From 304f893cf35b69df48ca9e27f6dd473c72604da9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Tue, 10 Dec 2024 12:29:34 +0100
Subject: [PATCH] Sync from SUSE:ALP:Source:Standard:1.0 sevctl revision
 5d0bd6529ed5635dc2bc8c6cf72341b4

---
 _service       |  6 +-----
 cargo_config   |  5 -----
 sevctl.changes | 15 +++++++++++++++
 sevctl.spec    |  5 +----
 vendor.tar.xz  |  4 ++--
 5 files changed, 19 insertions(+), 16 deletions(-)
 delete mode 100644 cargo_config

diff --git a/_service b/_service
index 23a31a9..d766f4e 100644
--- a/_service
+++ b/_service
@@ -18,13 +18,9 @@
     <param name="compression">xz</param>
   </service>
 
-  <service name="cargo_audit" mode="disabled">
-    <param name="srcdir">sevctl</param>
-  </service>
-
   <service name="cargo_vendor" mode="disabled">
     <param name="srcdir">sevctl</param>
     <param name="compression">xz</param>
-    <param name="update">false</param>
+    <param name="update">true</param>
   </service>
 </services>
diff --git a/cargo_config b/cargo_config
deleted file mode 100644
index a476f35..0000000
--- a/cargo_config
+++ /dev/null
@@ -1,5 +0,0 @@
-[source.crates-io]
-replace-with = "vendored-sources"
-
-[source.vendored-sources]
-directory = "vendor"
\ No newline at end of file
diff --git a/sevctl.changes b/sevctl.changes
index 3c532b9..75415f8 100644
--- a/sevctl.changes
+++ b/sevctl.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Fri Sep 13 05:22:44 UTC 2024 - Caleb Crane <caleb.crane@suse.com>
+
+- Update vendored dependencies and re-enable cargo update obs service (bsc#1229953)
+- Service: Remove deprecated cargo_config and cargo_audit services, both
+are now handled by the cargo_vendor services
+
+-------------------------------------------------------------------
+Wed Jan 24 15:22:20 UTC 2024 - Caleb Crane <caleb.crane@suse.com>
+
+- Fix CVE-2023-50711: vmm-sys-util: out of bounds memory accesses (bsc#1218502, bsc#1218499)
+  - Upgrade vendored dependencies, namely vmm-sys-utils > 0.12.0
+- spec: Switch back to greedy cargo updates of vendored dependencies. This CVE was multiple
+  levels deep in the dependency tree and only fixed with the more agressive cargo update strategy
+
 -------------------------------------------------------------------
 Wed Sep 13 14:42:56 UTC 2023 - Caleb Crane <caleb.crane@suse.com>
 
diff --git a/sevctl.spec b/sevctl.spec
index bb9ade9..683411b 100644
--- a/sevctl.spec
+++ b/sevctl.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package sevctl
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -25,7 +25,6 @@ License:        Apache-2.0
 URL:            https://github.com/virtee/sevctl
 Source0:        %{name}-%{version}.tar.xz
 Source1:        vendor.tar.xz
-Source2:        cargo_config
 BuildRequires:  cargo-packaging
 BuildRequires:  libopenssl-devel
 BuildRequires:  rubygem(asciidoctor)
@@ -40,8 +39,6 @@ Administrative utility for AMD SEV
 
 %prep
 %autosetup -a1
-mkdir .cargo
-cp %{SOURCE2} .cargo/config
 
 %build
 %{cargo_build}
diff --git a/vendor.tar.xz b/vendor.tar.xz
index d5b78bd..ee876f6 100644
--- a/vendor.tar.xz
+++ b/vendor.tar.xz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:2c11d77699a74852f9a8bfe828313ca456351cc55006b3d097d77b46bc2d33d9
-size 23877380
+oid sha256:2e9319a984b497f83914f6fdc3a0d5274714f5d8fd3ea1b517db49911990b4f0
+size 31176516