspended devices.
Currently, direct-io is disabled if underlying device is suspended.
This was an unfortunate change, as it is part of data corruption
problem in online reenryption.
Let's relax the test to assume that suspended device
(suspended => must be a device-mapper device) supports direct-io.
The read test is still needed as some network based devices
misbehaves if opened with direct-io flag.
---
lib/utils_device.c | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/lib/utils_device.c b/lib/utils_device.c
index eccaf048..6b7af6e1 100644
--- a/lib/utils_device.c
+++ b/lib/utils_device.c
@@ -127,11 +127,19 @@ static size_t device_alignment_fd(int devfd)
return (size_t)alignment;
}
-static int device_read_test(int devfd)
+static int device_read_test(struct crypt_device *cd, int devfd, struct device *device)
{
char buffer[512];
int r = -EIO;
size_t minsize = 0, blocksize, alignment;
+ const char *dm_name;
+
+ /* skip check for suspended DM devices */
+ dm_name = device_dm_name(device);
+ if (dm_name && dm_status_suspended(cd, dm_name) > 0) {
+ log_dbg(cd, "Device %s is suspended, assuming direct-io is supported.", dm_name);
+ return 0;
+ }
blocksize = device_block_size_fd(devfd, &minsize);
alignment = device_alignment_fd(devfd);
@@ -148,6 +156,8 @@ static int device_read_test(int devfd)
if (read_blockwise(devfd, blocksize, alignment, buffer, minsize) == (ssize_t)minsize)
r = 0;
+ log_dbg(cd, "Direct-io is supported and works.");
+
crypt_safe_memzero(buffer, sizeof(buffer));
return r;
}
@@ -165,7 +175,6 @@ static int device_ready(struct crypt_device *cd, struct device *device)
int devfd = -1, r = 0;
struct stat st;
size_t tmp_size;
- const char *dm_name;
if (!device)
return -EINVAL;
@@ -176,12 +185,7 @@ static int device_ready(struct crypt_device *cd, struct device *device)
device->o_direct = 0;
devfd = open(device_path(device), O_RDONLY | O_DIRECT);
if (devfd >= 0) {
- /* skip check for suspended DM devices */
- dm_name = device_dm_name(device);
- if (dm_name && dm_status_suspended(cd, dm_name) > 0) {
- close(devfd);
- devfd = -1;
- } else if (device_read_test(devfd) == 0) {
+ if (device_read_test(cd, devfd, device) == 0) {
device->o_direct = 1;
} else {
close(devfd);
--
2.46.0

35
SOURCES/cryptsetup-2.7.5-Harden-online-reencryption-checks-in-initialization-.patch
Unescape View File

@ -1,35 +0,0 @@
From 9991cbc306963c8f03eb6dad82fa6c12f75d3b97 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Mon, 26 Aug 2024 10:44:50 +0200
Subject: [PATCH 07/10] Harden online reencryption checks in initialization
phase.
Verify the data device supports O_DIRECT io flag in
the initialization phase. Online reencryption is not
safe unless we can read and write the data in direct
mode.
---
lib/luks2/luks2_reencrypt.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/lib/luks2/luks2_reencrypt.c b/lib/luks2/luks2_reencrypt.c
index c77de3f6..6519c1e3 100644
--- a/lib/luks2/luks2_reencrypt.c
+++ b/lib/luks2/luks2_reencrypt.c
@@ -3788,6 +3788,13 @@ static int reencrypt_init_by_passphrase(struct crypt_device *cd,
if (flags & CRYPT_REENCRYPT_RECOVERY)
return reencrypt_recovery_by_passphrase(cd, hdr, keyslot_old, keyslot_new, passphrase, passphrase_size);
+ if (name && !device_direct_io(crypt_data_device(cd))) {
+ log_dbg(cd, "Device %s does not support direct I/O.", device_path(crypt_data_device(cd)));
+ /* FIXME: Add more specific error mesage for translation later. */
+ log_err(cd, _("Failed to initialize reencryption device stack."));
+ return -EINVAL;
+ }
+
if (cipher && !crypt_cipher_wrapped_key(cipher, cipher_mode)) {
r = crypt_keyslot_get_key_size(cd, keyslot_new);
if (r < 0)
--
2.46.0

28
SOURCES/cryptsetup-2.7.5-Return-suspended-status-also-for-unknow-target-types.patch
Unescape View File

@ -1,28 +0,0 @@
From aeada055d19cddeda68661dc929a78b2bee35e25 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Thu, 22 Aug 2024 13:41:03 +0200
Subject: [PATCH 1/9] Return suspended status also for unknow target types.
This patch allows dm_status_suspended() to report if device
is suspended or not also for unknown target types from
libcryptsetup perspective (e.g.: dm-cache).
---
lib/libdevmapper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
index b8592ffa..a562a2d7 100644
--- a/lib/libdevmapper.c
+++ b/lib/libdevmapper.c
@@ -1911,7 +1911,7 @@ int dm_status_suspended(struct crypt_device *cd, const char *name)
r = dm_status_dmi(name, &dmi, NULL, NULL);
dm_exit_context();
- if (r < 0)
+ if (r < 0 && r != -EEXIST)
return r;
return dmi.suspended ? 1 : 0;
--
2.46.0

42
SOURCES/cryptsetup-Enable-to-use-Argon2-in-FIPS-with-openssl-backend.patch
Unescape View File

@ -1,42 +0,0 @@
From cfd043f6f0527407c57fb5a2735ee8e22c070cd7 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Wed, 28 Aug 2024 17:06:12 +0200
Subject: [PATCH 09/10] Enable to use Argon2 in FIPS with openssl backend.
