From 2b27904fe8351fd536e0deb291fd8f26a49ed314 Mon Sep 17 00:00:00 2001 From: B Stack Date: Tue, 21 Jan 2020 21:23:09 -0500 Subject: veracrypt 1.24-Update3 dpkg rc1 --- veracrypt/debian/changelog | 74 ++++++++++++++++++++++++++- veracrypt/debian/patches/002-build-flags.diff | 13 +++-- 2 files changed, 78 insertions(+), 9 deletions(-) diff --git a/veracrypt/debian/changelog b/veracrypt/debian/changelog index 13d13d3..00f7ba6 100644 --- a/veracrypt/debian/changelog +++ b/veracrypt/debian/changelog @@ -1,3 +1,74 @@ +veracrypt (1.24-Update3-1+devuan) obs; urgency=medium + + * 1.24-Update3 (December 21st, 2019) + - Linux + * Fix console-only build to remove dependency on GTK that is not wanted on headless servers. + * 1.24-Update2 (December 16th, 2019) + - All OSes + * clear AES key from stack memory when using non-optimized implementation. Doesn't apply to VeraCrypt official build (Reported and fixed by Hanno Böck) + * Update Jitterentropy RNG Library to version 2.2.0 + * Start following IEEE 1541 agreed naming of bytes (KiB, MiB, GiB, TiB, PiB). + * Various documentation enhancements. + - Windows + * Fix possible local privilege escalation vulnerability during execution of VeraCrypt Expander (CVE-2019-19501) + * MBR bootloader: + - workaround for SSD disks that don't allow write operations in BIOS mode with buffers less than 4096 bytes. + - Don't restore MBR to VeraCrypt value if it is coming from a loader different from us or different from Microsoft one. + * EFI bootloader: + - Fix "ActionFailed" not working and add "ActionCancelled" to customize handling of user hitting ESC on password prompt + - Fix F5 showing previous password after failed authentication attempt. Ensure that even wrong password value are cleared from memory. + * Fix multi-OS boot compatibility by only setting VeraCrypt as first bootloader of the system if the current first bootloader is Windows one. + * Add new registry flags for SystemFavoritesService to control updating of EFI BIOS boot menu on shutdown. + * Allow system encrypted drive to be mounted in WindowsPE even if changing keyboard layout fails (reported and fixed by Sven Strickroth) + * Enhancements to the mechanism preserving file timestamps, especially for keyfiles. + * Fix RDRAND instruction not detected on AMD CPUs. + * Detect cases where RDRAND is flawed (e.g. AMD Ryzen) to avoid using it if enabled by user. + * Don't write extra 0x00 byte at the end of DcsProp file when modifying it through UI + * Reduce memory usage of IOCTL_DISK_VERIFY handler used in disk verification by Windows. + * Add switch /FastCreateFile for VeraCrypt Format.exe to speedup creation of large file container if quick format is selected. + * Fix the checkbox for skipping verification of Rescue Disk not reflecting the value of /noisocheck switch specified in VeraCrypt Format command line. + * check "TrueCrypt Mode" in password dialog when mounting a file container with .tc extension + * Update XML languages files. + - Linux + * Fix regression causing admin password to be requested too many times in some cases + * Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck) + * Make sure password gets deleted in case of internal error when mounting volume (Reported and fixed by Hanno Böck) + * Fix passwords using Unicode characters not recognized in text mode. + * Fix failure to run VeraCrypt binary built for console mode on headless machines. + * Add switch to force the use of legacy maximum password length (64 UTF8 bytes) + * Add CLI switch (--use-dummy-sudo-password) to force use of old sudo behavior of sending a dummy password + * During uninstall, output error message to STDERR instead of STDOUT for better