eCryptfs 105
Milestone information
- Project:
- eCryptfs
- Series:
- trunk
- Version:
- 105
- Released:
- Registrant:
- Dustin Kirkland
- Release registered:
- Active:
- Yes. Drivers can target bugs and blueprints to this milestone.
Activities
- Assigned to you:
- No blueprints or bugs assigned to you.
- Assignees:
- No users assigned to blueprints and bugs.
- Blueprints:
- No blueprints are targeted to this milestone.
- Bugs:
- No bugs are targeted to this milestone.
Download files for this release
Release notes
ecryptfs-utils (105-0ubuntu1) vivid; urgency=low
[ Dustin Kirkland ]
* doc/manpage/
- fix inconsistency in man page for passphrase_
* doc/manpage/
private, src/utils/
- use /dev/random rather than /dev/urandom for long lived keys
* src/utils/
- use /dev/urandom for our testing, as we read a lot of info
* src/utils/
- fix a whitespace bug in a grep, that might cause us to not
comment out the old swap space in /etc/fstab
- offset the start of the encrypted swap space by 1KB, which
ensures that we don't overwrite the UUID label on the header
of the partition
- use the aes-xts block cipher, and plain64 initialization vector,
which are current best practice here
- fixed a grammar nitpick
[ Colin King ]
* src/libecryptfs
- A couple of minor fixes: Fix a memory leak and handle out of memory
error, as found by using cppcheck.
* src/utils/
- fix potential double free on yesno if get_string_stdin exits early
without allocating a new buffer and we free yesno on the exit clean
up path.
* src/libecryptfs
- remove redundant if / goto statement that does nothing.
[ Anders Kaseorg ]
* src/pam_
error (LP: #1323421)
[ Tyler Hicks ]
* Introduce the version 2 wrapped-passphrase file format. It adds the
ability to combine a randomly generated salt with the wrapping password
(typically, a user's login password) prior to performing key
strengthening. The version 2 file format is considered to be a
intermediate step in strengthening the wrapped-passphrase files of
existing encrypted home/private users. Support for reading/writing version
2 wrapped-passphrase files and transparent migration, through
pam_ecryptfs, from version 1 to version 2 files is considered safe enough
to backport to stable distro releases. The libecryptfs ABI around
wrapped-
- CVE-2014-9687
* Run wrap-unwrap.sh test as part of the make check target.
* Add a new test, called v1-to-v2-
for the make check target and verifies v1 to v2 wrapped-passphrase file
migration.
* Create a temporary file when creating a new wrapped-passphrase file and
copy it to its final destination after the file has been fully synced to
disk (LP: #1020902)
-- Dustin Kirkland <kirkland@
Changelog
This release does not have a changelog.
0 blueprints and 0 bugs targeted
There are no feature specifications or bug tasks targeted to this milestone. The project's maintainer, driver, or bug supervisor can target specifications and bug tasks to this milestone to track the things that are expected to be completed for the release.