On Sun, 06 Oct 2019 22:43:32 +0200 Sven Geuer <debma...@g-e-u-e-r.de> wrote:
Regarding 'important fix for usage of Tomb with cryptsetup 2.1':
This seems to refer to [2], 'Issue opening tombs with cryptsetup >
2.0', which is an annoying bug but not a security issue.
It would be merely an annoying bug if there was a work-around. However,
this bug makes tomb unusable on buster:
$ tomb lock secret.tomb -k secret.tomb.key
tomb . Commanded to lock tomb secret.tomb
tomb . Checking if the tomb is empty (we never step on somebody else's
bones).
tomb . Fine, this tomb seems empty.
tomb . Key is valid.
tomb . Locking using cipher: aes-xts-plain64:sha256
tomb . A password is required to use key secret.tomb.key
tomb . Password OK.
tomb (*) Locking secret.tomb with secret.tomb.key
tomb . Formatting Luks mapped device.
tomb [W] cryptsetup luksFormat returned an error.
tomb [E] Operation aborted.
I suggest to raise the severity again.
BR,
Joerg