compatibility with package managers. + * Make sector size mismatch error when mounting disks more verbose. + * Speedup SHA256 in 64-bit mode by using assembly code. + - MacOSX + * Add switch to force the use of legacy maximum password length (64 UTF8 bytes) + * Fix off by one buffer overflow in function Process::Execute (Reported and fixed by Hanno Böck) + * Fix passwords using Unicode characters not recognized in text mode. + * Make sector size mismatch error when mounting disks more verbose. + * Speedup SHA256 in 64-bit mode by using assembly code. + * Link against latest wxWidgets version 3.1.3 + * 1.24-Hotfix1 (October 27th, 2019) + - Windows + * Fix 1.24 regression that caused system favorites not to mount at boot if VeraCrypt freshly installed. + * Fix failure to encrypt system if the current Windows username contains a Unicode non-ASCII character. + * Make VeraCrypt Expander able to resume expansion of volumes whose previous expansion was aborted before it finishes. + * Add "Quick Expand" option to VeraCrypt Expander to accelarate the expansion of large file containers. + * Add several robustness checks and validation in case of system encryption to better handle some corner cases. + * Minor UI and documentation changes. + - Linux + * Workaround gcc 4.4.7 bug under CentOS 6 that caused VeraCrypt built under CentOS 6 to crash when Whirlpool hash is used. + * Fix "incorrect password attempt" written to /var/log/auth.log when mounting volumes. + * Fix dropping file in UI not showing its correct path , specifically under GTK-3. + * Add missing JitterEntropy implementation/ + - MacOSX + * Fix some devices and partitions not showing in the device selection dialog under OSX 10.13 and newer. + * Fix keyboard tab navigation between password fields in "Volume Password" page of volume creation wizard. + * Add missing JitterEntropy implementation/ + * Support APFS filesystem for creation volumes. + * Support Dark Mode. + + -- Ben Stack Tue, 21 Jan 2020 21:03:02 -0500 + veracrypt (1.24-2+devuan) obs; urgency=low * Attempt a build with gtk3 @@ -7,8 +78,7 @@ veracrypt (1.24-2+devuan) obs; urgency=low veracrypt (1.24-1+devuan) obs; urgency=low * New upstream version - - -- B Stack Tue, 08 Oct 2019 11:31 -0400 +-- B Stack Tue, 08 Oct 2019 11:31 -0400 veracrypt (1.23-2+devuan) manual; urgency=low diff --git a/veracrypt/debian/patches/002-build-flags.diff b/veracrypt/debian/patches/002-build-flags.diff index 20c8362..da0bdc6 100644 --- a/veracrypt/debian/patches/002-build-flags.diff +++ b/veracrypt/debian/patches/002-build-flags.diff @@ -19,16 +19,15 @@ Index: veracrypt/src/Makefile export TC_BUILD_CONFIG := Release -Index: veracrypt/src/Build/Include/Makefile.inc -=================================================================== ---- veracrypt.orig/src/Build/Include/Makefile.inc -+++ veracrypt/src/Build/Include/Makefile.inc -@@ -14,7 +14,7 @@ $(NAME): $(NAME).a +diff -Naur 1.24-Update3/src/Build/Include/Makefile.inc 1.24-Update3.debian/src/Build/Include/Makefile.inc +--- 1.24-Update3/src/Build/Include/Makefile.inc 2019-12-22 10:35:56.000000000 -0500 ++++ 1.24-Update3.debian/src/Build/Include/Makefile.inc 2020-01-21 21:16:00.628555627 -0500 +@@ -14,7 +14,7 @@ clean: @echo Cleaning $(NAME) -- rm -f $(APPNAME) $(NAME).a $(OBJS) $(OBJSEX) $(OBJS:.o=.d) *.gch -+ rm -f $(APPNAME) $(NAME).a $(OBJS) $(OBJS:.o=.d) *.gch $(RESOURCES) SystemPrecompiled.d +- rm -f $(APPNAME) $(NAME).a $(OBJS) $(OBJSEX) $(OBJSNOOPT) $(OBJS:.o=.d) $(OBJSEX:.oo=.d) $(OBJSNOOPT:.o0=.d) *.gch ++ rm -f $(APPNAME) $(NAME).a $(OBJS) $(OBJSNOOPT) $(OBJS:.o=.d) $(OBJSEX:.oo=.d) $(OBJSNOOPT:.o0=.d) *.gch $(RESOURCES) SystemPrecompiled.d %.o: %.c @echo Compiling $(