As per the changelog in the link, --cipher aes-cbc-essiv:sha256 (the default cipher) should not be used. Instead, --cipher aes-xts-benbi is recommended.
Created attachment 975 [details] Patch to specify cipher for the luksFormat command
CC: (none) => pterjanAssignee: bugsquad => thierry.vignaud
Was the patch tested?
Keywords: (none) => Junior_job, PATCH
I've tested it on my system.
Pinging, because nothing has happened with this report for more than 3 months, it still has the status NEW or REOPENED.
CC: (none) => marja11
Doesn't that changelog says that the default was changed in the program directly?
The changelog is for the web page, showing that the cipher was changed in the scripts, shown on that web page. The cryptsetup program still defaults to cbc mode. The patch in comment 1 is for diskdrake, so it will override the default used by cryptsetup. It would probably be better to change the default in cryptsetup, but I don't have a patch for that.
Commited into SVN
Status: NEW => RESOLVEDVersion: 1 => CauldronResolution: (none) => FIXED