This patch is required to read existing LUKS2
keyslots created with Argon2 KDF before the system
got switched in FIPS mode. Creating new keyslots using
Argon2 was already blocked elsewhere and before this patch.
---
lib/crypto_backend/crypto_openssl.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/lib/crypto_backend/crypto_openssl.c b/lib/crypto_backend/crypto_openssl.c
index 9f1be9e0..07c133b0 100644
--- a/lib/crypto_backend/crypto_openssl.c
+++ b/lib/crypto_backend/crypto_openssl.c
@@ -611,13 +611,20 @@ static int openssl_argon2(const char *type, const char *password, size_t passwor
OSSL_PARAM_uint(OSSL_KDF_PARAM_THREADS, &threads),
OSSL_PARAM_uint32(OSSL_KDF_PARAM_ARGON2_LANES, &parallel),
OSSL_PARAM_uint32(OSSL_KDF_PARAM_ARGON2_MEMCOST, &memory),
+ /* to allow fetching blake2 in FIPS mode in later KDF_derive routine */
+ OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_PROPERTIES, "-fips", 0),
OSSL_PARAM_END
};
if (OSSL_get_max_threads(ossl_ctx) == 0)
threads = 1;
- argon2 = EVP_KDF_fetch(ossl_ctx, type, NULL);
+ /*
+ * '-fips' skips fips provider for Argon2 variants implementations.
+ * We need it to be able to read existing keyslots in FIPS mode.
+ * Writing new Argon2 enabled keyslots in FIPS mode is blocked elsewhere.
+ */
+ argon2 = EVP_KDF_fetch(ossl_ctx, type, "-fips");
if (!argon2)
return -EINVAL;
--
2.46.0

37
SOURCES/cryptsetup-Warn-if-Argon2-keyslot-is-unlocked-in-FIPS-mode.patch
Unescape View File

@ -1,37 +0,0 @@
From f903ddcf447474fda1a036584b550d12dd620a73 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Thu, 29 Aug 2024 15:31:08 +0200
Subject: [PATCH 10/10] Warn if Argon2 keyslot is unlocked in FIPS mode.
---
lib/luks2/luks2_keyslot.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/lib/luks2/luks2_keyslot.c b/lib/luks2/luks2_keyslot.c
index bb9d4537..2f979d81 100644
--- a/lib/luks2/luks2_keyslot.c
+++ b/lib/luks2/luks2_keyslot.c
@@ -573,6 +573,7 @@ int LUKS2_keyslot_open(struct crypt_device *cd,
{
struct luks2_hdr *hdr;
int r_prio, r = -EINVAL;
+ struct crypt_pbkdf_type pbkdf;
hdr = crypt_get_hdr(cd, CRYPT_LUKS2);
if (!hdr)
@@ -599,7 +600,11 @@ int LUKS2_keyslot_open(struct crypt_device *cd,
log_err(cd, _("Not enough available memory to open a keyslot."));
else if (r != -EPERM && r != -ENOENT)
log_err(cd, _("Keyslot open failed."));
- }
+ } else if (crypt_fips_mode() && !LUKS2_keyslot_pbkdf(hdr, r, &pbkdf) &&
+ !strncmp(pbkdf.type, "argon2", 6))
+ log_err(cd, "The %s KDF used in keyslot %d is not FIPS compliant.\n"
+ "Please refer to cryptsetup-luksConvertKey(8) man page to switch it to pbkdf2.",
+ pbkdf.type, r);
return r;
}
--
2.46.0

23
SOURCES/cryptsetup-add-system-library-paths.patch
Unescape View File

@ -1,23 +0,0 @@
Index: cryptsetup-2.7.0/configure
===================================================================
--- cryptsetup-2.7.0.orig/configure
+++ cryptsetup-2.7.0/configure
@@ -14161,6 +14161,9 @@ fi
# before this can be enabled.
hardcode_into_libs=yes
+ # Add ABI-specific directories to the system library path.
+ sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib"
