diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 08:06:26 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-17 08:06:26 +0000 |
commit | 1660d4b7a65d9ad2ce0deaa19d35579ca4084ac5 (patch) | |
tree | 6cf8220b628ebd2ccfc1375dd6516c6996e9abcc /docs/v2.3.1-ReleaseNotes | |
parent | Initial commit. (diff) | |
download | cryptsetup-upstream.tar.xz cryptsetup-upstream.zip |
Adding upstream version 2:2.6.1.upstream/2%2.6.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'docs/v2.3.1-ReleaseNotes')
-rw-r--r-- | docs/v2.3.1-ReleaseNotes | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/docs/v2.3.1-ReleaseNotes b/docs/v2.3.1-ReleaseNotes new file mode 100644 index 0000000..1c1d365 --- /dev/null +++ b/docs/v2.3.1-ReleaseNotes @@ -0,0 +1,45 @@ +Cryptsetup 2.3.1 Release Notes +============================== +Stable bug-fix release. + +All users of cryptsetup 2.x should upgrade to this version. + +Changes since version 2.3.0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +* Support VeraCrypt 128 bytes passwords. + VeraCrypt now allows passwords of maximal length 128 bytes + (compared to legacy TrueCrypt where it was limited by 64 bytes). + +* Strip extra newline from BitLocker recovery keys + There might be a trailing newline added by the text editor when + the recovery passphrase was passed using the --key-file option. + +* Detect separate libiconv library. + It should fix compilation issues on distributions with iconv + implemented in a separate library. + +* Various fixes and workarounds to build on old Linux distributions. + +* Split lines with hexadecimal digest printing for large key-sizes. + +* Do not wipe the device with no integrity profile. + With --integrity none we performed useless full device wipe. + +* Workaround for dm-integrity kernel table bug. + Some kernels show an invalid dm-integrity mapping table + if superblock contains the "recalculate" bit. This causes + integritysetup to not recognize the dm-integrity device. + Integritysetup now specifies kernel options such a way that + even on unpatched kernels mapping table is correct. + +* Print error message if LUKS1 keyslot cannot be processed. + If the crypto backend is missing support for hash algorithms + used in PBKDF2, the error message was not visible. + +* Properly align LUKS2 keyslots area on conversion. + If the LUKS1 payload offset (data offset) is not aligned + to 4 KiB boundary, new LUKS2 keyslots area in now aligned properly. + +* Validate LUKS2 earlier on conversion to not corrupt the device + if binary keyslots areas metadata are not correct. |