[18.04 FEAT] Upgrade cryptsetup >= 2.0

Bug #1724592 reported by bugproxy
16
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Fix Released
High
Unassigned
cryptsetup (Ubuntu)
Fix Released
High
Skipper Bug Screeners

Bug Description

Cryptsetup is utility used to conveniently setup disk encryption based
on DMCrypt kernel module.

These include plain dm-crypt volumes, LUKS volumes, loop-AES
and TrueCrypt (including VeraCrypt extension) format.

Project also includes veritysetup utility used to conveniently setup
DMVerity block integrity checking kernel module
and, since version 2.0, integritysetup to setup
DMIntegrity block integrity kernel module.

Finalizing dm-crypt functionallity on top of kernel 4.12
documented within

 https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1700957

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-160296 severity-high targetmilestone-inin1804
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → cryptsetup (Ubuntu)
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2017-10-18 11:13 EDT-------
Currently no final version available. Bug will be updated once functionality is included.

Steve Langasek (vorlon)
Changed in cryptsetup (Ubuntu):
status: New → Incomplete
Frank Heimes (fheimes)
no longer affects: cryptsetup
Changed in ubuntu-z-systems:
status: New → Incomplete
Changed in cryptsetup (Ubuntu):
status: Incomplete → Triaged
importance: Undecided → Critical
Changed in ubuntu-z-systems:
status: Incomplete → Triaged
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
importance: Undecided → Critical
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2017-12-18 06:38 EDT-------
New version 2.0 now available: https://gitlab.com/cryptsetup/cryptsetup

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

To be merged from debian git and/or debian experimental. v2.0.0 is now packaged there.

Changed in cryptsetup (Ubuntu):
status: Triaged → In Progress
importance: Critical → High
Changed in ubuntu-z-systems:
status: Triaged → In Progress
importance: Critical → High
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Cryptsetup is in bionic-proposed, but before it migrates and this ticket is resolved, test regressions need to be fixed.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :
Download full text (5.2 KiB)

Migrated on the 24th of February:

cryptsetup (2:2.0.1-0ubuntu1) bionic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - debian/control:
      + Depend on plymouth.
      + Invert the "busybox | busybox-static" Recommends, as the latter
        is the one we ship in main as part of the ubuntu-standard task.
      + Drop explicit libgcrypt20 dependency from libcryptsetup4.
    - Drop _BSD_SOURCE in favor of _DEFAULT_SOURCE
    - Drop c99 std, as the default is now higher than that
    - Drop upstart system jobs.
    - Add maintscript to drop removed upstart system jobs.
      - debian has its own now, but we have different version numbers
  * New upstream release
  * Cherry-pick Guilhem Moulin's changes below from Debian git

  [ Guilhem Moulin ]
   * New upstream release 2.0.1:
     - Use /run/cryptsetup as default for cryptsetup locking dir.
     - Add missing symbols for new functions to debian/libcryptsetup12.symbols.
  * debian/copyright: update copyright years.
  * debian/patches: backport upstream's 8728ba08 to fix opening of loop-AES
    devices using --key-file=-. (Closes: #888162.)

cryptsetup (2:2.0.0-1) unstable; urgency=low

  [ Guilhem Moulin ]
  * cryptsetup-bin: Install /usr/lib/tmpfiles.d/cryptsetup.conf to create the
    LUKS2 locking directory /run/lock/cryptsetup. For sysVinit, this is taken
    care of by the cryptdisks-early init file.
  * Remove debian/patches/Use-system-libargon2.patch (applied upstream).
  * debian/README.{source,gbp.conf}: Upgrade to latest upstream conventions.
  * debian/control: Bump Standards-Version to 4.1.3 (remove verbatim copy of
    CC0-1.0 license from debian/copyright).
  * debian/rules: Fix symlink target of libcryptsetup.so in libcryptsetup-dev
    package. Thanks to Alan Fung for the report and patch. (Closes: #885435.)
  * debian/initramfs/cryptroot-{hook,script}: Add support for 'skip' and
    'offset' crypttab(5) options in the initramfs script. Thanks to Pascal
    Liehne for the report and patch. (Closes: #872342.)

  [ Jonas Meurer ]
  * debian/initramfs/cryptopensc-*: Install required libs and config files for
    pcscd and use correct path to pcscd. Thanks to Martijn van de Streek for
    bugreport and patch. (Closes: #880750)

cryptsetup (2:2.0.0~rc1-1) experimental; urgency=low

  * debian/rules: Compile with --enable-libargon2 to use system libargon2
    instead of bundled version.
  * debian/control: Bump Standards-Version to 4.1.1 (no changes necessary).
  * debian/copyright: Update licensing information.

cryptsetup (2:2.0.0~rc0-1) experimental; urgency=low

  * New upstream release 2.0.0 RC0 (closes: #877566). Highlights include:
    - Support for new on-disk LUKS2 format, offering authenticated disk
      encrption (EXPERIMENTAL), memory-hard PBKDF (argon2), kernel keyring for
      storage of key material, and more.
    - New CLI `integritysetup` which can setup standalone dm-integrity devices.
    - soname bump of libcryptsetup library.
  * Rename library package from libcryptsetup4 to libcryptsetup12.
  * Also remove deprecated upstart configuration files on upgrade and purge.
    (Closes: #883677)
  * debian/control: Bump Standards-Ver...

Read more...

Changed in cryptsetup (Ubuntu):
status: In Progress → Fix Released
Changed in ubuntu-z-systems:
status: In Progress → Fix Released
Revision history for this message
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2018-02-26 09:09 EDT-------
IBM Bugzilla status -> closed, Fix Released with bionic

Frank Heimes (fheimes)
information type: Private → Public
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.