Compare commits
10 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
| ff582da4e2 | |||
| f08c042844 | |||
| 217ce0a4d2 | |||
|
1637564abc | ||
| c60bbc1c3c | |||
| 5c51d31a33 | |||
| dae1d4d9fa | |||
|
|
07ab3bca73 | ||
| e4a2885070 | |||
|
|
46227b9917 |
2
_service
2
_service
@@ -14,5 +14,7 @@
|
|||||||
<param name="compression">gz</param>
|
<param name="compression">gz</param>
|
||||||
</service>
|
</service>
|
||||||
<service name="go_modules" mode="manual">
|
<service name="go_modules" mode="manual">
|
||||||
|
<param name="replace">github.com/ulikunitz/xz=github.com/ulikunitz/xz@v0.5.14</param>
|
||||||
|
<param name="replace">golang.org/x/net=golang.org/x/net@v0.46.0</param>
|
||||||
</service>
|
</service>
|
||||||
</services>
|
</services>
|
||||||
|
|||||||
@@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:af78a78997f903aaa9d275d026e094cc4cbd668254ca320d463232728f91ad5f
|
|
||||||
size 17951470
|
|
||||||
3
sbctl-0.18.tar.gz
Normal file
3
sbctl-0.18.tar.gz
Normal file
@@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:f244890d1676bc9e7761ebbbdc7e94e516b47642ef37efd0b7b60e5223fcaaa5
|
||||||
|
size 17960022
|
||||||
@@ -1,3 +1,74 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Nov 12 07:29:18 UTC 2025 - Fridrich Strba <fstrba@suse.com>
|
||||||
|
|
||||||
|
- Upgrade the embedded golang.org/x/net to 0.46.0
|
||||||
|
* Fixes: bsc#1251399, CVE-2025-47911: various algorithms with
|
||||||
|
quadratic complexity when parsing HTML documents
|
||||||
|
* Fixes: bsc#1251609, CVE-2025-58190: excessive memory consumption
|
||||||
|
by 'html.ParseFragment' when processing specially crafted input
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Oct 13 09:06:05 UTC 2025 - Jan Loeser <rooterle@posteo.de>
|
||||||
|
|
||||||
|
- Update to version 0.18:
|
||||||
|
* logging: fixup new go vet warning
|
||||||
|
* workflows: add cc for cross compile
|
||||||
|
* workflow: add sudo to apt
|
||||||
|
* workflow: add pcsclite to ci
|
||||||
|
* workflow: try enable cgo
|
||||||
|
* go.mod: update golang.org/x/ dependencies
|
||||||
|
* fix: avoid adding bogus Country attribute to subject DNs
|
||||||
|
* sbctl: only store file if we did actually sign the file
|
||||||
|
* installkernel: add post install hook for Debian's traditional installkernel
|
||||||
|
* CI: missing libpcsclite pkg
|
||||||
|
* workflows: add missing depends and new pattern keyword
|
||||||
|
* Add yubikey example for create keys to the README
|
||||||
|
* Initial yubikey backend keytype support
|
||||||
|
* verify: ensure we pass args in correct order
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Sep 1 09:34:54 UTC 2025 - Michael Vetter <mvetter@suse.com>
|
||||||
|
|
||||||
|
- bsc#1248949 (CVE-2025-58058):
|
||||||
|
Bump xz to 0.5.14
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon May 5 11:24:29 UTC 2025 - Jan Loeser <jan.loeser@posteo.de>
|
||||||
|
|
||||||
|
- Update to version 0.17:
|
||||||
|
* Ensure we don't wrongly compare input/output files when signing
|
||||||
|
* Added --json supprt to sbctl verify
|
||||||
|
* Ensure sbctl setup with no arguments returns a helpful output
|
||||||
|
* Import latest Microsoft keys for KEK and db databases
|
||||||
|
* Ensure we print the path of the file when encountering an invalid PE file
|
||||||
|
* Misc fixups in tests
|
||||||
|
* Misc typo fixes in prints
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Oct 22 03:56:54 UTC 2024 - Joshua Smith <smolsheep@opensuse.org>
|
||||||
|
|
||||||
|
- Disable tests that fail due to gh/foxboron/sbctl#343
|
||||||
|
- Update to version 0.16:
|
||||||
|
* Ensure sbctl reads --config even if /etc/sbctl/sbctl.conf is
|
||||||
|
present
|
||||||
|
* Fixed a bug where sbctl would abort if the TPM eventlog
|
||||||
|
contains the same byte multiple times
|
||||||
|
* Fixed a landlock bug where enroll-keys --export did not work
|
||||||
|
* Fixed a bug where an ESP mounted to multiple paths would not be
|
||||||
|
detected
|
||||||
|
* Exporting keys without efivars present work again
|
||||||
|
* sbctl sign will now use the saved output path if the signed
|
||||||
|
file is enrolled
|
||||||
|
* enroll-keys --append will now work without --force.
