Dominique Leuenberger
20ce0a326e
+ This release adds the following features:
- Allow emulating devices reading EFI keys
- Allow skipping device tests by CPU architecture
+ This release fixes the following bugs:
- Cleanup Dell kestrel devices when disconnected
- Correctly build binary EFI_SIGNATURE_LIST objects
- Do not allow dbx updates when no ESP was found
- Ignore BootXXXX entries that do not exist when checking the dbx
- Ignore EFI binaries that are zero-sized, or not well formed
- Inhibit dbx updates if snapd is not available when using Ubuntu-style FDE
- Only match the device checksum if the protocol matches
- Raise authentication requirements for emulation-load
- Request to upload failed reports for install/downgrade too
- Use the kernel architecture when building the dbx instance ID
- Write sbatlevel to PE/COFF files correctly
+ This release adds support for the following hardware:
- More ELAN Fingerprint readers
- Star Labs StarLite Magnetic Keyboard
OBS-URL: https://build.opensuse.org/package/show/Base:System/fwupd?expand=0&rev=204
22 lines
749 B
Diff
22 lines
749 B
Diff
Index: fwupd-1.7.2/data/fwupd-offline-update.service.in
|
|
===================================================================
|
|
--- fwupd-1.7.2.orig/data/fwupd-offline-update.service.in
|
|
+++ fwupd-1.7.2/data/fwupd-offline-update.service.in
|
|
@@ -8,6 +8,16 @@ After=sysinit.target system-update-pre.t
|
|
Before=shutdown.target system-update.target
|
|
|
|
[Service]
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectSystem=full
|
|
+ProtectHome=true
|
|
+ProtectHostname=true
|
|
+ProtectKernelTunables=true
|
|
+ProtectKernelLogs=true
|
|
+ProtectControlGroups=true
|
|
+RestrictRealtime=true
|
|
+# end of automatic additions
|
|
Type=oneshot
|
|
ExecStart=@libexecdir@/fwupd/fwupdoffline
|
|
FailureAction=reboot
|