From d4f4bf11e34db496e8f46f7b4f67b886ce852495 Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Fri, 14 Jan 2022 05:24:07 +0000 Subject: Fri Jan 14 05:24:07 UTC 2022 a/cryptsetup-2.4.3-x86_64-1.txz: Upgraded. This update addresses a multi-step attack on LUKS2 format by orchestrating LUKS2 reencryption metadata in existing LUKS2 header. An attacker is able to trigger permanent data decryption (ciphertext->plaintext transformation) on part of data device on next LUKS2 device activation. Attacker does _not_ have to know passphrase or decrypted volume encryption key. cryptsetup versions older than 2.2.0 are not affected by this, because they do not support online LUKS2 reencryption. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122 (* Security fix *) --- ChangeLog.rss | 25 +++++++++++++++++++++++-- ChangeLog.txt | 13 +++++++++++++ FILELIST.TXT | 48 ++++++++++++++++++++++++------------------------ 3 files changed, 60 insertions(+), 26 deletions(-) diff --git a/ChangeLog.rss b/ChangeLog.rss index fcfbece1..33182c54 100644 --- a/ChangeLog.rss +++ b/ChangeLog.rss @@ -11,9 +11,30 @@ Tracking Slackware development in git. en-us urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f - Wed, 12 Jan 2022 22:04:33 GMT - Thu, 13 Jan 2022 07:59:45 GMT + Fri, 14 Jan 2022 05:24:07 GMT + Fri, 14 Jan 2022 16:59:45 GMT maintain_current_git.sh v 1.13 + + Fri, 14 Jan 2022 05:24:07 GMT + Fri, 14 Jan 2022 05:24:07 GMT + https://git.slackware.nl/current/tag/?h=20220114052407 + 20220114052407 + + +a/cryptsetup-2.4.3-x86_64-1.txz: Upgraded. + This update addresses a multi-step attack on LUKS2 format by orchestrating + LUKS2 reencryption metadata in existing LUKS2 header. An attacker is able to + trigger permanent data decryption (ciphertext->plaintext transformation) on + part of data device on next LUKS2 device activation. Attacker does _not_ + have to know passphrase or decrypted volume encryption key. + cryptsetup versions older than 2.2.0 are not affected by this, because they + do not support online LUKS2 reencryption. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122 + (* Security fix *) + ]]> + + Wed, 12 Jan 2022 22:04:33 GMT Wed, 12 Jan 2022 22:04:33 GMT diff --git a/ChangeLog.txt b/ChangeLog.txt index c32d014c..f1009bae 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,16 @@ +Fri Jan 14 05:24:07 UTC 2022 +a/cryptsetup-2.4.3-x86_64-1.txz: Upgraded. + This update addresses a multi-step attack on LUKS2 format by orchestrating + LUKS2 reencryption metadata in existing LUKS2 header. An attacker is able to + trigger permanent data decryption (ciphertext->plaintext transformation) on + part of data device on next LUKS2 device activation. Attacker does _not_ + have to know passphrase or decrypted volume encryption key. + cryptsetup versions older than 2.2.0 are not affected by this, because they + do not support online LUKS2 reencryption. + For more information, see: + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122 + (* Security fix *) ++--------------------------+ Wed Jan 12 22:04:33 UTC 2022 Good hello, and welcome to the third and final release candidate for Slackware 15.0. We're 99% frozen at this point and are mostly looking for regression or diff --git a/FILELIST.TXT b/FILELIST.TXT index bc13b5e0..5080354c 100644 --- a/FILELIST.TXT +++ b/FILELIST.TXT @@ -1,20 +1,20 @@ -Wed Jan 12 22:10:17 UTC 2022 +Fri Jan 14 05:27:12 UTC 2022 Here is the file list for this directory. If you are using a mirror site and find missing or