From 435fbf74bfdf383db1238633326be558ef2d3ff2 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 17 Apr 2024 10:38:45 +0200 Subject: Merging upstream version 2:2.7.2. Signed-off-by: Daniel Baumann --- docs/v2.7.2-ReleaseNotes | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 docs/v2.7.2-ReleaseNotes (limited to 'docs') diff --git a/docs/v2.7.2-ReleaseNotes b/docs/v2.7.2-ReleaseNotes new file mode 100644 index 0000000..1d68353 --- /dev/null +++ b/docs/v2.7.2-ReleaseNotes @@ -0,0 +1,31 @@ +Cryptsetup 2.7.2 Release Notes +============================== +Stable bug-fix release. + +All users of cryptsetup 2.7 should upgrade to this version. + +Changes since version 2.7.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ +* Fix activation of OPAL-only encrypted LUKS device with tokens. + The issue was caused by an invalid volume key check (assert) + that is impossible without software encryption. + +* Fix formatting of OPAL devices with 4096-byte sector size. + +* Fix incorrect OPAL locking range alignment calculation if used + over an unaligned device partition. + +* Add --hw-opal-factory-reset option description to the manual page. + +* Do not check the passphrase quality for OPAL Admin PIN, + as this passphrase already exists. + +* Update license for FAQ document to CC BY-SA 4.0. + +NOTE: Please note that with OPAL-only (--hw-opal-only) encryption, +the configured OPAL administrator PIN (passphrase) allows unlocking +all configured locking ranges without LUKS keyslot decryption +(without knowledge of LUKS passphrase). +Because of many observed problems with compatibility, cryptsetup +currently DOES NOT use OPAL single-user mode, which would allow such +decoupling of OPAL admin PIN access. -- cgit v1.2.3