Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Preisgabe von Informationen in calamares
Aktuelle Meldungen Distributionen
Name: Preisgabe von Informationen in calamares
ID: FEDORA-2016-561a937494
Distribution: Fedora
Plattformen: Fedora 25
Datum: Do, 1. Dezember 2016, 18:56
Referenzen: Keine Angabe

Originalnachricht

Name        : calamares
Product : Fedora 25
Version : 2.4.4
Release : 5.fc25
URL : https://calamares.io/
Summary : Installer from a live CD/DVD/USB to disk
Description :
Calamares is a distribution-independent installer framework, designed to
install
from a live CD/DVD/USB environment to a hard disk. It includes a graphical
installation program based on Qt 5. This package includes the Calamares
framework and the required configuration files to produce a working replacement
for Anaconda's liveinst.

-------------------------------------------------------------------------------
-
Update Information:

A security update that fixes Calamares bug CAL-405:
https://calamares.io/bugs/browse/CAL-405 When installing with a LUKS-encrypted
`/` partition, Calamares was always creating a keyfile to decode `/` and
storing
it in the initramfs. It did that even with an unencrypted separate `/boot`
partition. As a result, the keyfile would be stored in cleartext on the `/boot`
partition, and it was possible to unlock the `/` partition without ever
entering
a passphrase. This completely defeated the security of LUKS. Please note that
this only affects manual partitioning. The automatic partitioning never leaves
`/boot` unencrypted (and it is, in fact, recommended to also always encrypt
`/boot` when doing manual partitioning). This update fixes the `dracutlukscfg`
module to not add the keyfile to `install_items` in the `dracut` configuration
(so that `dracut` will not include it onto the initramfs) if `/boot` is
separate
and unencrypted.
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade calamares' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung