Accepting request 1069861 from security

- Drop trousers requirement - Update to version 0.8.0: * swtpm: + Implement release-lock-outgoing parameter for --migration option + Introduce --migration option and 'incoming' parameter + Implement terminate parameter for ctrl channel loss + Add a chroot option + Introduce disable-auto-shutdown flag for --flags option + If necessary send TPM2_Shutdown() before TPMLIB_Terminate() + Add some more recent syscalls to seccomp profile + Disable OpenSSL FIPS mode to avoid libtpms failures + Avoid locking directory multiple times + Remove support for pre-v0.1 state files without header + Use uint64_t in tlv_data_append() to avoid integer overflows + Use uint64_t to avoid integer wrap-around when adding a uint32_t + Do not chdir(/) when using --daemon + Check header size indicator against expected size (CVE-2022-23645 bsc#1196240) + Fixes for gcc 12.2.1 -fanalyzer * build-sys: + Fix configure script to support _FORTIFY_SOURCE=3 + Define __USE_LINUX_IOCTL_DEFS in header file (Cygwin) * swtpm-localca: + Re-implement variable resolution for swtpm-localca.conf + Test for available issuercert before creating CA * swtpm_setup: + Configure swtpm to log to stdout/err if needed (glib >=2.74) * tests: + Use ${WORKDIR} in config files to test env. var replacement + Patch IBM TSS2 test suite for OpenSSL 3.x OBS-URL: https://build.opensuse.org/request/show/1069861 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/swtpm?expand=0&rev=13
2023-03-08 13:51:29 +00:00 · 2023-03-08 13:51:29 +00:00 · 3b651e6494
commit 3b651e6494
parent 98513e2108 93f24082f9
4 changed files with 45 additions and 6 deletions
--- a/swtpm-0.7.3.tar.gz
+++ b/swtpm-0.7.3.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e856d1f5842fb3335164f02f2c545dd329efbc3416db20b7a327e991a4cd49c8
-size 354088
--- a/swtpm-0.8.0.tar.gz
+++ b/swtpm-0.8.0.tar.gz
--- a/swtpm.changes
+++ b/swtpm.changes
@ -1,3 +1,42 @@
+-------------------------------------------------------------------
+Mon Mar  6 20:21:50 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
+
+- Drop trousers requirement
+
+-------------------------------------------------------------------
+Mon Mar  6 16:34:33 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>
+
+- Update to version 0.8.0:
+  * swtpm:
+    + Implement release-lock-outgoing parameter for --migration option
+    + Introduce --migration option and 'incoming' parameter
+    + Implement terminate parameter for ctrl channel loss
+    + Add a chroot option
+    + Introduce disable-auto-shutdown flag for --flags option
+    + If necessary send TPM2_Shutdown() before TPMLIB_Terminate()
+    + Add some more recent syscalls to seccomp profile
+    + Disable OpenSSL FIPS mode to avoid libtpms failures
+    + Avoid locking directory multiple times
+    + Remove support for pre-v0.1 state files without header
+    + Use uint64_t in tlv_data_append() to avoid integer overflows
+    + Use uint64_t to avoid integer wrap-around when adding a uint32_t
+    + Do not chdir(/) when using --daemon
+    + Check header size indicator against expected size (CVE-2022-23645 bsc#1196240)
+    + Fixes for gcc 12.2.1 -fanalyzer
+  * build-sys:
+    + Fix configure script to support _FORTIFY_SOURCE=3
+    + Define __USE_LINUX_IOCTL_DEFS in header file (Cygwin)
+  * swtpm-localca:
+    + Re-implement variable resolution for swtpm-localca.conf
+    + Test for available issuercert before creating CA
+  * swtpm_setup:
+    + Configure swtpm to log to stdout/err if needed (glib >=2.74)
+  * tests:
+    + Use ${WORKDIR} in config files to test env. var replacement
+    + Patch IBM TSS2 test suite for OpenSSL 3.x
+  * build-sys:
+    + Add probing for -fstack-protector
+
 -------------------------------------------------------------------
 Fri Apr 29 07:41:51 UTC 2022 - Marcus Meissner <meissner@suse.com>

--- a/swtpm.spec
+++ b/swtpm.spec
@ -1,7 +1,7 @@
 #
 # spec file for package swtpm
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -24,7 +24,7 @@
 %define modulename2 swtpm_svirt
 %define modulename3 swtpmcuse
 Name:           swtpm
-Version:        0.7.3
+Version:        0.8.0
 Release:        0
 Summary:        Software TPM emulator
 License:        BSD-3-Clause
@ -54,7 +54,6 @@ BuildRequires:  pkgconfig(json-glib-1.0)
 BuildRequires:  pkgconfig(systemd)
 Requires:       iproute2
 Requires:       python3-cryptography
-Requires:       trousers
 Requires:       (%{name}-selinux if selinux-policy-base)
 Requires(pre):  user(tss)

@ -137,6 +136,7 @@ fi
 %{_datadir}/swtpm
 %dir %{_libdir}/swtpm
 %{_libdir}/swtpm/*.so.*
+%{_mandir}/man5/swtpm*%{?ext_man}
 %{_mandir}/man8/swtpm*%{?ext_man}
 %dir %attr(0750,tss,root) %{_localstatedir}/lib/swtpm-localca