2.8.127 Nov 2020 17:44
This is a minor bugfix release. It fixes two bugs introduced by the previous release: the release of loopback devices and a typo affecting password insertion in text-only mode. It also provides a cosmetic fix for the output of 'tomb list' that now displays correct sizes. At last, the docker wrapper has been included in extras/ to be shipped in Tomb. The span of CVE-2020-28638 has been assessed with more precision and KNOWN_BUGS updated accordingly.
2.817 Nov 2020 13:23
This new release updates the documentation, improves usability and fixes two bugs. A bug has been found (CVE-2020-28638) to corrupt passwords entered using pinentry-curses on desktops using a X11 DISPLAY, the documentation in KNOWN_BUGS outlines how to fix regressions. Another bug has been fixed to prevent mounting tombs that are already opened, a situation leading to potential data loss. Changes mentioned lead to a small internal refactoring and cleanup, leading to a change in the way volumes appear in /dev/mapper. Along the usability improvements are the support of GNUPGHOME environment variable to support non-standard GnuPG home locations as well updated translations and the fact that debug messages are now written to stderr, making it easier to parse stdout.
2.416 Apr 2017 15:42
This release introduces a major new feature with support for asymmetric encryption of Tomb keys using public/private GPG key pairs. It is now possible to protect a Tomb key using a GPG key (which can also be password-less for automations) as well encrypt a Tomb key for multiple recipients (list of GPG ids). Other improvements include: a fix to the 'slam' command with better detection of running programs using 'lsof' (new optional dependency); a fix to 'forge' key creation to really use 512 bits long keys to really trigger usage of AES256; correct support for opening tombs in read-only mode; update of the Tomber python wrapper in extras. Documentation has been updated.
2.302 Jan 2017 12:08
Fix to bug occurring when using ZSh version 5.3 or higher. Fix to inclusion of final newline in keys generated with 2.2, only affecting third-party software. Removed chmod/chown of tombs when open. Enhanced continuous integration script with regression tests with usage of old stable versions of Tomb and shellcheck linting. Improved parser and post-hooks to avoid usage of external binaries (grep and cat) also improving security when decrypting keys. Fix for clean execution via sudo nopasswd. Updated extras/gtomb to latest stable version. Various documentation updatesabout kdf, using images as keys, deniability and gpg-agent usage. New experimental port to Android platforms in extras.
2.230 Dec 2015 16:55
New Qt5 desktop tray in extras/qt-tray. New Zenity based Gtk interface in extras/gtomb (experimental). Better resizing procedure recovers from failure without starting over with a new dig. Fixes for correct handling of bind-hooks mountpoints containing whitespaces, implying a refactoring of how the mtab is parsed, along with workaround for Debian bugs. Updated all strings to report MiB sizes. Fix to correctly show last time opened. Fix to EUID detection and to installed manpage permissions.
2.1.106 Aug 2015 15:57
New translations included, to Swedish and Italian languages.
2.123 Jul 2015 16:45
This new stable release including several bugfixes to smooth the user experience in various situations. Documentation is reviewed and extended and translations are updated.
More in detail, fixes to: mountpoint removal, language localization, gtk-2 pinentry themeing, udisk2 compatibility (/run/media/ USER mountpoint support), handling of key failures, kdf documentation, swish-e file contents search and encrypted swap detection.
Deniability is improved by allowing any filename to be used for tombs (also without .tomb extension). Code has been overall cleaned up.
2.0.125 Dec 2014 01:54
Fix for usage with GnuPG 1.4.11, a problem affecting long term GNU/Linux distribution releases like Ubuntu 12.04 and Mint 13.
Minor messaging fixes.
2.026 Nov 2014 21:34
Tomb goes international: now translated to Russian, French, Spanish and German.
The usability has improved: steganographed images can now be used directly as keys using `-k`. Tomb now works also across ssh connections: it is possible to pipe cleartext secrets from stdin using `-k cleartext` but that requires the --unsafe flag.
The security is also improved by avoiding most uses of temporary files. The privilege escalation model has been simplified and sudo is called only when needed. All code has been refactored for readability and integration with zsh features. Signal handlers are now in place, global arrays are used to keep track of temp files. Namespace has been revisioned and corrected.
1.5.304 Aug 2014 07:05