Accepting request 1069861 from security
- Drop trousers requirement - Update to version 0.8.0: * swtpm: + Implement release-lock-outgoing parameter for --migration option + Introduce --migration option and 'incoming' parameter + Implement terminate parameter for ctrl channel loss + Add a chroot option + Introduce disable-auto-shutdown flag for --flags option + If necessary send TPM2_Shutdown() before TPMLIB_Terminate() + Add some more recent syscalls to seccomp profile + Disable OpenSSL FIPS mode to avoid libtpms failures + Avoid locking directory multiple times + Remove support for pre-v0.1 state files without header + Use uint64_t in tlv_data_append() to avoid integer overflows + Use uint64_t to avoid integer wrap-around when adding a uint32_t + Do not chdir(/) when using --daemon + Check header size indicator against expected size (CVE-2022-23645 bsc#1196240) + Fixes for gcc 12.2.1 -fanalyzer * build-sys: + Fix configure script to support _FORTIFY_SOURCE=3 + Define __USE_LINUX_IOCTL_DEFS in header file (Cygwin) * swtpm-localca: + Re-implement variable resolution for swtpm-localca.conf + Test for available issuercert before creating CA * swtpm_setup: + Configure swtpm to log to stdout/err if needed (glib >=2.74) * tests: + Use ${WORKDIR} in config files to test env. var replacement + Patch IBM TSS2 test suite for OpenSSL 3.x OBS-URL: https://build.opensuse.org/request/show/1069861 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/swtpm?expand=0&rev=13
This commit is contained in:
commit
3b651e6494
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e856d1f5842fb3335164f02f2c545dd329efbc3416db20b7a327e991a4cd49c8
|
||||
size 354088
|
BIN
swtpm-0.8.0.tar.gz
(Stored with Git LFS)
Normal file
BIN
swtpm-0.8.0.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
@ -1,3 +1,42 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 6 20:21:50 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Drop trousers requirement
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 6 16:34:33 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Update to version 0.8.0:
|
||||
* swtpm:
|
||||
+ Implement release-lock-outgoing parameter for --migration option
|
||||
+ Introduce --migration option and 'incoming' parameter
|
||||
+ Implement terminate parameter for ctrl channel loss
|
||||
+ Add a chroot option
|
||||
+ Introduce disable-auto-shutdown flag for --flags option
|
||||
+ If necessary send TPM2_Shutdown() before TPMLIB_Terminate()
|
||||
+ Add some more recent syscalls to seccomp profile
|
||||
+ Disable OpenSSL FIPS mode to avoid libtpms failures
|
||||
+ Avoid locking directory multiple times
|
||||
+ Remove support for pre-v0.1 state files without header
|
||||
+ Use uint64_t in tlv_data_append() to avoid integer overflows
|
||||
+ Use uint64_t to avoid integer wrap-around when adding a uint32_t
|
||||
+ Do not chdir(/) when using --daemon
|
||||
+ Check header size indicator against expected size (CVE-2022-23645 bsc#1196240)
|
||||
+ Fixes for gcc 12.2.1 -fanalyzer
|
||||
* build-sys:
|
||||
+ Fix configure script to support _FORTIFY_SOURCE=3
|
||||
+ Define __USE_LINUX_IOCTL_DEFS in header file (Cygwin)
|
||||
* swtpm-localca:
|
||||
+ Re-implement variable resolution for swtpm-localca.conf
|
||||
+ Test for available issuercert before creating CA
|
||||
* swtpm_setup:
|
||||
+ Configure swtpm to log to stdout/err if needed (glib >=2.74)
|
||||
* tests:
|
||||
+ Use ${WORKDIR} in config files to test env. var replacement
|
||||
+ Patch IBM TSS2 test suite for OpenSSL 3.x
|
||||
* build-sys:
|
||||
+ Add probing for -fstack-protector
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 29 07:41:51 UTC 2022 - Marcus Meissner <meissner@suse.com>
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package swtpm
|
||||
#
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -24,7 +24,7 @@
|
||||
%define modulename2 swtpm_svirt
|
||||
%define modulename3 swtpmcuse
|
||||
Name: swtpm
|
||||
Version: 0.7.3
|
||||
Version: 0.8.0
|
||||
Release: 0
|
||||
Summary: Software TPM emulator
|
||||
License: BSD-3-Clause
|
||||
@ -54,7 +54,6 @@ BuildRequires: pkgconfig(json-glib-1.0)
|
||||
BuildRequires: pkgconfig(systemd)
|
||||
Requires: iproute2
|
||||
Requires: python3-cryptography
|
||||
Requires: trousers
|
||||
Requires: (%{name}-selinux if selinux-policy-base)
|
||||
Requires(pre): user(tss)
|
||||
|
||||
@ -137,6 +136,7 @@ fi
|
||||
%{_datadir}/swtpm
|
||||
%dir %{_libdir}/swtpm
|
||||
%{_libdir}/swtpm/*.so.*
|
||||
%{_mandir}/man5/swtpm*%{?ext_man}
|
||||
%{_mandir}/man8/swtpm*%{?ext_man}
|
||||
%dir %attr(0750,tss,root) %{_localstatedir}/lib/swtpm-localca
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user