diff options
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index c32d014c..f1009bae 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,16 @@ +Fri Jan 14 05:24:07 UTC 2022 +a/cryptsetup-2.4.3-x86_64-1.txz: Upgraded. + This update addresses a multi-step attack on LUKS2 format by orchestrating + LUKS2 reencryption metadata in existing LUKS2 header. An attacker is able to + trigger permanent data decryption (ciphertext->plaintext transformation) on + part of data device on next LUKS2 device activation. Attacker does _not_ + have to know passphrase or decrypted volume encryption key. + cryptsetup versions older than 2.2.0 are not affected by this, because they + do not support online LUKS2 reencryption. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122 + (* Security fix *) ++--------------------------+ Wed Jan 12 22:04:33 UTC 2022 Good hello, and welcome to the third and final release candidate for Slackware 15.0. We're 99% frozen at this point and are mostly looking for regression or |