Accepting request 930649 from security

- Update to version 0.7.0:
  - swtpm:
    - Support for linear file storage backend (file://)
    - Report 'tpm-1.2' & 'tpm-2.0' in --print-capabilities depending what
      libtpms supports
    - Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs
    - Wipe keys from stack and heap
    - Many other small changes
    - Make --daemon not racy
  - swtpm_setup:
    - Only activate SHA256 PCR bank, not SHA1 bank anymore by default
    - Support for linear file storage backend (file://)
    - Implement option --create-config-files to create config files
    - Use non-deprecated APIs to contruct RSA key (OSSL 3)
    - Report stderr as returned by external tool (swtpm-localcal)
    - Replace '+' and ',' characters in VMId's to make work with
      common name in X509 subject
    - Add support for --reconfigure flag to change active PCR banks
  - swtpm_localca:
    - Created certificates for CAs and TPM that do not expire
  - swtpm_cert:
    - Allow passing -1 for days to get a non-expiring certificate
  - test:
    - ASAN-related test changes and skipping of tests if ASAN is used
    - Fix tests using tpm2-abrmd by preventing concurrency
    - Skip chardev related tests after checking for chardev support
    - exit with error code if mktemp fails
    - OSSL 3: Make TPM 1.2 test compile; skip IBM TSS 2 test
  - build-sys:
    - Introduce --enable-sanitizers to configure

OBS-URL: https://build.opensuse.org/request/show/930649
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/swtpm?expand=0&rev=8

swtpm-0.6.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:114905d6a51af89baac9ac279bf6534761e01adcf9c9bb298f1c09c7d4b2599d
-size 326488

swtpm-0.7.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:bed41871ad42ec852c450f5764be36b6c16456b943b912351eca9c29ce382976
+size 353641

swtpm.changes

@@ -1,3 +1,39 @@
+-------------------------------------------------------------------
+Wed Nov 10 08:49:00 UTC 2021 - Marcus Meissner <meissner@suse.com>
+
+- Update to version 0.7.0:
+  - swtpm:
+    - Support for linear file storage backend (file://)
+    - Report 'tpm-1.2' & 'tpm-2.0' in --print-capabilities depending what
+      libtpms supports
+    - Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs
+    - Wipe keys from stack and heap
+    - Many other small changes
+    - Make --daemon not racy
+  - swtpm_setup:
+    - Only activate SHA256 PCR bank, not SHA1 bank anymore by default
+    - Support for linear file storage backend (file://)
+    - Implement option --create-config-files to create config files
+    - Use non-deprecated APIs to contruct RSA key (OSSL 3)
+    - Report stderr as returned by external tool (swtpm-localcal)
+    - Replace '+' and ',' characters in VMId's to make work with
+      common name in X509 subject
+    - Add support for --reconfigure flag to change active PCR banks
+  - swtpm_localca:
+    - Created certificates for CAs and TPM that do not expire
+  - swtpm_cert:
+    - Allow passing -1 for days to get a non-expiring certificate
+  - test:
+    - ASAN-related test changes and skipping of tests if ASAN is used
+    - Fix tests using tpm2-abrmd by preventing concurrency
+    - Skip chardev related tests after checking for chardev support
+    - exit with error code if mktemp fails
+    - OSSL 3: Make TPM 1.2 test compile; skip IBM TSS 2 test
+  - build-sys:
+    - Introduce --enable-sanitizers to configure
+    - Remove check for pip3 that was used by python swtpm_setup
+    - Allow passing of aditional CFLAGS during build
+
 -------------------------------------------------------------------
 Wed Sep 22 09:33:29 UTC 2021 - Marcus Meissner <meissner@suse.com>
 

swtpm.spec

@@ -24,7 +24,7 @@
 %define modulename2 swtpm_svirt
 %define modulename3 swtpmcuse
 Name:           swtpm
-Version:        0.6.1
+Version:        0.7.0
 Release:        0
 Summary:        Software TPM emulator
 License:        BSD-3-Clause