diff -Nru ecryptfs-utils-107/debian/changelog ecryptfs-utils-107/debian/changelog
--- ecryptfs-utils-107/debian/changelog	2015-04-28 05:09:47.000000000 +0000
+++ ecryptfs-utils-107/debian/changelog	2015-07-09 10:26:42.000000000 +0000
@@ -1,3 +1,24 @@
+ecryptfs-utils (107-0ubuntu3) wily; urgency=medium
+
+  * Rename libecryptfs0 to libecryptfs1 and adjust the packaging. It has
+    actually shipped libecryptfs.so.1 since at least trusty. Add
+    C/R/P: libecryptfs0 for smoother upgrades, this needs to be kept until
+    after 16.04 LTS.
+
+ -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 09 Jul 2015 12:20:47 +0200
+
+ecryptfs-utils (107-0ubuntu2) wily; urgency=medium
+
+  * Add setup-swap-check-links.patch: When commenting out existing swap, also
+    consider device symlinks like /dev/mapper/ubuntu--vg-swap_1 or
+    /dev/disks/by-uuid/ into account. Fixes broken cryptswap under LVM and
+    manual setups. (LP: #1453738)
+  * debian/ecryptfs-utils.postinst: On upgrade, uncomment underlying
+    unencrypted swap partitions that are referred to by a device link when
+    crypttab and fstab have a "cryptswap*" device referring to them.
+
+ -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 09 Jul 2015 09:04:27 +0200
+
 ecryptfs-utils (107-0ubuntu1.1) vivid; urgency=medium
 
   * Add setup-swap-mark-gpt-noauto.patch: In ecryptfs-setup-swap, mark the
diff -Nru ecryptfs-utils-107/debian/control ecryptfs-utils-107/debian/control
--- ecryptfs-utils-107/debian/control	2015-03-11 23:46:45.000000000 +0000
+++ ecryptfs-utils-107/debian/control	2015-07-09 10:26:02.000000000 +0000
@@ -60,19 +60,23 @@
 Architecture: any
 Depends:
  ${misc:Depends}, ecryptfs-utils (= ${binary:Version}),
- libecryptfs0 (= ${binary:Version}), libecryptfs-dev (= ${binary:Version})
+ libecryptfs1 (= ${binary:Version}), libecryptfs-dev (= ${binary:Version})
 Description: ecryptfs cryptographic filesystem (utilities; debug)
  eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
  for Linux.
  .
  This package contains the debugging symbols.
 
-Package: libecryptfs0
+Package: libecryptfs1
 Section: libs
 Architecture: any
 Depends:
  ${misc:Depends},
  ${shlibs:Depends}
+# all libecryptfs0 versions since trusty already shipped libecryptfs.so.1
+Conflicts: libecryptfs0
+Replaces: libecryptfs0
+Provides: libecryptfs0
 Description: ecryptfs cryptographic filesystem (library)
  eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem
  for Linux.
@@ -84,7 +88,7 @@
 Architecture: any
 Depends:
  ${misc:Depends},
- libecryptfs0 (= ${binary:Version}),
+ libecryptfs1 (= ${binary:Version}),
  libgcrypt11-dev,
  libgpg-error-dev,
  libgpgme11-dev,
diff -Nru ecryptfs-utils-107/debian/ecryptfs-utils.postinst ecryptfs-utils-107/debian/ecryptfs-utils.postinst
--- ecryptfs-utils-107/debian/ecryptfs-utils.postinst	2015-04-28 05:09:47.000000000 +0000
+++ ecryptfs-utils-107/debian/ecryptfs-utils.postinst	2015-07-09 10:11:18.000000000 +0000
@@ -75,6 +75,30 @@
 				fi
 			done < /etc/crypttab
 		fi
+
+		# comment out leftover unencrypted swap after LP #1453738
+		if [ -e /etc/crypttab ] && [ -e /etc/fstab ] && \
+		    dpkg --compare-versions "$2" lt-nl "107-0ubuntu2"; then
+			while read mapper_dev phys_dev keyfile options; do
+				# only consider cryptswapN devices from ecryptfs-setup-swap
+				[ "$mapper_dev" != "${mapper_dev#cryptswap}" ] || continue
+				[ "${options#*swap,}" != "$options" ] || continue
+				# ignore devices without offset=, they would cause #953875 again
+				[ "${options%offset=*}" != "$options" ] || continue
+				# get/verify UUID
+				uuid="${phys_dev#UUID=}"
+				[ -e /dev/disk/by-uuid/$uuid ] || continue
+
+				# we found a cryptswap partition; disable all fstab references to the underlying unencrypted one
+				for link in $(udevadm info --query=symlink -n /dev/disk/by-uuid/$uuid); do
+				    if grep -q "/dev/$link[[:space:]]" /etc/fstab; then
+					echo "Disabling unencrypted swap device /dev/$link in /etc/fstab to enable $mapper_dev"
+					sed -i.dpkg-save "\^/dev/$link[[:space:]]^d" /etc/fstab
+					break
+				    fi
+				done
+			done < /etc/crypttab
+		fi
 	;;
 	abort-upgrade|abort-remove|abort-deconfigure)
 