+
# Ideally, we could use ldconfig to report *all* directores which are
# searched for libraries, however this is still not possible. Aside from not
# being certain /sbin/ldconfig is available, command
@@ -14169,7 +14172,7 @@ fi
# appending ld.so.conf contents (and includes) to the search path.
if test -f /etc/ld.so.conf; then
lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+ sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec $lt_ld_extra"
fi
# We used to test for /lib/ld.so.1 and disable shared libraries on

718
SPECS/cryptsetup.spec
Unescape View File

@ -1,9 +1,10 @@
Summary: Utility for setting up encrypted disks
Name: cryptsetup
Version: 2.7.2
Release: 3%{?dist}
License: GPLv2+ and LGPLv2+
Version: 2.7.3
Release: 2%{?dist}
License: GPL-2.0-or-later WITH cryptsetup-OpenSSL-exception AND LGPL-2.1-or-later WITH cryptsetup-OpenSSL-exception
URL: https://gitlab.com/cryptsetup/cryptsetup
BuildRequires: autoconf, automake, libtool, gettext-devel,
BuildRequires: openssl-devel, popt-devel, device-mapper-devel
BuildRequires: libuuid-devel, gcc, json-c-devel
BuildRequires: libpwquality-devel, libblkid-devel
@ -14,19 +15,11 @@ Requires: libpwquality >= 1.2.0
Obsoletes: %{name}-reencrypt <= %{version}
Provides: %{name}-reencrypt = %{version}
%global upstream_version %{version}
%global upstream_version %{version_no_tilde}
Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-%{upstream_version}.tar.xz
Patch0001: %{name}-Add-FIPS-related-error-message-in-keyslot-add-code.patch
Patch0002: %{name}-2.7.5-Do-not-handle-device-as-suspended-on-error.patch
Patch0003: %{name}-2.7.5-Return-suspended-status-also-for-unknow-target-types.patch
Patch0004: %{name}-2.7.5-Fix-detection-of-direct-io-with-suspended-devices.patch
Patch0005: %{name}-2.7.5-Harden-online-reencryption-checks-in-initialization-.patch
Patch0006: %{name}-2.7.5-Abort-online-reencryption-for-misconfigured-devices.patch
Patch0007: %{name}-Enable-to-use-Argon2-in-FIPS-with-openssl-backend.patch
Patch0008: %{name}-Warn-if-Argon2-keyslot-is-unlocked-in-FIPS-mode.patch
# Following patch has to applied last
Patch9999: %{name}-add-system-library-paths.patch
Patch9999: %{name}-Add-FIPS-related-error-message-in-keyslot-add-code.patch
%description
The cryptsetup package contains a utility for setting up
@ -67,13 +60,17 @@ disk integrity protection using dm-integrity kernel module.
%autosetup -n cryptsetup-%{upstream_version} -p 1
%build
# force regeneration of manual pages from AsciiDoc
rm -f man/*.8
%configure --enable-fips --enable-pwquality --enable-internal-sse-argon2 --disable-ssh-token --enable-asciidoc --disable-hw-opal --with-plain-hash=ripemd160 --with-plain-cipher=aes --with-plain-mode=cbc-essiv:sha256
./autogen.sh
%configure --enable-fips --enable-pwquality --enable-asciidoc --enable-internal-sse-argon2 --disable-ssh-token
%make_build
%install
%make_install
rm -rf %{buildroot}%{_libdir}/*.la
rm -rf %{buildroot}%{_libdir}/%{name}/*.la
%find_lang cryptsetup
@ -110,97 +107,107 @@ rm -rf %{buildroot}%{_libdir}/*.la
%ghost %attr(700, -, -) %dir /run/cryptsetup
%changelog
* Mon Sep 02 2024 Ondrej Kozina <okozina@redhat.com> - 2.7.2-3
- Specbump for correct target release.
- Resolves: RHEL-39003 RHEL-41238
* Thu Aug 29 2024 Ondrej Kozina <okozina@redhat.com> - 2.7.2-2
- patch: Warn if Argon2 keyslot is unlocked in FIPS mode.
- patch: Enable Argon2 in FIPS with openssl backend.
- patch: Abort online reencryption for misconfigured devices.
- patch: Harden online reencryption checks in initialization phase.
- patch: Fix detection of direct-io with suspended devices.
- patch: Return suspended status also for unknow target types.
- patch: Do not handle device as suspended on error.
- Resolves: RHEL-39003 RHEL-41238
* Thu May 02 2024 Daniel Zatovic <dzatovic@redhat.com> - 2.7.2-1
* Tue Nov 26 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 2.7.3-2
- Rebuilt for MSVSphere 10
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 2.7.3-2
- Bump release for June 2024 mass rebuild
* Tue Jun 18 2024 Daniel Zatovic <dzatovic@redhat.com> - 2.7.3-1
- Update to cryptsetup 2.7.3
- Remove libssh dependency
- Resolves: RHEL-40123
* Mon May 06 2024 Daniel Zatovic <dzatovic@redhat.com> - 2.7.2-2
- Remove SSH token and fix tests
- Resolves: RHEL-33395
* Tue Apr 30 2024 Daniel Zatovic <dzatovic@redhat.com> - 2.7.2-1
- Update to cryptsetup 2.7.2
- Use OpenSLL Argon implementation instead of the built-in one
- Resolves: RHEL-32377
* Fri Jun 30 2023 Daniel Zatovic <dzatovic@redhat.com> - 2.6.0-3
- patch: Disallow use of internal kenrel crypto driver names in "capi"
- patch: Also disallow active devices with internal kernel names
- patch: Fix init_by_name to allow unknown cipher format in dm-crypt
- patch: Fix reencryption to fail properly for unknown cipher
- patch: Fix activation of LUKS2 with capi format cipher and kernel
- Resolves: #2212771
* Wed Dec 14 2022 Daniel Zatovic <dzatovic@redhat.com> - 2.6.0-2
- Fix FIPS related bugs.
- Abort encryption when header and data devices are same.
- Resolves: #2150251 #2148841
* Wed Nov 30 2022 Daniel Zatovic <dzatovic@redhat.com> - 2.6.0-1
- Resolves: RHEL-33395
* Fri Feb 09 2024 Ondrej Kozina <okozina@redhat.com> - 2.7.0-2
- Rebuild for OpenSSL Argon2 implementation (OpenSSL 3.2)
- patch: Do not compile unused internal argon2 implementation
* Wed Jan 24 2024 Ondrej Kozina <okozina@redhat.com> - 2.7.0-1
- Update to cryptsetup 2.7.0.
* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.0~rc1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.0~rc1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Wed Dec 20 2023 Milan Broz <gmazyland@gmail.com> - 2.7.0~rc1-1
- Update to cryptsetup 2.7.0-rc1.
* Wed Nov 29 2023 Ondrej Kozina <okozina@redhat.com> - 2.7.0~rc0-1
- Update to cryptsetup 2.7.0-rc0.
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Thu Jun 15 2023 Yaakov Selkowitz <yselkowi@redhat.com> - 2.6.1-2
- Drop libargon2 dependency in RHEL builds
* Fri Feb 10 2023 Ondrej Kozina <okozina@redhat.com> - 2.6.1-1
- Update to cryptsetup 2.6.1.
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Mon Nov 28 2022 Ondrej Kozina <okozina@redhat.com> - 2.6.0-1
- Update to cryptsetup 2.6.0.
- Resolves: #2003748 #2108404 #1862173
* Wed Aug 10 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-5
- patch: Delegate FIPS mode detection to crypto backend.
- Resolves: #2080516
* Mon Nov 21 2022 Ondrej Kozina <okozina@redhat.com> - 2.6.0~rc0-1
- Update to cryptsetup 2.6.0-rc0.
* Thu Jul 28 2022 Ondrej Kozina <okozina@redhat.com> - 2.5.0-1
- Update to cryptsetup 2.5.0.
* Thu Feb 24 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-4
- patch: Fix broken upstream test.
- Resolves: #2056439
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.5.0~rc1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Feb 23 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-3
- patch: Fix cryptsetup --test-passphrase when device in
reencryption
- Resolves: #2056439
* Thu Jul 14 2022 Ondrej Kozina <okozina@redhat.com> - 2.5.0~rc1-1
- Update to cryptsetup 2.5.0-rc1.
* Thu Feb 17 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-2
- Various FIPS related fixes.
- Resolves: #2051630
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Jan 21 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-1
* Wed Jan 12 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-1
- Update to cryptsetup 2.4.3.
- patch: Fix typo in repair command prompt.
Resolves: #2022309 #2023316 #2032782
* Wed Sep 29 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.1-1
- Update to cryptsetup 2.4.1.
Resolves: #2005035 #2005877
* Thu Nov 18 2021 Milan Broz <gmazyland@gmail.com> - 2.4.2-1
- Update to cryptsetup 2.4.2.
* Thu Aug 19 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.0-1
- Update to cryptsetup 2.4.0.
Resolves: #1869553 #1972722 #1974271 #1975799
* Fri Sep 17 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.1-1
- Update to cryptsetup 2.4.1.
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.6-3
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Sep 14 2021 Sahana Prasad <sahana@redhat.com> - 2.4.0-2
- Rebuilt with OpenSSL 3.0.0
* Thu Jun 17 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.6-2
- Specbump for openssl 3.0
Related: rhbz#1971065
* Wed Aug 18 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.0-1
- Update to cryptsetup 2.4.0.
* Wed Jun 16 2021 Ondrej Kozina <okozina@redhat.com> - 2.3.6-1
- Update to cryptsetup 2.3.6.
- Resolves: #1961291 #1970932
* Fri Jul 30 2021 Milan Broz <gmazyland@gmail.com> - 2.4.0~rc1-1
- Update to cryptsetup 2.4.0-rc1.
* Tue Jun 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.5-5
- Rebuilt for RHEL 9 BETA for openssl 3.0
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.4.0~rc0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Related: rhbz#1971065
* Sat Jul 10 2021 Björn Esser <besser82@fedoraproject.org> - 2.4.0~rc0-2
- Rebuild for versioned symbols in json-c
* Tue Apr 27 2021 Ondrej Kozina <okozina@redhat.com> - 2.3.5-4
- Drop dependency on libargon2
- Resolves: #1936959
* Fri Jul 02 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.0~rc0-1
- Update to cryptsetup 2.4.0-rc0.
- add experimental cryptsetup-ssh token subpackage
- spec file cleanup
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.5-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Fri May 28 2021 Milan Broz <gmazyland@gmail.com> - 2.3.6-1
- Update to cryptsetup 2.3.6.
* Thu Mar 11 2021 Milan Broz <gmazyland@gmail.com> - 2.3.5-1
* Thu Mar 11 2021 Milan Broz <gmazyland@gmail.com> - 2.3.5-2
- Update to cryptsetup 2.3.5.
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-2
@ -209,3 +216,540 @@ Related: rhbz#1971065
* Thu Sep 03 2020 Milan Broz <gmazyland@gmail.com> - 2.3.4-1
- Update to cryptsetup 2.3.4.
- Fix for CVE-2020-14382 (#1874712)
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu May 28 2020 Ondrej Kozina <okozina@redhat.com> - 2.3.3-1
- Update to cryptsetup 2.3.3.
* Thu Apr 30 2020 Milan Broz <gmazyland@gmail.com> - 2.3.2-1
- Update to cryptsetup 2.3.2.
* Tue Apr 21 2020 Björn Esser <besser82@fedoraproject.org> - 2.3.1-4
- Rebuild (json-c)
* Thu Apr 16 2020 Milan Broz <gmazyland@gmail.com> - 2.3.1-3
- Fix broken json-c patch (#1824878).
