31 lines
1.1 KiB
Text
31 lines
1.1 KiB
Text
Cryptsetup 2.7.2 Release Notes
|
|
==============================
|
|
Stable bug-fix release.
|
|
|
|
All users of cryptsetup 2.7 should upgrade to this version.
|
|
|
|
Changes since version 2.7.1
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
* Fix activation of OPAL-only encrypted LUKS device with tokens.
|
|
The issue was caused by an invalid volume key check (assert)
|
|
that is impossible without software encryption.
|
|
|
|
* Fix formatting of OPAL devices with 4096-byte sector size.
|
|
|
|
* Fix incorrect OPAL locking range alignment calculation if used
|
|
over an unaligned device partition.
|
|
|
|
* Add --hw-opal-factory-reset option description to the manual page.
|
|
|
|
* Do not check the passphrase quality for OPAL Admin PIN,
|
|
as this passphrase already exists.
|
|
|
|
* Update license for FAQ document to CC BY-SA 4.0.
|
|
|
|
NOTE: Please note that with OPAL-only (--hw-opal-only) encryption,
|
|
the configured OPAL administrator PIN (passphrase) allows unlocking
|
|
all configured locking ranges without LUKS keyslot decryption
|
|
(without knowledge of LUKS passphrase).
|
|
Because of many observed problems with compatibility, cryptsetup
|
|
currently DOES NOT use OPAL single-user mode, which would allow such
|
|
decoupling of OPAL admin PIN access.
|