[Secure-testing-team] Bug#626641: cryptsetup: bug #587220 re-introduced
Christoph Anton Mitterer
calestyo at scientia.net
Fri May 13 22:27:20 UTC 2011
Package: cryptsetup
Version: 2:1.2.0-2
Severity: normal
Tags: security
Hi.
Withe the recent upload and its changes to the init-script you again
introduce the meta-security hole discussed in #587220.
I know, that policy requests that init-scripts exit gracefully in case a
package has been removed but not purged.
But I guess it should be quite clear to everyone that with respect to the
intention of cryptsetup (security) and the possible effects on that... this
is not only justifyable but also absolutely neccessary.
Chris.
More information about the Secure-testing-team
mailing list