Revelation password manager issue
jspaleta at gmail.com
Sun Jun 24 19:57:52 UTC 2012
Rawhide target scratch build of the upstream tree with the fix.
I have done a local build and test on an F16 system. Revelation
informs me that the key file is an old encryption format and requests
me to resave to update the encryption.
Can someone please do an independent confirmation that this actually
fixes the underlying issues with the encryption weakness?
There appears to be one potential regression in 0.14.3+ with
searching...but I think its due to a change in gconf key layout. If
you experience the search crash...logout/login or shutdown/restart
and the problem appears to go away. I saw the crash last week on F16
and F17 while I was doing initial testing for 0.14.3 test packages
that I rolled ahead of this security fix landing...but I could not
duplicate the search traceback again after a system restart... making
it a bit difficult to track down and squash.
Anyways....I'm inclined to wait for the official release tarball to
land from upstream tomorrow to push update packages into
rawhide->F17,F16 testing for release 0.14.4 that rolls in the
encryption changes. In the meantime anyone who is seriously concerned
about this, please beat on the on the scratch build and make sure its
actually a fix.
More information about the devel