cryptsetup 2:1.7.3-2 source package in Debian
Changelog
cryptsetup (2:1.7.3-2) unstable; urgency=medium
[ Guilhem Moulin ]
* debian/README.Debian: update authorized_keys(5) path, incorrect since
2:1.7.2-1, for remote unlocking at initramfs stage using the dropbear SSH
server.
[ Jonas Meurer ]
* debian/initramfs/cryptroot-script: sleep after max passphrase attempts.
This mitigates local brute-force attacks and addresses CVE-2016-4484.
Thanks to Ismael Ripoll for discovery and report.
- decrease $count by one in tries loop if unlocking was successful.
- warn and sleep for 60 seconds if the maximum allowed attempts of
unlocking (configured with crypttab option tries, default=3) are
reached.
-- Jonas Meurer <email address hidden> Mon, 07 Nov 2016 11:34:41 +0100
Upload details
- Uploaded by:
- Debian Cryptsetup Team
- Uploaded to:
- Sid
- Original maintainer:
- Debian Cryptsetup Team
- Architectures:
- linux-any
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cryptsetup_1.7.3-2.dsc | 2.6 KiB | e287171acb08e760d2b31d4d39d91154ca449a1530b3606466640d506ea902d5 |
| cryptsetup_1.7.3.orig.tar.gz | 1.1 MiB | 58921825d268701af151e4de034f508aa8cb4d9f2e1c11847f4f8ae82866043d |
| cryptsetup_1.7.3-2.debian.tar.xz | 88.3 KiB | a9caea1247af13f52cc754663d46e4ddb93f56dfc76c977bb3d6bcad039015a7 |
No changes file available.
