Issued:

2011-02-23

Updated:

2011-05-19

RHBA-2011:0298 - volume_key bug fix update

Synopsis

volume_key bug fix update

Type/Severity

Bug Fix Advisory (none)

Topic

Updated volume_key packages that fix multiple bugs are now available Red Hat Enterprise Linux 6.

Description

The volume_key packages provide a command-line tool and a set of libraries for manipulating storage volume encryption keys and storing them separately from volumes.

The main goal of the software is to allow restoring access to an encrypted hard drive if the primary user forgets the passphrase. The encryption key back up can also be useful for extracting data after a hardware or software failure that corrupts the header of the encrypted volume, or to access the company data after an employee leaves abruptly.

This update fixes the following bugs:

• Previously, the volume_key documentation did not specify which of the two block devices to use as an argument to volume_key(8). Due to this problem, unexpected errors caused confusion. With this update, the volume_key.8 man page and the README file clarify whether to use the encrypted or plaintext block device, and how to recognize it. (BZ#636541)

• Previously, libvolume_key did not provide textual descriptions for a subset of error conditions. Due to this behavior, some error messages contained nonsensical characters instead of readable text. This update adds the missing textual descriptions. The error messages now describe the cause of the error. (BZ#638732)

• Previously, the volume_key(8) utility could not be interrupted when waiting for a password or passphrase input. This update makes the volume_key(8) utility interruptible in such cases, and notifies the user if the entered passphrase is incorrect. (BZ#641111)

• Previously, the volume_key(8) utility prompted the user for a passphrase before it validated the supplied certificate file, if any. Due to this behavior, any errors in the file were detected only after the user entered additional information. This update detects and reports such errors immediately, without prompting the user for a passphrase. (BZ#643897)

All Users are advised to upgrade to these updated volume_key packages, which fix these bugs.

Solution

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

Updated Packages

• volume_key-debuginfo-0.3.1-5.el6.s390.rpm
• volume_key-devel-0.3.1-5.el6.s390.rpm
• volume_key-0.3.1-5.el6.i686.rpm
• volume_key-debuginfo-0.3.1-5.el6.i686.rpm
• volume_key-debuginfo-0.3.1-5.el6.ppc.rpm
• volume_key-debuginfo-0.3.1-5.el6.ppc64.rpm
• volume_key-debuginfo-0.3.1-5.el6.s390x.rpm
• python-volume_key-0.3.1-5.el6.s390x.rpm
• volume_key-devel-0.3.1-5.el6.x86_64.rpm
• volume_key-libs-0.3.1-5.el6.ppc64.rpm
• volume_key-debuginfo-0.3.1-5.el6.x86_64.rpm
• volume_key-0.3.1-5.el6.src.rpm
• volume_key-0.3.1-5.el6.x86_64.rpm
• volume_key-devel-0.3.1-5.el6.ppc64.rpm
• volume_key-devel-0.3.1-5.el6.s390x.rpm
• volume_key-libs-0.3.1-5.el6.s390.rpm
• volume_key-libs-0.3.1-5.el6.i686.rpm
• volume_key-devel-0.3.1-5.el6.i686.rpm
• python-volume_key-0.3.1-5.el6.x86_64.rpm
• python-volume_key-0.3.1-5.el6.i686.rpm
• python-volume_key-0.3.1-5.el6.ppc64.rpm
• volume_key-libs-0.3.1-5.el6.ppc.rpm
• volume_key-0.3.1-5.el6.ppc64.rpm
• volume_key-libs-0.3.1-5.el6.s390x.rpm
• volume_key-libs-0.3.1-5.el6.x86_64.rpm
• volume_key-devel-0.3.1-5.el6.ppc.rpm
• volume_key-0.3.1-5.el6.s390x.rpm

Fixes

(none)

CVEs

(none)

References

(none)

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.