Package: release-notes Severity: wishlist Hi,
cryptsetup 2:2.7.0~rc0-1 has a backward incompatible change for plain mode when relying on defaults cipher and password hashing algorithm. The change affects users upgrading from bookworm to trixie. Plain mode is generally advised against but it still makes sense to include the NEWS entry into the release notes. --8<--------------------------------------------------------------------->8-- Default cipher and password hashing for plain mode have respectively been changed to aes-xts-plain64 and sha256 (from aes-cbc-essiv:sha256 resp. ripemd160). The new values matches what is used for LUKS, but the change does NOT affect LUKS volumes. This is a backward incompatible change for plain mode when relying on the defaults, which (for plain mode only) is strongly advised against. For many releases the Debian wrappers found in the ‘cryptsetup’ binary package have spewed a loud warning for plain devices from crypttab(5) where ‘cipher=’ or ‘hash=’ are not explicitly specified. The cryptsetup(8) executable now issue such a warning as well. --8<--------------------------------------------------------------------->8-- (Original text from https://salsa.debian.org/cryptsetup-team/cryptsetup/-/blob/debian/latest/debian/cryptsetup-bin.NEWS ) Cheers, -- Guilhem.
signature.asc
Description: PGP signature