swtpm/swtpm.changes

-------------------------------------------------------------------
Sat Jul 11 08:31:54 UTC 2020 - Kai Liu <kai.liu@suse.com>

- Update to 0.3.2:
  + swtpm:
    + Remove unnecessary #include <seccomp.h> (fixes SuSE build)
    + Make coverity happy by handling default case in case
      statement
  + swtpm_setup:
    + bugfix: Create ECC storage primary key in owner hierarchy
    + bugfix: remove tpm2_stirrandom and tpm2_changeeps
  + tests:
    + Adjusted pcrUpdateCounter in tests to succeed with PCR TCB
      group fixes in libtpms TPM 2 code

-------------------------------------------------------------------
Wed Apr 22 03:25:36 UTC 2020 - Gary Ching-Pang Lin <glin@suse.com>

- Update to 0.3.1
  + swtpm: Fix vtpm proxy case without startup flags
  + swtpm: Only call memcpy if tocopy != 0 (coverity)
  + man: Document new startup options and capabilities
    advertisement
  + swtpm: Enable sending startup commands before processing
    commands
  + swtpm_cert: Accept serial numbers that use up to 64bits
  + swtpm_cert: Use getopt_long_only to parse options
  + swtpm_cert: Add support for --print-capabilities option
  + swtpm_cert: Allow passing signing key and parent key via new
    option
  + swtpm_setup: Enable spaces in paths and other variables
  + swtpm_ioctl: Calculate strlen(input) only once
  + swtpm_ioctl: Block SIGPIPE so we can get EPIPE on write()
  + swtpm_bios: Block SIGPIPE so we can get EPIPE on write()
  + swtpm: Only accept() new client ctrl connection if we have none
  + swtpm_setup: Do not fail on future PCR banks' hashes
  + swtpm_setup: Use 1st part of SWTPM_EXE/SWTPM_IOCTL to determine
    executable
  + swtpm_setup: Keep reserved range of file descriptors for
    swtpm_setup.sh
  + swtpm_setup: Log about encryption and fix c&p error in err msg
  + swtpm: Add --print-capabilities to help screen of
    'swtpm chardev'
  + swtpm_ioctl: Fix uninitialized variable 'pgi'
  + swtpm_cert: Use gnutls_x509_crt_get_subject_key_id API call for
    subj keyId
  + swtpm_cert: Fix OIDs for TPM 2 platforms data
  + swtpm: Fix typo in error report: HMAC instead of hash
  + swtpm: Use writev_full rather than writev; fixes --vtpm-proxy
    EIO error
- Refresh swtpm-setup-tcsd-path.patch

-------------------------------------------------------------------
Fri Jan  3 01:52:45 UTC 2020 - Gary Ching-Pang Lin <glin@suse.com>

- Amend swtpm-adjust-seccomp-path.patch to add the missing seccomp
  paths
- Adjust the conditional check of net-tools-deprecated for SLE15
  and SLE15-SP1

-------------------------------------------------------------------
Thu Sep  5 08:00:27 UTC 2019 - Gary Ching-Pang Lin <glin@suse.com>

- Update to 0.2.0
  +Linux: swtpm now runs with a seccomp profile (blacklist) if
           compiled with libseccomp support
  + Added subpport for passing key and passphrase via file
    descriptor
  + TPM 2 commands can now be prefixed by 'the TCG header' and
    responses will have a 4-byte prefix and 4-byte suffix.
  + Added --print-capabilities command line option
  + Proper handling on EINTR on read, poll, and write
- Patches to adjust the pathes
  + swtpm-tpm-tools-path.patch
  + swtpm-setup-tcsd-path.patch
  + swtpm-adjust-seccomp-path.patch

-------------------------------------------------------------------
Tue May 15 08:37:16 UTC 2018 - glin@suse.com

- Initial import: 0.1.0-dev2
Accepting request 820470 from home:kailiu:branches:security Version bump to 0.3.2. OBS-URL: https://build.opensuse.org/request/show/820470 OBS-URL: https://build.opensuse.org/package/show/security/swtpm?expand=0&rev=4 2020-07-13 03:21:22 +02:00			`-------------------------------------------------------------------`
			`Sat Jul 11 08:31:54 UTC 2020 - Kai Liu <kai.liu@suse.com>`

			`- Update to 0.3.2:`
			`+ swtpm:`
			`+ Remove unnecessary #include <seccomp.h> (fixes SuSE build)`
			`+ Make coverity happy by handling default case in case`
			`statement`
			`+ swtpm_setup:`
			`+ bugfix: Create ECC storage primary key in owner hierarchy`
			`+ bugfix: remove tpm2_stirrandom and tpm2_changeeps`
			`+ tests:`
			`+ Adjusted pcrUpdateCounter in tests to succeed with PCR TCB`
			`group fixes in libtpms TPM 2 code`

