Accepting request 1295960 from Base:System

OBS-URL: https://build.opensuse.org/request/show/1295960
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fwupd?expand=0&rev=101

_service

@@ -4,7 +4,7 @@
     <param name="url">https://github.com/fwupd/fwupd.git</param>
     <param name="scm">git</param>
     <param name="versionformat">@PARENT_TAG@+@TAG_OFFSET@</param>
-    <param name="revision">1.9.23</param>
+    <param name="revision">2.0.13</param>
     <param name="versionrewrite-pattern">(.*)\+0</param>
     <param name="versionrewrite-replacement">\1</param>
   </service>

fwupd-1.9.23.obscpio

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5e52dca5546ebe1727d3c8f86a9f881d024bf85d4a3c1c1cfd0bce9c3dfa62a3
-size 18383885

fwupd-2.0.13.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:283c2438ef2d5f70272ed28a08728877fcdf9ba71944d00b2bc982fa11435c68
+size 21016077

fwupd-bsc1130056-change-shim-path.patch

@@ -1,14 +1,13 @@
 diff --git a/plugins/uefi-capsule/fu-uefi-bootmgr.c b/plugins/uefi-capsule/fu-uefi-bootmgr.c
-index 9d9e30f..daa9b2c 100644
+index e7761b52..0a425455 100644
 --- a/plugins/uefi-capsule/fu-uefi-bootmgr.c
 +++ b/plugins/uefi-capsule/fu-uefi-bootmgr.c
-@@ -408,7 +408,8 @@ fu_uefi_bootmgr_bootnext(FuVolume *esp,
- 	/* test if we should use shim */
- 	secure_boot = fu_efivar_secure_boot_enabled(NULL);
- 	if (secure_boot) {
--		shim_app = fu_uefi_get_esp_app_path("shim", error);
-+		shim_app = g_strdup_printf ("%s/shim.efi",
-+					    fu_uefi_get_esp_path_for_os());
+@@ -368,7 +368,7 @@ fu_uefi_bootmgr_bootnext(FuEfivars *efivars,
+ 	if (!fu_efivars_get_secure_boot(efivars, &secureboot_enabled, error))
+ 		return FALSE;
+ 	if (secureboot_enabled) {
+-		shim_app = fu_uefi_get_esp_app_path(esp_path, "shim", error);
++		shim_app = g_strdup_printf ("%s/shim.efi", fu_uefi_get_esp_path_for_os(esp_path));
  		if (shim_app == NULL)
  			return FALSE;
  

fwupd-jscSLE-11766-close-efidir-leap-gap.patch

@@ -1,18 +0,0 @@
-Index: fwupd-1.9.14/plugins/uefi-capsule/fu-uefi-common.c
-===================================================================
---- fwupd-1.9.14.orig/plugins/uefi-capsule/fu-uefi-common.c
-+++ fwupd-1.9.14/plugins/uefi-capsule/fu-uefi-common.c
-@@ -235,9 +235,13 @@ fu_uefi_get_esp_path_for_os(void)
- 	g_autofree gchar *esp_path = NULL;
- 	g_autoptr(GError) error_local = NULL;
- 	g_autoptr(GHashTable) os_release = fwupd_get_os_release(&error_local);
-+	g_auto(GStrv) split = NULL;
- 	/* try to lookup /etc/os-release ID key */
- 	if (os_release != NULL) {
- 		os_release_id = g_hash_table_lookup(os_release, "ID");
-+		/* Overide os_release_id for SLE and openSUSE */
-+		split = g_strsplit (g_hash_table_lookup (os_release, "NAME"), " ", 2);
-+		os_release_id = g_ascii_strdown (split[0], -1);
- 	} else {
- 		g_debug("failed to get ID: %s", error_local->message);
- 	}

