commit d8ec79088b4105e57ee7e9f68bc366a9a6b9bcd4
OBS-URL: https://build.opensuse.org/package/show/Kernel:slowroll/kernel-source-longterm?expand=0&rev=4
This commit is contained in:
parent
d3a99611a1
commit
eeec1f708b
@ -1,3 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:54e341b3ec5eb2f5b8b5c9b510629ef7bcf016d9e45825728e532790f74479c0
|
||||
size 62685
|
||||
oid sha256:71cdf3a6b0d92d5141e0ed2ce2084b580f6f0280a81cedfa4b08dce0ae960d0a
|
||||
size 62709
|
||||
|
@ -1,3 +1,24 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 15 11:22:01 CET 2023 - rfrohl@suse.com
|
||||
|
||||
- KEYS: Make use of platform keyring for module signature verify
|
||||
(FATE#314508, FATE#316531, bsc#1209006).
|
||||
- commit d8ec790
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 13:08:40 CET 2023 - rfrohl@suse.com
|
||||
|
||||
- efi: Lock down the kernel at the integrity level if booted in
|
||||
secure boot mode (jsc#SLE-9870 boo#1217741).
|
||||
- Update config files.
|
||||
- efi: Lock down the kernel if booted in secure boot mode
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- security: lockdown: expose a hook to lock the kernel down
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- commit 2fb56b9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 11:44:20 CET 2023 - rfrohl@suse.com
|
||||
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
%define srcversion 6.1
|
||||
%define patchversion 6.1.68
|
||||
%define git_commit e2d741cef0471025440ebcccd404bbf178a465bc
|
||||
%define git_commit d8ec79088b4105e57ee7e9f68bc366a9a6b9bcd4
|
||||
%define variant -longterm%{nil}
|
||||
%define compress_modules zstd
|
||||
%define compress_vmlinux xz
|
||||
@ -115,7 +115,7 @@ License: GPL-2.0-only
|
||||
Group: System/Kernel
|
||||
Version: 6.1.68
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.ge2d741c
|
||||
Release: <RELEASE>.gd8ec790
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
@ -1,3 +1,24 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 15 11:22:01 CET 2023 - rfrohl@suse.com
|
||||
|
||||
- KEYS: Make use of platform keyring for module signature verify
|
||||
(FATE#314508, FATE#316531, bsc#1209006).
|
||||
- commit d8ec790
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 13:08:40 CET 2023 - rfrohl@suse.com
|
||||
|
||||
- efi: Lock down the kernel at the integrity level if booted in
|
||||
secure boot mode (jsc#SLE-9870 boo#1217741).
|
||||
- Update config files.
|
||||
- efi: Lock down the kernel if booted in secure boot mode
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- security: lockdown: expose a hook to lock the kernel down
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- commit 2fb56b9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 11:44:20 CET 2023 - rfrohl@suse.com
|
||||
|
||||
|
@ -18,7 +18,7 @@
|
||||
|
||||
%define srcversion 6.1
|
||||
%define patchversion 6.1.68
|
||||
%define git_commit e2d741cef0471025440ebcccd404bbf178a465bc
|
||||
%define git_commit d8ec79088b4105e57ee7e9f68bc366a9a6b9bcd4
|
||||
%define variant -longterm%{nil}
|
||||
|
||||
%include %_sourcedir/kernel-spec-macros
|
||||
@ -33,7 +33,7 @@
|
||||
Name: kernel-source-longterm
|
||||
Version: 6.1.68
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.ge2d741c
|
||||
Release: <RELEASE>.gd8ec790
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
@ -1,3 +1,24 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Dec 15 11:22:01 CET 2023 - rfrohl@suse.com
|
||||
|
||||
- KEYS: Make use of platform keyring for module signature verify
|
||||
(FATE#314508, FATE#316531, bsc#1209006).
|
||||
- commit d8ec790
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 13:08:40 CET 2023 - rfrohl@suse.com
|
||||
|
||||
- efi: Lock down the kernel at the integrity level if booted in
|
||||
secure boot mode (jsc#SLE-9870 boo#1217741).
|
||||
- Update config files.
|
||||
- efi: Lock down the kernel if booted in secure boot mode
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- security: lockdown: expose a hook to lock the kernel down
|
||||
(jsc#SLE-9870 boo#1217741).
|
||||
- commit 2fb56b9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 14 11:44:20 CET 2023 - rfrohl@suse.com
|
||||
|
||||
|
@ -16,7 +16,7 @@
|
||||
#
|
||||
|
||||
|
||||
%define git_commit e2d741cef0471025440ebcccd404bbf178a465bc
|
||||
%define git_commit d8ec79088b4105e57ee7e9f68bc366a9a6b9bcd4
|
||||
%define variant -longterm%{nil}
|
||||
|
||||
%include %_sourcedir/kernel-spec-macros
|
||||
@ -28,7 +28,7 @@ Group: Development/Sources
|
||||
Version: 6.1.68
|
||||
%if %using_buildservice
|
||||
%if 0%{?is_kotd}
|
||||
Release: <RELEASE>.ge2d741c
|
||||
Release: <RELEASE>.gd8ec790
|
||||
%else
|
||||
Release: 0
|
||||
%endif
|
||||
|
@ -1,3 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:db46fe0bbcf07a0169fa5294b3685e4351e8f61dfe8509e655e601b319bb40f4
|
||||
size 40001
|
||||
oid sha256:12a83696278849146ec63c424045c476bebe8b8466d647f6bf98254daa726013
|
||||
size 43940
|
||||
|
11
series.conf
11
series.conf
@ -12213,6 +12213,17 @@
|
||||
# Security
|
||||
########################################################
|
||||
|
||||
# Module signing / secure boot
|
||||
patches.suse/KEYS-Make-use-of-platform-keyring-for-module-signatu.patch
|
||||
|
||||
# Bug 1198101 - VUL-0: shim: openSUSE tumbleweed not fully locked down? Add opensuse-cert-prompt back to openSUSE shim
|
||||
# Bug 1217741 - slowroll kernel missing lockdown patches
|
||||
# Lock down functions for secure boot
|
||||
patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch
|
||||
patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch
|
||||
patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch
|
||||
patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch
|
||||
|
||||
# crypto
|
||||
|
||||
########################################################
|
||||
|
@ -1,3 +1,3 @@
|
||||
2023-12-14 10:47:15 +0000
|
||||
GIT Revision: e2d741cef0471025440ebcccd404bbf178a465bc
|
||||
2023-12-15 10:22:01 +0000
|
||||
GIT Revision: d8ec79088b4105e57ee7e9f68bc366a9a6b9bcd4
|
||||
GIT Branch: slowroll
|
||||
|
Loading…
Reference in New Issue
Block a user