diff -Nru ecryptfs-utils-107/debian/libecryptfs0.install ecryptfs-utils-107/debian/libecryptfs0.install
--- ecryptfs-utils-107/debian/libecryptfs0.install	2015-02-10 16:59:34.000000000 +0000
+++ ecryptfs-utils-107/debian/libecryptfs0.install	1970-01-01 00:00:00.000000000 +0000
@@ -1 +0,0 @@
-/usr/lib/*.so.*
diff -Nru ecryptfs-utils-107/debian/libecryptfs0.links ecryptfs-utils-107/debian/libecryptfs0.links
--- ecryptfs-utils-107/debian/libecryptfs0.links	2015-02-10 16:59:34.000000000 +0000
+++ ecryptfs-utils-107/debian/libecryptfs0.links	1970-01-01 00:00:00.000000000 +0000
@@ -1 +0,0 @@
-/usr/lib/libecryptfs.so.0.0.0	/usr/lib/libecryptfs.so.0.0
diff -Nru ecryptfs-utils-107/debian/libecryptfs0.shlibs ecryptfs-utils-107/debian/libecryptfs0.shlibs
--- ecryptfs-utils-107/debian/libecryptfs0.shlibs	2015-02-10 16:59:34.000000000 +0000
+++ ecryptfs-utils-107/debian/libecryptfs0.shlibs	1970-01-01 00:00:00.000000000 +0000
@@ -1 +0,0 @@
-libecryptfs 0 libecryptfs0 (>= 77)
diff -Nru ecryptfs-utils-107/debian/libecryptfs1.install ecryptfs-utils-107/debian/libecryptfs1.install
--- ecryptfs-utils-107/debian/libecryptfs1.install	1970-01-01 00:00:00.000000000 +0000
+++ ecryptfs-utils-107/debian/libecryptfs1.install	2015-02-10 16:59:34.000000000 +0000
@@ -0,0 +1 @@
+/usr/lib/*.so.*
diff -Nru ecryptfs-utils-107/debian/libecryptfs1.links ecryptfs-utils-107/debian/libecryptfs1.links
--- ecryptfs-utils-107/debian/libecryptfs1.links	1970-01-01 00:00:00.000000000 +0000
+++ ecryptfs-utils-107/debian/libecryptfs1.links	2015-07-09 10:20:39.000000000 +0000
@@ -0,0 +1 @@
+/usr/lib/libecryptfs.so.1.0.0	/usr/lib/libecryptfs.so.1.0
diff -Nru ecryptfs-utils-107/debian/libecryptfs1.shlibs ecryptfs-utils-107/debian/libecryptfs1.shlibs
--- ecryptfs-utils-107/debian/libecryptfs1.shlibs	1970-01-01 00:00:00.000000000 +0000
+++ ecryptfs-utils-107/debian/libecryptfs1.shlibs	2015-07-09 10:20:44.000000000 +0000
@@ -0,0 +1 @@
+libecryptfs 1 libecryptfs1 (>= 77)
diff -Nru ecryptfs-utils-107/debian/patches/series ecryptfs-utils-107/debian/patches/series
--- ecryptfs-utils-107/debian/patches/series	2015-04-28 05:09:47.000000000 +0000
+++ ecryptfs-utils-107/debian/patches/series	2015-07-09 07:01:41.000000000 +0000
@@ -1 +1,2 @@
 setup-swap-mark-gpt-noauto.patch
+setup-swap-check-links.patch
diff -Nru ecryptfs-utils-107/debian/patches/setup-swap-check-links.patch ecryptfs-utils-107/debian/patches/setup-swap-check-links.patch
--- ecryptfs-utils-107/debian/patches/setup-swap-check-links.patch	1970-01-01 00:00:00.000000000 +0000
+++ ecryptfs-utils-107/debian/patches/setup-swap-check-links.patch	2015-07-09 07:56:09.000000000 +0000
@@ -0,0 +1,19 @@
+Description: When commenting out existing swap, also consider device symlinks like /dev/mapper/ubuntu--vg-swap_1 or /dev/disks/by-uuid/ into account. Fixes broken cryptswap under LVM and manual setups.
+Author: Martin Pitt <martin.pitt@ubuntu.com>
+Bug: https://launchpad.net/bugs/1453738
+
+Index: ecryptfs-utils-107/src/utils/ecryptfs-setup-swap
+===================================================================
+--- ecryptfs-utils-107.orig/src/utils/ecryptfs-setup-swap
++++ ecryptfs-utils-107/src/utils/ecryptfs-setup-swap
+@@ -149,7 +149,9 @@ i=0
+ for swap in $swaps; do
+ 	info `gettext "Setting up swap:"` "[$swap]"
+ 	uuid=$(blkid -o value -s UUID $swap)
+-	for target in "UUID=$uuid" $swap; do
++	# /etc/fstab might use a symlink like /dev/mapper/ubuntu--vg-swap_1
++	links=$(for d in $(udevadm info --query=symlink -n $swap); do echo /dev/$d; done)
++	for target in "UUID=$uuid" $swap $links; do
+ 		if [ -n "$target" ] && grep -qs "^$target\s\+" /etc/fstab; then
+ 			sed -i "s:^$target\s\+:\#$target :" /etc/fstab
+ 			warn "Commented out your unencrypted swap from /etc/fstab"