leap-16.1 #2

Open

jubalh wants to merge 10 commits from jubalh/sbctl:leap-16.1 into leap-16.1

pull from: jubalh/sbctl:leap-16.1

merge into: pool:leap-16.1

pool:factory

pool:leap-16.0

pool:leap-16.1

Conversation 2 Commits 10 Files Changed 6 +84 -14

jubalh commented 2026-01-22 09:35:51 +01:00

First-time contributor

Copy Link

No description provided.

jubalh added 10 commits 2026-01-22 09:35:51 +01:00

- Disable tests that fail due to gh/foxboron/sbctl#343 ... 46227b9917

- Update to version 0.16:
  * Ensure sbctl reads --config even if /etc/sbctl/sbctl.conf is
    present
  * Fixed a bug where sbctl would abort if the TPM eventlog
    contains the same byte multiple times
  * Fixed a landlock bug where enroll-keys --export did not work
  * Fixed a bug where an ESP mounted to multiple paths would not be
    detected
  * Exporting keys without efivars present work again
  * sbctl sign will now use the saved output path if the signed
    file is enrolled
  * enroll-keys --append will now work without --force.
- Updates from version 0.15.4:
  * Fixed an issue where sign-all did not report a non-zero exit
    code when something failed
  * Fixed and issue where we couldn't write to a file with landlock
  * Fixed an issue where --json would print the human readable
    output and the json
  * Fixes landlock for UKI/bundles by disabling the sandbox feature
  * Some doc fixups that mentioned /usr/share/

OBS-URL: https://build.opensuse.org/package/show/utilities/sbctl?expand=0&rev=13

Accepting request 1223291 from utilities ... e4a2885070

OBS-URL: https://build.opensuse.org/request/show/1223291
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sbctl?expand=0&rev=5

- Update to version 0.17: ... 07ab3bca73

* Ensure we don't wrongly compare input/output files when signing
  * Added --json supprt to sbctl verify
  * Ensure sbctl setup with no arguments returns a helpful output
  * Import latest Microsoft keys for KEK and db databases
  * Ensure we print the path of the file when encountering an invalid PE file
  * Misc fixups in tests
  * Misc typo fixes in prints

OBS-URL: https://build.opensuse.org/package/show/utilities/sbctl?expand=0&rev=15

Accepting request 1274530 from utilities ... dae1d4d9fa

OBS-URL: https://build.opensuse.org/request/show/1274530
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sbctl?expand=0&rev=6

- bsc#1248949 (CVE-2025-58058): ... 5c51d31a33

Bump xz to 0.5.14

OBS-URL: https://build.opensuse.org/package/show/utilities/sbctl?expand=0&rev=17

Accepting request 1302168 from utilities ... c60bbc1c3c

- bsc#1248949 (CVE-2025-58058):
  Bump xz to 0.5.14

OBS-URL: https://build.opensuse.org/request/show/1302168
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sbctl?expand=0&rev=7

- Update to version 0.18: ... 1637564abc

* logging: fixup new go vet warning
  * workflows: add cc for cross compile
  * workflow: add sudo to apt
  * workflow: add pcsclite to ci
  * workflow: try enable cgo
  * go.mod: update golang.org/x/ dependencies
  * fix: avoid adding bogus Country attribute to subject DNs
  * sbctl: only store file if we did actually sign the file
  * installkernel: add post install hook for Debian's traditional installkernel
  * CI: missing libpcsclite pkg
  * workflows: add missing depends and new pattern keyword
  * Add yubikey example for create keys to the README
  * Initial yubikey backend keytype support
  * verify: ensure we pass args in correct order

OBS-URL: https://build.opensuse.org/package/show/utilities/sbctl?expand=0&rev=19

Accepting request 1311046 from utilities ... 217ce0a4d2

OBS-URL: https://build.opensuse.org/request/show/1311046
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sbctl?expand=0&rev=8

bsc#1251399, CVE-2025-47911 and bsc#1251609, CVE-2025-58190 ... f08c042844

OBS-URL: https://build.opensuse.org/package/show/utilities/sbctl?expand=0&rev=21

Accepting request 1318215 from utilities ... ff582da4e2

OBS-URL: https://build.opensuse.org/request/show/1318215
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sbctl?expand=0&rev=9

autogits_workflow_pr_bot referenced this pull request from products/PackageHub 2026-01-22 09:36:20 +01:00

Forwarded PRs: sbctl #349

autogits_workflow_pr_bot referenced this issue from a commit 2026-01-22 09:36:20 +01:00

auto-created for sbctl

autogits_workflow_pr_bot requested review from legaldb 2026-01-22 09:36:22 +01:00

autogits_workflow_pr_bot requested review from packagehub-review 2026-01-22 09:36:22 +01:00

packagehub-review requested review from bigironman 2026-01-22 09:37:33 +01:00

packagehub-review requested review from lkocman-factory 2026-01-22 09:37:33 +01:00

packagehub-review requested review from maxlin_factory 2026-01-22 09:37:33 +01:00

packagehub-review requested review from smithfarm 2026-01-22 09:37:33 +01:00

packagehub-review commented 2026-01-22 09:37:33 +01:00

Member

Copy Link

Review by packagehub-review represents a group of reviewers: bigironman, lkocman-factory, maxlin_factory, smithfarm .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @packagehub-review: approve.
To request changes on behalf of the group, create the following comment: @packagehub-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by packagehub-review represents a group of reviewers: bigironman, lkocman-factory, maxlin_factory, smithfarm . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@packagehub-review: approve`. To request changes on behalf of the group, create the following comment: `@packagehub-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.

legaldb commented 2026-01-22 09:46:54 +01:00

Member

Copy Link

Legal review in progress.

Legal review [in progress](https://legaldb.suse.de/reviews/details/499122).

report.md

1.6 KiB

This pull request has official review requests.

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u leap-16.1:jubalh-leap-16.1

git checkout jubalh-leap-16.1

Sign in to join this conversation.

Reviewers

No Reviewers

legaldb

packagehub-review

bigironman

lkocman-factory

maxlin_factory

smithfarm

Labels

Clear labels

legaldb

Critical Priority

Critical legaldb priority

Archived

legaldb

High Priority

2

High legaldb priority

legaldb

Normal Priority

1

Normal legaldb priority

No Label

Milestone

No items

No Milestone

Assignees

Clear assignees

adamm_super adrianSuSE autobuild-owner autobuild-review autogits_workflow_pr_bot bigironman dirkmueller eroca factory_bot gitea_test legaldb lkocman-factory maxlin_factory opensuse-review packagehub-review smithfarm

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: pool/sbctl#2

Allow edits from maintainers