- Issued:
- 2011-07-21
- Updated:
- 2011-07-21
RHBA-2011:0987 - Bug Fix Advisory
Synopsis
cryptsetup-luks bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated cryptsetup-luks package that fixes various bugs is now available for
Red Hat Enterprise Linux 5.
Description
The cryptsetup-luks package provides a utility for setting up encrypted file
systems using Device Mapper and the dm-crypt target.
This updated cryptsetup-luks package includes fixes for the following bugs:
- When executing the "cryptsetup luksOpen" command on an encrypted disk device
formatted with an older version of cryptsetup, the following message appeared:
"automatic header conversion from 0.99 to 0.991 triggered". Consequently, the
device became unresponsive at every attempt to open it. The older version of
cryptsetup converted the master key iteration count incorrectly, which has been
fixed and the device hangs no longer. (BZ#583431)
- The cryptsetup utility became unresponsive when using the "cryptsetup isLuks"
command on an ordinary file. This problem has been fixed: if running the command
on an ordinary file, the cryptsetup utility informs users about the file not
being a LUKS partition. (BZ#622712)
- Previously, the cryptsetup utility could have terminated unexpectedly when the
key size was larger than 256 bits. The cryptsetup utility now properly supports
keys longer than 256 bits, fixing the problem. (BZ#678011, BZ#684616)
- When removing a key from the key slot by running the "cryptsetup luksDelKey"
command, only the key slot itself was cleared but the salt and iteration count
remained in the key slot header. All additional information is now cleared as
well. (BZ#697815)
All users of cryptsetup-luks are advised to upgrade to this updated package,
which resolves these bugs.
Solution
Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 583431 - dm-crypt hanging on attempts to manipulate an encrypted device
- BZ - 622712 - cryptsetup hangs when isLuks is used on ordinary file
- BZ - 678011 - cryptsetup luksOpen causes ** stack smashing detected *** for large key
- BZ - 684616 - cryptsetup segfaults in plain mode
- BZ - 696561 - Coverity scan revealed issues
- BZ - 697815 - cryptsetup luksDelKey doesn't wipe salt and iteration count for removed slot
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
cryptsetup-luks-1.0.3-8.el5.src.rpm | SHA-256: 3a5551e6694fcb87e0b9f24bbffd857056c5c5801737da6c0f236c8ee1e0bb41 |
x86_64 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
cryptsetup-luks-1.0.3-8.el5.x86_64.rpm | SHA-256: 8de31d92b3df4dae321e3a4849341496af22513e9f629f1df55ab408ca6d8fbe |
cryptsetup-luks-devel-1.0.3-8.el5.i386.rpm | SHA-256: 15bca3cd17064c094a9d2b566bf2547557ef55469d5dae984a51bee295b97183 |
cryptsetup-luks-devel-1.0.3-8.el5.x86_64.rpm | SHA-256: a623f7e0ff259a1e8d986fb11568fe16096a0461936a926c3336fad1c2c68505 |
ia64 | |
cryptsetup-luks-1.0.3-8.el5.ia64.rpm | SHA-256: 9144129ebe3e0b21bccc7ea90886b44b03d1202af12c0fae9c8a94f5a2d35aaa |
cryptsetup-luks-devel-1.0.3-8.el5.ia64.rpm | SHA-256: e03b29b7806b0a1a6f6da7b7529f614d65e2127332aaf88745b1ff56c8b5f1f1 |
i386 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
cryptsetup-luks-devel-1.0.3-8.el5.i386.rpm | SHA-256: 15bca3cd17064c094a9d2b566bf2547557ef55469d5dae984a51bee295b97183 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