|
||||||
|
- Updates from version 0.15.4:
|
||||||
|
* Fixed an issue where sign-all did not report a non-zero exit
|
||||||
|
code when something failed
|
||||||
|
* Fixed and issue where we couldn't write to a file with landlock
|
||||||
|
* Fixed an issue where --json would print the human readable
|
||||||
|
output and the json
|
||||||
|
* Fixes landlock for UKI/bundles by disabling the sandbox feature
|
||||||
|
* Some doc fixups that mentioned /usr/share/
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Wed Jul 31 23:55:22 UTC 2024 - Joshua Smith <smolsheep@opensuse.org>
|
Wed Jul 31 23:55:22 UTC 2024 - Joshua Smith <smolsheep@opensuse.org>
|
||||||
|
|
||||||
|
|||||||
15
sbctl.spec
15
sbctl.spec
@@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package sbctl
|
# spec file for package sbctl
|
||||||
#
|
#
|
||||||
# Copyright (c) 2024 SUSE LLC
|
# Copyright (c) 2025 SUSE LLC and contributors
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@@ -17,16 +17,12 @@
|
|||||||
|
|
||||||
|
|
||||||
Name: sbctl
|
Name: sbctl
|
||||||
Version: 0.15.3
|
Version: 0.18
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Secure Boot key manager
|
Summary: Secure Boot key manager
|
||||||
License: MIT
|
License: MIT
|
||||||
Group: System/Boot
|
Group: System/Boot
|
||||||
URL: https://github.com/Foxboron/sbctl
|
URL: https://github.com/Foxboron/sbctl
|
||||||
%if "%{_vendor}" == "debbuild"
|
|
||||||
# Needed to set Maintainer in output debs
|
|
||||||
Packager: Jan Loeser <jan.loeser@posteo.de>
|
|
||||||
%endif
|
|
||||||
Source: %{name}-%{version}.tar.gz
|
Source: %{name}-%{version}.tar.gz
|
||||||
Source1: vendor.tar.gz
|
Source1: vendor.tar.gz
|
||||||
Source2: %{name}-rpmlintrc
|
Source2: %{name}-rpmlintrc
|
||||||
@@ -42,10 +38,12 @@ BuildRequires: binutils
|
|||||||
%if 0%{?suse_version}
|
%if 0%{?suse_version}
|
||||||
BuildRequires: go >= 1.22.0
|
BuildRequires: go >= 1.22.0
|
||||||
BuildRequires: golang-packaging
|
BuildRequires: golang-packaging
|
||||||
|
BuildRequires: pcsc-lite-devel
|
||||||
BuildRequires: pkgconfig(openssl) > 3.0.0
|
BuildRequires: pkgconfig(openssl) > 3.0.0
|
||||||
%endif
|
%endif
|
||||||
%if 0%{?ubuntu}
|
%if 0%{?ubuntu}
|
||||||
BuildRequires: golang >= 1.22.0
|
BuildRequires: golang >= 1.22.0
|
||||||
|
BuildRequires: libpcsclite-dev
|
||||||
BuildRequires: libssl-dev > 3.0.0
|
BuildRequires: libssl-dev > 3.0.0
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@@ -74,21 +72,20 @@ VERSION="%{version}" %make_build all
|
|||||||
# Fix potential-bashisms rpmlint error by using bash shebang
|
# Fix potential-bashisms rpmlint error by using bash shebang
|
||||||
sed -i 's|bin/sh|bin/bash|' %{buildroot}%{_prefix}/lib/kernel/install.d/91-sbctl.install
|
sed -i 's|bin/sh|bin/bash|' %{buildroot}%{_prefix}/lib/kernel/install.d/91-sbctl.install
|
||||||
|
|
||||||
%check
|
|
||||||
%make_build test
|
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%doc README.md
|
%doc README.md
|
||||||
%license LICENSE
|
%license LICENSE
|
||||||
|
|
||||||
%dir %{_prefix}/lib/kernel/
|
%dir %{_prefix}/lib/kernel/
|
||||||
%dir %{_prefix}/lib/kernel/install.d/
|
%dir %{_prefix}/lib/kernel/install.d/
|
||||||
|
%dir %{_prefix}/lib/kernel/postinst.d/
|
||||||
%dir %{_datadir}/fish/
|
%dir %{_datadir}/fish/
|
||||||
%dir %{_datadir}/fish/vendor_completions.d/
|
%dir %{_datadir}/fish/vendor_completions.d/
|
||||||
%dir %{_datadir}/zsh/
|
%dir %{_datadir}/zsh/
|
||||||
%dir %{_datadir}/zsh/site-functions/
|
%dir %{_datadir}/zsh/site-functions/
|
||||||
|
|
||||||
%{_prefix}/lib/kernel/install.d/91-sbctl.install
|
%{_prefix}/lib/kernel/install.d/91-sbctl.install
|
||||||
|
%{_prefix}/lib/kernel/postinst.d/91-sbctl.install
|
||||||
%{_mandir}/man8/sbctl.8*
|
%{_mandir}/man8/sbctl.8*
|
||||||
%{_mandir}/man5/sbctl.conf.5*
|
%{_mandir}/man5/sbctl.conf.5*
|
||||||
%{_datadir}/bash-completion/completions/sbctl
|
%{_datadir}/bash-completion/completions/sbctl
|
||||||
|
|||||||
@@ -1,3 +1,3 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
version https://git-lfs.github.com/spec/v1
|
||||||
oid sha256:b66951060caf84826b0f64aa2dacc23fc8bfcbee06c7b633ac90f846d723a293
|
oid sha256:d2fc644ddb2b233faec1f29dd1199748667ff2a50640a8b5107920fef6ca1fa2
|
||||||
size 5705126
|
size 5068731
|
||||||
|
|||||||
Reference in New Issue
Block a user