Dominique Leuenberger
20ce0a326e
+ This release adds the following features:
- Allow emulating devices reading EFI keys
- Allow skipping device tests by CPU architecture
+ This release fixes the following bugs:
- Cleanup Dell kestrel devices when disconnected
- Correctly build binary EFI_SIGNATURE_LIST objects
- Do not allow dbx updates when no ESP was found
- Ignore BootXXXX entries that do not exist when checking the dbx
- Ignore EFI binaries that are zero-sized, or not well formed
- Inhibit dbx updates if snapd is not available when using Ubuntu-style FDE
- Only match the device checksum if the protocol matches
- Raise authentication requirements for emulation-load
- Request to upload failed reports for install/downgrade too
- Use the kernel architecture when building the dbx instance ID
- Write sbatlevel to PE/COFF files correctly
+ This release adds support for the following hardware:
- More ELAN Fingerprint readers
- Star Labs StarLite Magnetic Keyboard
OBS-URL: https://build.opensuse.org/package/show/Base:System/fwupd?expand=0&rev=204
19 lines
677 B
Diff
19 lines
677 B
Diff
Index: fwupd-1.9.10/data/motd/fwupd-refresh.service.in
|
|
===================================================================
|
|
--- fwupd-1.9.10.orig/data/motd/fwupd-refresh.service.in
|
|
+++ fwupd-1.9.10/data/motd/fwupd-refresh.service.in
|
|
@@ -14,5 +14,13 @@ SystemCallFilter=~@mount
|
|
ProtectKernelModules=yes
|
|
ProtectControlGroups=yes
|
|
RestrictRealtime=yes
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectSystem=full
|
|
+ProtectHome=true
|
|
+ProtectHostname=true
|
|
+ProtectKernelTunables=true
|
|
+ProtectKernelLogs=true
|
|
+# end of automatic additions
|
|
SuccessExitStatus=2
|
|
ExecStart=@bindir@/fwupdmgr refresh
|