* Tue Apr 14 2020 Björn Esser <besser82@fedoraproject.org> - 2.3.1-2
- Add support for upcoming json-c 0.14.0
- Use %%make_build, %%make_install and %%autosetup macros
* Thu Mar 12 2020 Ondrej Kozina <okozina@redhat.com> - 2.3.1-1
- Update to cryptsetup 2.3.1.
* Sun Feb 02 2020 Milan Broz <gmazyland@gmail.com> - 2.3.0-1
- Update to cryptsetup 2.3.0.
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.0-0.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Sun Jan 12 2020 Milan Broz <gmazyland@gmail.com> - 2.3.0-0.1
- Update to cryptsetup 2.3.0-rc0.
* Fri Nov 01 2019 Ondrej Kozina <okozina@redhat.com> - 2.2.2-1
- Update to cryptsetup 2.2.2.
* Fri Sep 06 2019 Ondrej Kozina <okozina@redhat.com> - 2.2.1-1
- Update to cryptsetup 2.2.1.
* Thu Aug 15 2019 Milan Broz <gmazyland@gmail.com> - 2.2.0-1
- Update to cryptsetup 2.2.0.
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.2.0-0.3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Fri Jun 14 2019 Ondrej Kozina <okozina@redhat.com> - 2.2.0-0.2
- Update to cryptsetup 2.2.0-rc1.
* Fri May 03 2019 Ondrej Kozina <okozina@redhat.com> - 2.2.0-0.1
- Update to cryptsetup 2.2.0-rc0.
* Thu Apr 04 2019 Kalev Lember <klember@redhat.com> - 2.1.0-3
- Add back python2-cryptsetup and cryptsetup-python3 obsoletes
* Mon Mar 18 2019 Milan Broz <gmazyland@gmail.com> - 2.1.0-2
- Rebuild for new libargon2 soname.
* Fri Feb 08 2019 Ondrej Kozina <okozina@redhat.com> - 2.1.0-1
- Update to cryptsetup 2.1.0.
- Drop python specific bits from spec file (python was removed
from upstream project)
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Tue Jan 22 2019 Ondrej Kozina <okozina@redhat.com> - 2.0.6-2
- Switch default metadata format to LUKS2.
- Resolves: #1668013
* Mon Dec 03 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.6-1
- Update to cryptsetup 2.0.6.
* Mon Oct 29 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.5-1
- Update to cryptsetup 2.0.5.
* Fri Aug 03 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.4-1
- Update to cryptsetup 2.0.4.
- patch: Add Fedora system library paths in configure.
* Tue Jul 17 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.3-6
- Remove libgcrypt dependency from cryptsetup-libs package.
* Tue Jul 17 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.3-5
- Replace sed script with --disable-rpath configure option.
- Switch cryptsetup to openssl crypto backend.
- Spec file cleanup.
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri May 04 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.3-3
- Fix obsolete macro for python3 subpackage.
* Fri May 04 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.3-2
- Add missing 'Obsoletes' macros for python subpackages.
* Fri May 04 2018 Milan Broz <gmazyland@gmail.com> - 2.0.3-1
- Update to cryptsetup 2.0.3.
* Wed Apr 25 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.2-3
- Add conditions for python sub-packages
* Tue Mar 27 2018 Björn Esser <besser82@fedoraproject.org> - 2.0.2-2
- Rebuilt for libjson-c.so.4 (json-c v0.13.1) on fc28
* Wed Mar 07 2018 Milan Broz <gmazyland@gmail.com> - 2.0.2-1
- Update to cryptsetup 2.0.2.
* Tue Mar 06 2018 Björn Esser <besser82@fedoraproject.org> - 2.0.1-3
- Rebuilt for libjson-c.so.4 (json-c v0.13.1)
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Sun Jan 21 2018 Milan Broz <gmazyland@gmail.com> - 2.0.1-1
- Update to cryptsetup 2.0.1.
* Thu Jan 04 2018 Ondrej Kozina <okozina@redhat.com> - 2.0.0-3
- Override locking path to /run/cryptsetup (going to be new default)
- Claim ownership of the locking directory
* Fri Dec 15 2017 Iryna Shcherbina <ishcherb@redhat.com> - 2.0.0-2
- Update Python 2 dependency declarations to new packaging standards
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
* Tue Dec 12 2017 Ondrej Kozina <okozina@redhat.com> - 2.0.0-1
- Update to cryptsetup 2.0.0 (final).
* Sun Dec 10 2017 Björn Esser <besser82@fedoraproject.org> - 2.0.0-0.6
- Rebuilt for libjson-c.so.3
* Mon Nov 20 2017 Milan Broz <gmazyland@gmail.com> - 2.0.0-0.5
- Link to system libargon2 instead of using bundled code.
* Thu Nov 09 2017 Ondrej Kozina <okozina@redhat.com> - 2.0.0-0.4
- Drop the legacy library.
* Wed Nov 08 2017 Ondrej Kozina <okozina@redhat.com> - 2.0.0-0.3
- Temporary build providing legacy library.
* Tue Nov 07 2017 Ondrej Kozina <okozina@redhat.com> - 2.0.0-0.2
- Update to cryptsetup 2.0.0-rc1 (with libcryptsetup soname bump).
- Added integritysetup subpackage.