cryptsetup-luks-1.0.3-8.el5.src.rpm | SHA-256: 3a5551e6694fcb87e0b9f24bbffd857056c5c5801737da6c0f236c8ee1e0bb41 |
x86_64 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
cryptsetup-luks-1.0.3-8.el5.x86_64.rpm | SHA-256: 8de31d92b3df4dae321e3a4849341496af22513e9f629f1df55ab408ca6d8fbe |
cryptsetup-luks-devel-1.0.3-8.el5.i386.rpm | SHA-256: 15bca3cd17064c094a9d2b566bf2547557ef55469d5dae984a51bee295b97183 |
cryptsetup-luks-devel-1.0.3-8.el5.x86_64.rpm | SHA-256: a623f7e0ff259a1e8d986fb11568fe16096a0461936a926c3336fad1c2c68505 |
i386 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
cryptsetup-luks-devel-1.0.3-8.el5.i386.rpm | SHA-256: 15bca3cd17064c094a9d2b566bf2547557ef55469d5dae984a51bee295b97183 |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
cryptsetup-luks-1.0.3-8.el5.src.rpm | SHA-256: 3a5551e6694fcb87e0b9f24bbffd857056c5c5801737da6c0f236c8ee1e0bb41 |
x86_64 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
cryptsetup-luks-1.0.3-8.el5.x86_64.rpm | SHA-256: 8de31d92b3df4dae321e3a4849341496af22513e9f629f1df55ab408ca6d8fbe |
i386 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
cryptsetup-luks-1.0.3-8.el5.src.rpm | SHA-256: 3a5551e6694fcb87e0b9f24bbffd857056c5c5801737da6c0f236c8ee1e0bb41 |
s390x | |
cryptsetup-luks-1.0.3-8.el5.s390.rpm | SHA-256: 7157dbace8c7498c3a95eb9c061d68138275432e7bff91830618c43cf7ddcebf |
cryptsetup-luks-1.0.3-8.el5.s390x.rpm | SHA-256: 2143a55e0287c0a2617dabf5d06035ac2d0b73ff474d9a134e01e9c7605bc357 |
cryptsetup-luks-devel-1.0.3-8.el5.s390.rpm | SHA-256: 3109c8ac09714dac9a1244c1889924f7549a437f299563977eae93eb71eddc57 |
cryptsetup-luks-devel-1.0.3-8.el5.s390x.rpm | SHA-256: 6a2a5bf0a218b0d653b2044351d92f7e591eb7ff3ae4902005663e7ce83dab10 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
cryptsetup-luks-1.0.3-8.el5.src.rpm | SHA-256: 3a5551e6694fcb87e0b9f24bbffd857056c5c5801737da6c0f236c8ee1e0bb41 |
ppc | |
cryptsetup-luks-1.0.3-8.el5.ppc.rpm | SHA-256: 977dfe73510e4e79af4e93cd01f0c40fcef7346b99839e189cc90a683e91e891 |
cryptsetup-luks-1.0.3-8.el5.ppc64.rpm | SHA-256: 1abf2ab45b7c08401af024ee234e3fbd9d2e1dc3478814469f9c828e2993ab39 |
cryptsetup-luks-devel-1.0.3-8.el5.ppc.rpm | SHA-256: 3086cb5db56bd9d045ac6464725c4d83e97e74e923591faaebd3bdbe13eacf83 |
cryptsetup-luks-devel-1.0.3-8.el5.ppc64.rpm | SHA-256: efdee338e44fdbfff5c332d928779f8371f1a68b29510d8259f4f729bbefc1c5 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
cryptsetup-luks-1.0.3-8.el5.src.rpm | SHA-256: 3a5551e6694fcb87e0b9f24bbffd857056c5c5801737da6c0f236c8ee1e0bb41 |
x86_64 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
cryptsetup-luks-1.0.3-8.el5.x86_64.rpm | SHA-256: 8de31d92b3df4dae321e3a4849341496af22513e9f629f1df55ab408ca6d8fbe |
cryptsetup-luks-devel-1.0.3-8.el5.i386.rpm | SHA-256: 15bca3cd17064c094a9d2b566bf2547557ef55469d5dae984a51bee295b97183 |
cryptsetup-luks-devel-1.0.3-8.el5.x86_64.rpm | SHA-256: a623f7e0ff259a1e8d986fb11568fe16096a0461936a926c3336fad1c2c68505 |
i386 | |
cryptsetup-luks-1.0.3-8.el5.i386.rpm | SHA-256: 32fd662e360b74cfb399ecaf2547a2bf36fbc1d43e02a2734b1ff0c391a514c3 |
cryptsetup-luks-devel-1.0.3-8.el5.i386.rpm | SHA-256: 15bca3cd17064c094a9d2b566bf2547557ef55469d5dae984a51bee295b97183 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.