| 2017-09-04 17:53:37 |
Marcelo Cerri |
bug |
|
|
added bug |
| 2017-09-04 17:53:46 |
Marcelo Cerri |
nominated for series |
|
Ubuntu Xenial |
|
| 2017-09-04 17:53:51 |
Marcelo Cerri |
cryptsetup (Ubuntu): importance |
Undecided |
Medium |
|
| 2017-09-05 12:39:37 |
Andy Whitcroft |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2017-09-06 10:04:28 |
Łukasz Zemczak |
bug task added |
|
cryptsetup (Ubuntu Xenial) |
|
| 2017-09-06 10:04:33 |
Łukasz Zemczak |
cryptsetup (Ubuntu): status |
In Progress |
Fix Committed |
|
| 2017-09-06 10:06:38 |
Łukasz Zemczak |
cryptsetup (Ubuntu Xenial): status |
New |
Fix Committed |
|
| 2017-09-06 10:06:40 |
Łukasz Zemczak |
bug |
|
|
added subscriber SRU Verification |
| 2017-09-06 10:06:42 |
Łukasz Zemczak |
tags |
|
verification-needed verification-needed-xenial |
|
| 2017-09-07 16:51:07 |
Brian Murray |
tags |
verification-needed verification-needed-xenial |
verification-done-xenial verification-needed |
|
| 2017-09-07 16:52:33 |
Brian Murray |
description |
SRU Justification:
Impact: The kernel crypto API rejects weak XTS keys in FIPS mode and the current version of cryptsetup in xenial do some tests with a zeroed key to check cipher availability in the kernel. These two behaviors combined make impossible to use disk encryption with XTS while using a kernel in FIPS mode.
Fix: apply the following fix to cryptsetup:
https://gitlab.com/cryptsetup/cryptsetup/commit/3c2135b36bbc52d052e4ced7c94dc4981eb07a53
Testcase: Try to setup disk encryption with XTS while the kernel is in FIPS mode. |
SRU Justification:
Impact: The kernel crypto API rejects weak XTS keys in FIPS mode and the current version of cryptsetup in xenial do some tests with a zeroed key to check cipher availability in the kernel. These two behaviors combined make impossible to use disk encryption with XTS while using a kernel in FIPS mode.
Fix: apply the following fix to cryptsetup:
https://gitlab.com/cryptsetup/cryptsetup/commit/3c2135b36bbc52d052e4ced7c94dc4981eb07a53
Testcase: Try to setup disk encryption with XTS while the kernel is in FIPS mode.
N.B.: This is not yet fixed in artful so cannot be released. |
|
| 2017-09-14 16:58:19 |
Brian Murray |
cryptsetup (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2017-09-14 16:58:31 |
Brian Murray |
nominated for series |
|
Ubuntu Zesty |
|
| 2017-09-14 16:58:31 |
Brian Murray |
bug task added |
|
cryptsetup (Ubuntu Zesty) |
|
| 2017-09-14 16:58:43 |
Brian Murray |
cryptsetup (Ubuntu Zesty): status |
New |
Triaged |
|
| 2017-09-14 16:58:48 |
Brian Murray |
cryptsetup (Ubuntu Zesty): importance |
Undecided |
Medium |
|
| 2017-09-14 16:59:30 |
Launchpad Janitor |
cryptsetup (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
| 2017-09-14 16:59:34 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
