diff options
Diffstat (limited to '')
-rw-r--r-- | docs/v2.4.2-ReleaseNotes | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/docs/v2.4.2-ReleaseNotes b/docs/v2.4.2-ReleaseNotes new file mode 100644 index 0000000..3c40011 --- /dev/null +++ b/docs/v2.4.2-ReleaseNotes @@ -0,0 +1,37 @@ +Cryptsetup 2.4.2 Release Notes +============================== +Stable bug-fix release. + +All users of cryptsetup 2.4.1 should upgrade to this version. + +Changes since version 2.4.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +* Fix possible large memory allocation if LUKS2 header size is invalid. + LUKS2 code read the full header to buffer to verify the checksum. + The maximal supported header size now limits the memory allocation. + +* Fix memory corruption in debug message printing LUKS2 checksum. + +* veritysetup: remove link to the UUID library for the static build. + +* Remove link to pwquality library for integritysetup and veritysetup. + These tools do not read passphrases. + +* OpenSSL3 backend: avoid remaining deprecated calls in API. + Crypto backend no longer use API deprecated in OpenSSL 3.0 + + +* Check if kernel device-mapper create device failed in an early phase. + This happens when a concurrent creation of device-mapper devices + meets in the very early state. + +* Do not set compiler optimization flag for Argon2 KDF if the memory + wipe is implemented in libc. + +* Do not attempt to unload LUKS2 tokens if external tokens are disabled. + This allows building a static binary with --disable-external-tokens. + +* LUKS convert: also check sysfs for device activity. + If udev symlink is missing, code fallbacks to sysfs scan to prevent + data corruption for the active device. |