extra files in the disk subdirectories, please have the archive administrator refresh the mirror. -drwxr-xr-x 12 root root 4096 2022-01-12 22:04 . +drwxr-xr-x 12 root root 4096 2022-01-14 05:24 . -rw-r--r-- 1 root root 10064 2016-06-30 18:39 ./ANNOUNCE.14_2 -rw-r--r-- 1 root root 15573 2021-12-07 17:35 ./CHANGES_AND_HINTS.TXT --rw-r--r-- 1 root root 1095879 2022-01-07 06:10 ./CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-01-07 06:10 ./CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 1095682 2022-01-12 22:10 ./CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-01-12 22:10 ./CHECKSUMS.md5.asc -rw-r--r-- 1 root root 17976 1994-06-10 02:28 ./COPYING -rw-r--r-- 1 root root 35147 2007-06-30 04:21 ./COPYING3 -rw-r--r-- 1 root root 19573 2016-06-23 20:08 ./COPYRIGHT.TXT -rw-r--r-- 1 root root 616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT --rw-r--r-- 1 root root 1842217 2022-01-12 22:04 ./ChangeLog.txt +-rw-r--r-- 1 root root 1842927 2022-01-14 05:24 ./ChangeLog.txt drwxr-xr-x 3 root root 4096 2013-03-20 22:17 ./EFI drwxr-xr-x 2 root root 4096 2022-01-12 21:49 ./EFI/BOOT -rw-r--r-- 1 root root 1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi @@ -25,9 +25,9 @@ drwxr-xr-x 2 root root 4096 2022-01-12 21:49 ./EFI/BOOT -rwxr-xr-x 1 root root 2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh -rw-r--r-- 1 root root 10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg -rw-r--r-- 1 root root 1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg --rw-r--r-- 1 root root 1426504 2022-01-07 06:09 ./FILELIST.TXT +-rw-r--r-- 1 root root 1426186 2022-01-12 22:10 ./FILELIST.TXT -rw-r--r-- 1 root root 1572 2012-08-29 18:27 ./GPG-KEY --rw-r--r-- 1 root root 864740 2022-01-12 22:09 ./PACKAGES.TXT +-rw-r--r-- 1 root root 864740 2022-01-14 05:26 ./PACKAGES.TXT -rw-r--r-- 1 root root 8564 2016-06-28 21:33 ./README.TXT -rw-r--r-- 1 root root 3635 2022-01-12 21:38 ./README.initrd -rw-r--r-- 1 root root 34412 2017-12-01 17:44 ./README_CRYPT.TXT @@ -743,13 +743,13 @@ drwxr-xr-x 2 root root 4096 2012-09-20 18:06 ./patches -rw-r--r-- 1 root root 575 2012-09-20 18:06 ./patches/FILE_LIST -rw-r--r-- 1 root root 14 2012-09-20 18:06 ./patches/MANIFEST.bz2 -rw-r--r-- 1 root root 224 2012-09-20 18:06 ./patches/PACKAGES.TXT -drwxr-xr-x 17 root root 4096 2022-01-12 22:09 ./slackware64 --rw-r--r-- 1 root root 337486 2022-01-12 22:09 ./slackware64/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-01-12 22:09 ./slackware64/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 418545 2022-01-12 22:08 ./slackware64/FILE_LIST --rw-r--r-- 1 root root 4188038 2022-01-12 22:09 ./slackware64/MANIFEST.bz2 +drwxr-xr-x 17 root root 4096 2022-01-14 05:26 ./slackware64 +-rw-r--r-- 1 root root 337486 2022-01-14 05:26 ./slackware64/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-01-14 05:26 ./slackware64/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 418545 2022-01-14 05:26 ./slackware64/FILE_LIST +-rw-r--r-- 1 root root 4186760 2022-01-14 05:26 ./slackware64/MANIFEST.bz2 lrwxrwxrwx 1 root root 15 2009-08-23 23:34 ./slackware64/PACKAGES.TXT -> ../PACKAGES.TXT -drwxr-xr-x 2 root root 32768 2022-01-12 22:08 ./slackware64/a +drwxr-xr-x 2 root root 32768 2022-01-14 05:26 ./slackware64/a -rw-r--r-- 1 root root 327 2022-01-12 01:33 ./slackware64/a/aaa_base-15.0-x86_64-2.txt -rw-r--r-- 1 root root 10596 2022-01-12 01:33 ./slackware64/a/aaa_base-15.0-x86_64-2.txz -rw-r--r-- 1 root root 163 2022-01-12 01:33 ./slackware64/a/aaa_base-15.0-x86_64-2.txz.asc @@ -795,9 +795,9 @@ drwxr-xr-x 2 root root 32768 2022-01-12 22:08 ./slackware64/a -rw-r--r-- 1 root root 437 2021-02-13 10:57 ./slackware64/a/cracklib-2.9.7-x86_64-3.txt -rw-r--r-- 1 root root 274748 2021-02-13 10:57 ./slackware64/a/cracklib-2.9.7-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 10:57 ./slackware64/a/cracklib-2.9.7-x86_64-3.txz.asc --rw-r--r-- 1 root root 578 2021-11-18 19:00 ./slackware64/a/cryptsetup-2.4.2-x86_64-1.txt --rw-r--r-- 1 root root 584884 2021-11-18 19:00 ./slackware64/a/cryptsetup-2.4.2-x86_64-1.txz --rw-r--r-- 1 root root 163 2021-11-18 19:00 ./slackware64/a/cryptsetup-2.4.2-x86_64-1.txz.asc +-rw-r--r-- 1 root root 578 2022-01-13 21:06 ./slackware64/a/cryptsetup-2.4.3-x86_64-1.txt +-rw-r--r-- 1 root root 584588 2022-01-13 21:06 ./slackware64/a/cryptsetup-2.4.3-x86_64-1.txz +-rw-r--r-- 1 root root 163 2022-01-13 21:06 ./slackware64/a/cryptsetup-2.4.3-x86_64-1.txz.asc -rw-r--r-- 1 root root 531 2021-02-13 10:57 ./slackware64/a/dbus-1.12.20-x86_64-5.txt -rw-r--r-- 1 root root 516520 2021-02-13 10:57 ./slackware64/a/dbus-1.12.20-x86_64-5.txz -rw-r--r-- 1 root root 163 2021-02-13 10:57 ./slackware64/a/dbus-1.12.20-x86_64-5.txz.asc @@ -5609,11 +5609,11 @@ drwxr-xr-x 2 root root 4096 2021-02-15 19:33 ./slackware64/y -rw-r--r-- 1 root root 1486956 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz -rw-r--r-- 1 root root 163 2021-02-13 13:56 ./slackware64/y/nethack-3.6.6-x86_64-3.txz.asc -rw-r--r-- 1 root root 26 2020-12-30 21:55 ./slackware64/y/tagfile -drwxr-xr-x 18 root root 4096 2022-01-12 22:10 ./source --rw-r--r-- 1 root root 583982 2022-01-12 22:10 ./source/CHECKSUMS.md5 --rw-r--r-- 1 root root 163 2022-01-12 22:10 ./source/CHECKSUMS.md5.asc --rw-r--r-- 1 root root 812608 2022-01-12 22:10 ./source/FILE_LIST --rw-r--r-- 1 root root 23352670 2022-01-12 22:10 ./source/MANIFEST.bz2 +drwxr-xr-x 18 root root 4096 2022-01-14 05:27 ./source +-rw-r--r-- 1 root root 583982 2022-01-14 05:27 ./source/CHECKSUMS.md5 +-rw-r--r-- 1 root root 163 2022-01-14 05:27 ./source/CHECKSUMS.md5.asc +-rw-r--r-- 1 root root 812608 2022-01-14 05:27 ./source/FILE_LIST +-rw-r--r-- 1 root root 23331241 2022-01-14 05:27 ./source/MANIFEST.bz2 -rw-r--r-- 1 root root 1314 2006-10-02 04:40 ./source/README.TXT drwxr-xr-x 122 root root 4096 2022-01-11 20:25 ./source/a -rw-r--r-- 1 root root 1591 2021-04-06 18:09 ./source/a/FTBFSlog @@ -5747,9 +5747,9 @@ drwxr-xr-x 2 root root 4096 2021-02-13 05:31 ./source/a/cracklib -rwxr-xr-x 1 root root 4735 2021-02-13 05:31 ./source/a/cracklib/cracklib.SlackBuild -rw-r--r-- 1 root root 37 2020-02-06 19:11 ./source/a/cracklib/cracklib.url -rw-r--r-- 1 root root 893 2020-02-10 20:28 ./source/a/cracklib/slack-desc -drwxr-xr-x 2 root root 4096 2021-11-18 19:00 ./source/a/cryptsetup --rw-r--r-- 1 root root 833 2021-11-18 10:57 ./source/a/cryptsetup/cryptsetup-2.4.2.tar.sign --rw-r--r-- 1 root root 11173984 2021-11-18 10:57 ./source/a/cryptsetup/cryptsetup-2.4.2.tar.xz +drwxr-xr-x 2 root root 4096 2022-01-13 21:06 ./source/a/cryptsetup +-rw-r--r-- 1 root root 833 2022-01-13 09:50 ./source/a/cryptsetup/cryptsetup-2.4.3.tar.sign +-rw-r--r-- 1 root root 11242152 2022-01-13 09:50 ./source/a/cryptsetup/cryptsetup-2.4.3.tar.xz -rwxr-xr-x 1 root root 5183 2021-03-11 20:18 ./source/a/cryptsetup/cryptsetup.SlackBuild -rw-r--r-- 1 root root 50 2019-08-17 19:47 ./source/a/cryptsetup/cryptsetup.url -rw-r--r-- 1 root root 1038 2019-08-17 19:45 ./source/a/cryptsetup/slack-desc -- cgit v1.2.3