[Bug 1715010] Please test proposed package

Ɓukasz Zemczak 1715010 at bugs.launchpad.net
Wed Sep 6 10:06:44 UTC 2017 

Hello Marcelo, or anyone else affected,

Accepted cryptsetup into xenial-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/cryptsetup/2:1.6.6-5ubuntu2.1 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-xenial to verification-done-xenial. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-xenial. In either case, details of your
testing will help us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1715010

Title:
  Fix XTS encryption with FIPS enabled kernels

Status in cryptsetup package in Ubuntu:
  Fix Committed
Status in cryptsetup source package in Xenial:
  Fix Committed

Bug description:
  SRU Justification:

  Impact:  The kernel crypto API rejects weak XTS keys in FIPS mode and
  the current version of cryptsetup in xenial do some tests with a
  zeroed key to check cipher availability in the kernel. These two
  behaviors combined make impossible to use disk encryption with XTS
  while using a kernel in FIPS mode.

  Fix: apply the following fix to cryptsetup:

  https://gitlab.com/cryptsetup/cryptsetup/commit/3c2135b36bbc52d052e4ced7c94dc4981eb07a53

  Testcase: Try to setup disk encryption with XTS while the kernel is in
  FIPS mode.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1715010/+subscriptions

More information about the foundations-bugs mailing list