* Sun Aug 20 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.7.5-5
- Add Provides for the old name without %%_isa
* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 1.7.5-4
- Python 2 binary package renamed to python2-cryptsetup
See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Thu Apr 27 2017 Milan Broz <gmazyland@gmail.com> - 1.7.5-1
- Update to cryptsetup 1.7.5.
* Wed Mar 15 2017 Milan Broz <gmazyland@gmail.com> - 1.7.4-1
- Update to cryptsetup 1.7.4.
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Dec 19 2016 Miro Hrončok <mhroncok@redhat.com> - 1.7.3-2
- Rebuild for Python 3.6
* Sun Oct 30 2016 Milan Broz <gmazyland@gmail.com> - 1.7.3-1
- Update to cryptsetup 1.7.3.
* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.2-3
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
* Mon Jun 13 2016 Milan Broz <gmazyland@gmail.com> - 1.7.2-2
- Rebuilt for compatible symbol changes in glibc.
* Sat Jun 04 2016 Milan Broz <gmazyland@gmail.com> - 1.7.2-1
- Update to cryptsetup 1.7.2.
* Sun Feb 28 2016 Milan Broz <gmazyland@gmail.com> - 1.7.1-1
- Update to cryptsetup 1.7.1.
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.7.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Tue Nov 10 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.7.0-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5
* Tue Nov 03 2015 Milan Broz <gmazyland@gmail.com> - 1.7.0-1
- Update to cryptsetup 1.7.0.
- Switch to sha256 as default hash.
- Increase default PBKDF2 iteration time to 2 seconds.
* Tue Sep 08 2015 Milan Broz <gmazyland@gmail.com> - 1.6.8-2
- Update to cryptsetup 1.6.8.
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Mon Mar 23 2015 Milan Broz <gmazyland@gmail.com> - 1.6.7-1
- Update to cryptsetup 1.6.7.
- Remove no longer needed fipscheck library dependence.
- Change URL to new homepage.
* Sat Aug 16 2014 Milan Broz <gmazyland@gmail.com> - 1.6.6-1
- Update to cryptsetup 1.6.6.
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jul 11 2014 Tom Callaway <spot@fedoraproject.org> - 1.6.5-2
- fix license handling
* Sun Jun 29 2014 Milan Broz <gmazyland@gmail.com> - 1.6.5-1
- Update to cryptsetup 1.6.5.
- Add cryptsetup-python3 subpackage.
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.4-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Sun Mar 02 2014 Milan Broz <gmazyland@gmail.com> - 1.6.4-2
- Require libgcrypt 1.6.1 (with fixed PBKDF2 and Whirlpool hash).
* Thu Feb 27 2014 Milan Broz <gmazyland@gmail.com> - 1.6.4-1
- Update to cryptsetup 1.6.4.
* Tue Jan 07 2014 Ondrej Kozina <okozina@redhat.com> - 1.6.3-2
- remove useless hmac checksum
* Fri Dec 13 2013 Milan Broz <gmazyland@gmail.com> - 1.6.3-1
- Update to cryptsetup 1.6.3.
* Sun Aug 04 2013 Milan Broz <gmazyland@gmail.com> - 1.6.2-1
- Update to cryptsetup 1.6.2.
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Mar 31 2013 Milan Broz <gmazyland@gmail.com> - 1.6.1-1
- Update to cryptsetup 1.6.1.
- Install ReleaseNotes files instead of empty Changelog file.
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
* Mon Jan 14 2013 Milan Broz <mbroz@redhat.com> - 1.6.0-1
- Update to cryptsetup 1.6.0.
- Change default LUKS encryption mode to aes-xts-plain64 (AES128).
- Force use of gcrypt PBKDF2 instead of internal implementation.
* Sat Dec 29 2012 Milan Broz <mbroz@redhat.com> - 1.6.0-0.1
- Update to cryptsetup 1.6.0-rc1.
- Relax license to GPLv2+ according to new release.
- Compile cryptsetup with libpwquality support.
* Tue Oct 16 2012 Milan Broz <mbroz@redhat.com> - 1.5.1-1
- Update to cryptsetup 1.5.1.
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Jul 10 2012 Milan Broz <mbroz@redhat.com> - 1.5.0-1
- Update to cryptsetup 1.5.0.
* Wed Jun 20 2012 Milan Broz <mbroz@redhat.com> - 1.5.0-0.2
- Update to cryptsetup 1.5.0-rc2.
- Add cryptsetup-reencrypt subpackage.
* Mon Jun 11 2012 Milan Broz <mbroz@redhat.com> - 1.5.0-0.1
- Update to cryptsetup 1.5.0-rc1.
- Add veritysetup subpackage.
- Move localization files to libs subpackage.
* Thu May 31 2012 Milan Broz <mbroz@redhat.com> - 1.4.3-2
- Build with fipscheck (verification in fips mode).
- Clean up spec file, use install to /usr.
* Thu May 31 2012 Milan Broz <mbroz@redhat.com> - 1.4.3-1
- Update to cryptsetup 1.4.3.
* Thu Apr 12 2012 Milan Broz <mbroz@redhat.com> - 1.4.2-1
- Update to cryptsetup 1.4.2.
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.4.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Nov 09 2011 Milan Broz <mbroz@redhat.com> - 1.4.1-1
- Update to cryptsetup 1.4.1.
- Add Python cryptsetup bindings.
- Obsolete separate python-cryptsetup package.