Accepting request 796145 from home:gary_lin:branches:security Update to 0.3.1 OBS-URL: https://build.opensuse.org/request/show/796145 OBS-URL: https://build.opensuse.org/package/show/security/swtpm?expand=0&rev=3 2020-04-22 07:29:30 +02:00			`-------------------------------------------------------------------`
			`Wed Apr 22 03:25:36 UTC 2020 - Gary Ching-Pang Lin <glin@suse.com>`

			`- Update to 0.3.1`
			`+ swtpm: Fix vtpm proxy case without startup flags`
			`+ swtpm: Only call memcpy if tocopy != 0 (coverity)`
			`+ man: Document new startup options and capabilities`
			`advertisement`
			`+ swtpm: Enable sending startup commands before processing`
			`commands`
			`+ swtpm_cert: Accept serial numbers that use up to 64bits`
			`+ swtpm_cert: Use getopt_long_only to parse options`
			`+ swtpm_cert: Add support for --print-capabilities option`
			`+ swtpm_cert: Allow passing signing key and parent key via new`
			`option`
			`+ swtpm_setup: Enable spaces in paths and other variables`
			`+ swtpm_ioctl: Calculate strlen(input) only once`
			`+ swtpm_ioctl: Block SIGPIPE so we can get EPIPE on write()`
			`+ swtpm_bios: Block SIGPIPE so we can get EPIPE on write()`
			`+ swtpm: Only accept() new client ctrl connection if we have none`
			`+ swtpm_setup: Do not fail on future PCR banks' hashes`
			`+ swtpm_setup: Use 1st part of SWTPM_EXE/SWTPM_IOCTL to determine`
			`executable`
			`+ swtpm_setup: Keep reserved range of file descriptors for`
			`swtpm_setup.sh`
			`+ swtpm_setup: Log about encryption and fix c&p error in err msg`
			`+ swtpm: Add --print-capabilities to help screen of`
			`'swtpm chardev'`
			`+ swtpm_ioctl: Fix uninitialized variable 'pgi'`
			`+ swtpm_cert: Use gnutls_x509_crt_get_subject_key_id API call for`
			`subj keyId`
			`+ swtpm_cert: Fix OIDs for TPM 2 platforms data`
			`+ swtpm: Fix typo in error report: HMAC instead of hash`
			`+ swtpm: Use writev_full rather than writev; fixes --vtpm-proxy`
			`EIO error`
			`- Refresh swtpm-setup-tcsd-path.patch`

Accepting request 760525 from home:gary_lin:branches:security - Amend swtpm-adjust-seccomp-path.patch to add the missing seccomp paths - Adjust the conditional check of net-tools-deprecated for SLE15 and SLE15-SP1 OBS-URL: https://build.opensuse.org/request/show/760525 OBS-URL: https://build.opensuse.org/package/show/security/swtpm?expand=0&rev=2 2020-01-06 02:46:00 +01:00			`-------------------------------------------------------------------`
			`Fri Jan 3 01:52:45 UTC 2020 - Gary Ching-Pang Lin <glin@suse.com>`

			`- Amend swtpm-adjust-seccomp-path.patch to add the missing seccomp`
			`paths`
			`- Adjust the conditional check of net-tools-deprecated for SLE15`
			`and SLE15-SP1`

Accepting request 754264 from home:gary_lin:swtpm swtpm is a Libtpms-based TPM emulator and useful to testing tpm functions in qemu. OBS-URL: https://build.opensuse.org/request/show/754264 OBS-URL: https://build.opensuse.org/package/show/security/swtpm?expand=0&rev=1 2019-12-13 18:12:18 +01:00			`-------------------------------------------------------------------`
			`Thu Sep 5 08:00:27 UTC 2019 - Gary Ching-Pang Lin <glin@suse.com>`

			`- Update to 0.2.0`
			`+Linux: swtpm now runs with a seccomp profile (blacklist) if`
			`compiled with libseccomp support`
			`+ Added subpport for passing key and passphrase via file`
			`descriptor`
			`+ TPM 2 commands can now be prefixed by 'the TCG header' and`
			`responses will have a 4-byte prefix and 4-byte suffix.`
			`+ Added --print-capabilities command line option`
			`+ Proper handling on EINTR on read, poll, and write`
			`- Patches to adjust the pathes`
			`+ swtpm-tpm-tools-path.patch`
			`+ swtpm-setup-tcsd-path.patch`
			`+ swtpm-adjust-seccomp-path.patch`

			`-------------------------------------------------------------------`
			`Tue May 15 08:37:16 UTC 2018 - glin@suse.com`

			`- Initial import: 0.1.0-dev2`