summaryrefslogtreecommitdiffstats
path: root/docs/v2.4.2-ReleaseNotes
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--docs/v2.4.2-ReleaseNotes37
1 files changed, 37 insertions, 0 deletions
diff --git a/docs/v2.4.2-ReleaseNotes b/docs/v2.4.2-ReleaseNotes
new file mode 100644
index 0000000..3c40011
--- /dev/null
+++ b/docs/v2.4.2-ReleaseNotes
@@ -0,0 +1,37 @@
+Cryptsetup 2.4.2 Release Notes
+==============================
+Stable bug-fix release.
+
+All users of cryptsetup 2.4.1 should upgrade to this version.
+
+Changes since version 2.4.1
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+* Fix possible large memory allocation if LUKS2 header size is invalid.
+ LUKS2 code read the full header to buffer to verify the checksum.
+ The maximal supported header size now limits the memory allocation.
+
+* Fix memory corruption in debug message printing LUKS2 checksum.
+
+* veritysetup: remove link to the UUID library for the static build.
+
+* Remove link to pwquality library for integritysetup and veritysetup.
+ These tools do not read passphrases.
+
+* OpenSSL3 backend: avoid remaining deprecated calls in API.
+ Crypto backend no longer use API deprecated in OpenSSL 3.0
+
+
+* Check if kernel device-mapper create device failed in an early phase.
+ This happens when a concurrent creation of device-mapper devices
+ meets in the very early state.
+
+* Do not set compiler optimization flag for Argon2 KDF if the memory
+ wipe is implemented in libc.
+
+* Do not attempt to unload LUKS2 tokens if external tokens are disabled.
+ This allows building a static binary with --disable-external-tokens.
+
+* LUKS convert: also check sysfs for device activity.
+ If udev symlink is missing, code fallbacks to sysfs scan to prevent
+ data corruption for the active device.