SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cryptctl-debuginfo-2.4-4.5.1.x86_64.rpm :

* Fri Jun 11 2021 varkolyAATTsuse.com- Update to version 2.4:
* (bsc#1186226) - (CVE-2019-18906) client side password hashing is equivalent to clear text password storage
* Fix authentication on all places.
* Fix sysconfig variable name.
* First step to use plain text password instead of hashed password.
* Move repository into the SUSE github organization
* decorate readme with more usage instructions
* in RPC server, if client comes from localhost, remember its ipv4 localhost address instead of ipv6 address
* Test clear expired commands in TestDB_UpdateSeenFlag
* tell a record to clear expired pending commands upon saving a command result; introduce pending commands RPC test case
* avoid hard coding 127.0.0.1 in host ID of alive message test; let system administrator mount and unmount disks by issuing these two commands on key server.
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Mon Oct 23 2017 hguoAATTsuse.com- Add previously missing systemd service cryptctl-client.service into RPM content, continue with bsc#1056082.
* Mon Aug 28 2017 hguoAATTsuse.com- Upgrade to upstream release 2.3 that brings a new feature to allow system administrators to issue mount/umount commands to client computers via key server. (bsc#1056082)
* Wed Jun 07 2017 hguoAATTsuse.com- Upgrade to upstream release 2.2 that brings important enhancements in effort of implementing fate#322979:
* System administrator may now optionally turn off TLS certificate verification on KMIP server. Note that, certificate verification is enforced by default.
* Improve handling of boolean answers from interactive command line.
* Improve error handling in KMIP client.
* Thu Jun 01 2017 hguoAATTsuse.com- Upgrade to upstream release 2.1 that brings important enhancements in effort of implementing fate#322979:
* Improve KMIP compatibility with key prefix names and proper serialisation of authentication header.
* Fail over KMIP connection using a server list.
* Destroy key on KMIP after its tracking record is erased from DB.
* Thu May 11 2017 hguoAATTsuse.com- Upgrade to upstream release 2.0 that brings a protocol evolution together with several new features:
* Optionally utilise an external KMIP-v1.3 compatible service to store actual encryption key.
* Optionally verify client identity before serving its key requests.
* Password is hashed before transmitting over TLS-secured channel.
* Fix an issue that previously allowed a malicious administrator to craft RPC request to overwrite files outside of key database. Implemented accordint to fate#322979 and fate#322293.
* Fri Apr 28 2017 hguoAATTsuse.com- Upgrade to 1.99pre that introduces a library for decoding, encoding, and serialisation operations of KMIP v1.3 for fate#322979.
* Wed Nov 16 2016 hguoAATTsuse.com- Upgrade to 1.2.6 for accumulated bug fixes (bsc#1006219):
* Prevent user from attempting to encrypt a disk with mounted partitions, or an existing encrypted+opened disk.
* Ensure CA path input is an absolute path.
* Fix two mistakes in handling of timeout input.
* Fix minor formatting issue in manual page.
* Suppress consecutive failure messages in the journal of ReportAlive and AutoOnlineUnlockFS routines.
* Fri Sep 16 2016 hguoAATTsuse.com- Implement mandatory enhancements:
* Do not allow encrypting a remote file system.
* Implement command for erasing an encrypted file system.- Bump version to 1.2.5 for fate#320367.
* Fri Sep 02 2016 hguoAATTsuse.com- Implement mandatory enhancements:
* Make workflow across all sub-commands consistent in invocation style.
* Implement auto-unlocking of encrypted disks.
* Show key record usage and details on demand.- Bump version to 1.2.4 for fate#320367.
* Thu Aug 18 2016 hguoAATTsuse.com- Implement mandatory enhancements:
* Remove necessity for a backup directory to be involved for encryption routine.
* Optimise certificate generation prompts.
* Remove unused error messages and fix several of their typos.
* Remove unnecessary safety checks.
* Make the encryption routine work with btrfs and LVM.- Bump version to 1.2.3 fate#320367.
* Wed Aug 03 2016 hguoAATTsuse.com- Upon request, generate a self-signed TLS certificate for experimental purposes.- Bump version to 1.2.2 fate#320367.
* Mon Aug 01 2016 hguoAATTsuse.com- Implement mandatory features:
* Encrypt empty directory skips backup steps.
* Explain key revocation and TLS mechanisms in manual page.- Bump version to 1.2.1 fate#320367.
* Mon Jul 11 2016 hguoAATTsuse.com- Implement mandatory features:
* List and edit key records
* Unlock file system via key record file
* Use custom options to mount unlocked file system Enhance usability:
* Make encryption procedure\'s pre-check more thorough
* Improve overall command prompts- Bump version to 1.2 fate#320367.
* Fri Jul 01 2016 hguoAATTsuse.com- A preview version with most of the desired functions implemented:
* Key database
* Key RPC server
* Client encryption and decryption routines Bump version to 1.1 fate#320367.
* Wed Jun 08 2016 hguoAATTsuse.com- First version, only to help with building ISOs. Implement fate#320367.
  
ICM