* Wed Oct 26 2011 Milan Broz <mbroz@redhat.com> - 1.4.0-1
- Update to cryptsetup 1.4.0.
* Mon Oct 10 2011 Milan Broz <mbroz@redhat.com> - 1.4.0-0.1
- Update to cryptsetup 1.4.0-rc1.
- Rename package back from cryptsetup-luks to cryptsetup.
* Wed Jun 22 2011 Milan Broz <mbroz@redhat.com> - 1.3.1-2
- Fix return code for status command when device doesn't exist.
* Tue May 24 2011 Milan Broz <mbroz@redhat.com> - 1.3.1-1
- Update to cryptsetup 1.3.1.
* Tue Apr 05 2011 Milan Broz <mbroz@redhat.com> - 1.3.0-1
- Update to cryptsetup 1.3.0.
* Tue Mar 22 2011 Milan Broz <mbroz@redhat.com> - 1.3.0-0.2
- Update to cryptsetup 1.3.0-rc2
* Mon Mar 14 2011 Milan Broz <mbroz@redhat.com> - 1.3.0-0.1
- Update to cryptsetup 1.3.0-rc1
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Mon Dec 20 2010 Milan Broz <mbroz@redhat.com> - 1.2.0-1
- Update to cryptsetup 1.2.0
* Thu Nov 25 2010 Milan Broz <mbroz@redhat.com> - 1.2.0-0.2
- Fix crypt_activate_by_keyfile() to work with PLAIN devices.
* Tue Nov 16 2010 Milan Broz <mbroz@redhat.com> - 1.2.0-0.1
- Add FAQ to documentation.
- Update to cryptsetup 1.2.0-rc1
* Sat Jul 03 2010 Milan Broz <mbroz@redhat.com> - 1.1.3-1
- Update to cryptsetup 1.1.3
* Mon Jun 07 2010 Milan Broz <mbroz@redhat.com> - 1.1.2-2
- Fix alignment ioctl use.
- Fix API activation calls to handle NULL device name.
* Sun May 30 2010 Milan Broz <mbroz@redhat.com> - 1.1.2-1
- Update to cryptsetup 1.1.2
- Fix luksOpen handling of new line char on stdin.
* Sun May 23 2010 Milan Broz <mbroz@redhat.com> - 1.1.1-1
- Update to cryptsetup 1.1.1
- Fix luksClose for stacked LUKS/LVM devices.
* Mon May 03 2010 Milan Broz <mbroz@redhat.com> - 1.1.1-0.2
- Update to cryptsetup 1.1.1-rc2.
* Sat May 01 2010 Milan Broz <mbroz@redhat.com> - 1.1.1-0.1
- Update to cryptsetup 1.1.1-rc1.
* Sun Jan 17 2010 Milan Broz <mbroz@redhat.com> - 1.1.0-1
- Update to cryptsetup 1.1.0.
* Fri Jan 15 2010 Milan Broz <mbroz@redhat.com> - 1.1.0-0.6
- Fix gcrypt initialisation.
- Fix backward compatibility for hash algorithm (uppercase).
* Wed Dec 30 2009 Milan Broz <mbroz@redhat.com> - 1.1.0-0.5
- Update to cryptsetup 1.1.0-rc4
* Mon Nov 16 2009 Milan Broz <mbroz@redhat.com> - 1.1.0-0.4
- Update to cryptsetup 1.1.0-rc3
* Thu Oct 01 2009 Milan Broz <mbroz@redhat.com> - 1.1.0-0.3
- Update to cryptsetup 1.1.0-rc2
- Fix libcryptsetup to properly export only versioned symbols.
* Tue Sep 29 2009 Milan Broz <mbroz@redhat.com> - 1.1.0-0.2
- Update to cryptsetup 1.1.0-rc1
- Add luksHeaderBackup and luksHeaderRestore commands.
* Fri Sep 11 2009 Milan Broz <mbroz@redhat.com> - 1.1.0-0.1
- Update to new upstream testing version with new API interface.
- Add luksSuspend and luksResume commands.
- Introduce pkgconfig.
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Jul 22 2009 Milan Broz <mbroz@redhat.com> - 1.0.7-1
- Update to upstream final release.
- Split libs subpackage.
- Remove rpath setting from cryptsetup binary.
* Wed Jul 15 2009 Till Maas <opensource@till.name> - 1.0.7-0.2
- update BR because of libuuid splitout from e2fsprogs
* Mon Jun 22 2009 Milan Broz <mbroz@redhat.com> - 1.0.7-0.1
- Update to new upstream 1.0.7-rc1.
- Wipe old fs headers to not confuse blkid (#468062)
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.6-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Thu Oct 30 2008 Milan Broz <mbroz@redhat.com> - 1.0.6-6
- Wipe old fs headers to not confuse blkid (#468062)
* Tue Sep 23 2008 Milan Broz <mbroz@redhat.com> - 1.0.6-5
- Change new project home page.
- Print more descriptive messages for initialization errors.
- Refresh patches to versions commited upstream.
* Sat Sep 06 2008 Milan Broz <mbroz@redhat.com> - 1.0.6-4
- Fix close of zero decriptor.
- Fix udevsettle delays - use temporary crypt device remapping.
* Wed May 28 2008 Till Maas <opensource till name> - 1.0.6-3
- remove a duplicate sentence from the manpage (RH #448705)
- add patch metadata about upstream status
* Tue Apr 15 2008 Bill Nottinghm <notting@redhat.com> - 1.0.6-2
- Add the device to the luksOpen prompt (#433406)
- Use iconv, not recode (#442574)
* Thu Mar 13 2008 Till Maas <opensource till name> - 1.0.6-1
- Update to latest version
- remove patches that have been merged upstream
* Mon Mar 03 2008 Till Maas <opensource till name> - 1.0.6-0.1.pre2
- Update to new version with several bugfixes
- remove patches that have been merged upstream
- add patch from cryptsetup newsgroup
- fix typo / missing luksRemoveKey in manpage (patch)
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.0.5-9
- Autorebuild for GCC 4.3
* Sat Jan 19 2008 Peter Jones <pjones@redhat.com> - 1.0.5-8
- Rebuild for broken deps.
* Thu Aug 30 2007 Till Maas <opensource till name> - 1.0.5-7
- update URL
- update license tag
- recode ChangeLog from latin1 to uf8
- add smp_mflags to make
* Fri Aug 24 2007 Till Maas <opensource till name> - 1.0.5-6
- cleanup BuildRequires:
- removed versions, packages in Fedora are new enough
- changed popt to popt-devel
* Thu Aug 23 2007 Till Maas <opensource till name> - 1.0.5-5
- fix devel subpackage requires
- remove empty NEWS README
- remove uneeded INSTALL
- remove uneeded ldconfig requires
- add readonly detection patch
* Wed Aug 08 2007 Till Maas <opensource till name> - 1.0.5-4
- disable patch2, libsepol is now detected by configure
- move libcryptsetup.so to %%{_libdir} instead of /%%{_lib}
* Fri Jul 27 2007 Till Maas <opensource till name> - 1.0.5-3
- Use /%%{_lib} instead of /lib to use /lib64 on 64bit archs
* Thu Jul 26 2007 Till Maas <opensource till name> - 1.0.5-2
- Use /lib as libdir (#243228)
- sync header and library (#215349)
- do not use %%makeinstall (recommended by PackageGuidelines)
- select sbindir with %%configure instead with make
- add TODO
* Wed Jun 13 2007 Jeremy Katz <katzj@redhat.com> - 1.0.5-1
- update to 1.0.5
* Mon Jun 04 2007 Peter Jones <pjones@redhat.com> - 1.0.3-5
- Don't build static any more.
* Mon Feb 05 2007 Alasdair Kergon <agk@redhat.com> - 1.0.3-4
- Add build dependency on new device-mapper-devel package.
- Add preun and post ldconfig requirements.
- Update BuildRoot.
* Wed Nov 1 2006 Peter Jones <pjones@redhat.com> - 1.0.3-3
- Require newer libselinux (#213414)
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.0.3-2.1
- rebuild
* Wed Jun 7 2006 Jeremy Katz <katzj@redhat.com> - 1.0.3-2
- put shared libs in the right subpackages
* Fri Apr 7 2006 Bill Nottingham <notting@redhat.com> 1.0.3-1
- update to final 1.0.3
* Mon Feb 27 2006 Bill Nottingham <notting@redhat.com> 1.0.3-0.rc2
- update to 1.0.3rc2, fixes bug with HAL & encrypted devices (#182658)
* Wed Feb 22 2006 Bill Nottingham <notting@redhat.com> 1.0.3-0.rc1
- update to 1.0.3rc1, reverts changes to default encryption type
* Tue Feb 21 2006 Bill Nottingham <notting@redhat.com> 1.0.2-1
- update to 1.0.2, fix incompatiblity with old cryptsetup (#176726)
* Mon Feb 20 2006 Karsten Hopp <karsten@redhat.de> 1.0.1-5
- BuildRequires: libselinux-devel
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.0.1-4.2.1
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.0.1-4.2
- rebuilt for new gcc4.1 snapshot and glibc changes
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Mon Dec 5 2005 Bill Nottingham <notting@redhat.com> 1.0.1-4
- rebuild against new libdevmapper
* Thu Oct 13 2005 Florian La Roche <laroche@redhat.com>
- add -lsepol to rebuild on current fc5
* Mon Aug 22 2005 Karel Zak <kzak@redhat.com> 1.0.1-2
- fix cryptsetup help for isLuks action
* Fri Jul 1 2005 Bill Nottingham <notting@redhat.com> 1.0.1-1
- update to 1.0.1 - fixes incompatiblity with previous cryptsetup for
piped passwords
* Thu Jun 16 2005 Bill Nottingham <notting@redhat.com> 1.0-2
- add patch for 32/64 bit compatibility (#160445, <redhat@paukstadt.de>)
* Tue Mar 29 2005 Bill Nottingham <notting@redhat.com> 1.0-1
- update to 1.0
* Thu Mar 10 2005 Bill Nottingham <notting@redhat.com> 0.993-1
- switch to cryptsetup-luks, for LUKS support
* Tue Oct 12 2004 Bill Nottingham <notting@redhat.com> 0.1-4
- oops, make that *everything* static (#129926)
* Tue Aug 31 2004 Bill Nottingham <notting@redhat.com> 0.1-3
- link some things static, move to /sbin (#129926)
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Fri Apr 16 2004 Bill Nottingham <notting@redhat.com> 0.1-1
- initial packaging

Write Preview
Loading…
Cancel
Save