fwupd.changes

@@ -1,3 +1,478 @@
+-------------------------------------------------------------------
+Fri Jul 25 15:57:05 UTC 2025 - Andreas Stieger <andreas.stieger@gmx.de>
+
+- drop unneeded gpgme build dependency. GPG support is provided
+  with libjcat
+
+-------------------------------------------------------------------
+Tue Jul 22 10:47:51 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.13:
+  + This release adds the following features:
+    - Add a daemon config option to ignore efivars free space
+    - Add support for glob-aware version comparison requirements
+    - Allow targeting specific regions in FMAP when using flashrom
+    - Detect static variables and magic numbers during code review
+    - Remove the unused hailuck and rts54hid plugins
+  + This release fixes the following bugs:
+    - Align MTD erase up to the erasesize as necessary
+    - Allow parsing IGSC OptionROM when using fwupdtool
+    - Allow removing private flags from UEFI capsule devices in quirks
+    - Do not copy the vendor for Intel reference ME firmware
+    - Do not use an interactive console if stdout is redirected
+    - Fix the UEFI self-test when the capsule splash is disabled
+    - Get better device information when using PCI-backed MTD devices
+    - Get the Intel GPU SKU and SVN when using BMG hardware
+    - Make MBIM modem devices emulatable
+    - Make sure fwupdtool.exe is available in the Windows PATH
+    - Only show the 'Full Disk Encryption Detected' warning when required
+    - Set all QCDM modem devices to raw mode when updating
+    - Show all devices for fwupdtool get-devices --show-all --force
+    - Show correct dbx version if non-Microsoft entries are present
+    - Show KEK device attributes in fwupdmgr
+    - Use an alternate GUID when the Intel GPU is in recovery mode
+    - Use the kernel netlink hotplug socket when there is no Udev
+    - Various small changes to speed up startup by 60% and lower RSS by 40%
+  + This release adds support for the following hardware:
+    - HP USB-C 100W G6 Dock
+    - Logitech Bulk Controller pheripherals
+    - More MediaTek scaler devices
+
+-------------------------------------------------------------------
+Mon Jun 23 09:06:03 UTC 2025 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Fix %{_modulesloaddir}/fwupd-i2c.conf packaging
+
+-------------------------------------------------------------------
+Fri Jun 20 06:25:18 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.12:
+  + This release adds the following features:
+    - Add a config option for enforcing immutable device enumeration
+    - Add device emulation support for Thunderbolt host controllers
+    - Do the efivarfs free space checks for dbx, db, KEK and PK devices
+    - Ensure the i2c_dev kernel driver is always loaded if a module
+    - Parse the SBOM data from fwupdx64.efi if provided
+    - Support loading multiple coSWID blobs from PE files
+  + This release fixes the following bugs:
+    - Added HP Elitedesk G6 mini to not get dbx-updates
+    - Add two more uefi dbx checksum->version entries
+    - Be more useful when building modem device Instance IDs
+    - Convert asus-hid and legion-hid2 to hidraw to avoid possible input blips
+    - Do not create radio for Logitech RDFU-capable devices
+    - Fix a modem-manager regression where a PCI device had no vendor ID
+    - Fix a regression when updating DFOTA modem devices
+    - Fix self tests when building with -Defi_os_dir
+    - Fix self tests when the builder does not support DistroVersion
+    - Fix updating Thunderbolt host controllers with some version formats
+    - Handle HECI unsupported status (0x0b) for Dell hardware
+    - Make tar a dependency of the uefi-capsule tests
+    - Mark the KEK and db updates as affecting FDE like BitLocker
+    - Properly detect the Redfish reboot request for Dell servers
+    - Send the proper artifact firmware filename to the Redfish BMC
+    - Set the correct RMM device version for some Dell dock devices
+    - Use inhibits so that the rts54hub device is marked as non-updatable
+    - Use the virtual size to avoid padding when cutting PE sections
+    - Wait for the Logitech Scribe device to replug after updating
+  + This release adds support for the following hardware:
+    - HP Portable USB-C Hub
+    - More Foxconn 5G modem products
+    - More Intel Arc Battlemage products
+
+
+-------------------------------------------------------------------
+Wed Jun  4 13:02:53 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.11:
+  + This release adds the following features:
+    - Add a new check-reboot-needed command for scripts to use
+    - Read the SELinux state in the report failure metadata
+  + This release fixes the following bugs:
+    - Add some notes in the README about security-relevant build flags
+    - Add support for the Dell dock ownership command
+    - Add the subsystem VIDPID when provided by ModemManager
+    - Allow changing the rts54hub block size from a quirk entry
+    - Allow Legion HID2 downgrades without --force, and clear config on upgrades
+    - Allow specifying multiple DEVICE-IDs for the get-updates command
+    - Cache the stream when parsing the processed cabinet to fix the report upload
+    - Do not allow DBX updates on the AiStone X5KK4NAG
+    - Do not use translated low-level error messages in the failure report
+    - Fall back to the activation date if the X.509 cert has no suitable subject
+    - Fix newer Synaptics VMM9 devices by adding a delay after disabling RC
+    - Ignore some sanity checks when parsing PK, KEK and db certificates
+    - Increase timeout requested by logitech RDFU devices
+    - Never include systemd.machine_id in the failure report
+    - Parse the correct VendorID from the ModemManager device ID
+    - Process all pending event sources when waiting for replug
+    - Use the UEFI PK report attributes for the other UEFI plugins
+  + This release adds support for the following hardware:
+    - Lenovo Thunderbolt 5 Smart Dock
+
+-------------------------------------------------------------------
+Mon May 26 08:07:42 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.10:
+  + This release adds the following features:
+    - Include the AGESA version as the summary of the AMD secure processor device
+    - Include the UEFI PK certificate key ID in the uploaded problem report
+    - Provide a way for the client to restrict the GUID list to an emulated device
+  + This release fixes the following bugs:
+    - Do not allow dbx updates on the HP Elitebook 845 Gen10
+    - Do not warn about BIOS bugs we can easily work around
+    - Fix a regression in fwupdmgr emulation-save when recording some devices
+    - Fix a regression preventing installation of KEKs
+    - Fix a small memory leak when getting security attributes
+    - Never write a UX capsule when using Capsule-On-Disk
+    - Use the 'OnBattery' property from upower to tell if plugged in
+  + This release adds support for the following hardware:
+    - Lenovo Legion Touchpad
+    - Logitech MX Mechanical
+    - Poly Studio V72 and V12
+
+-------------------------------------------------------------------
+Thu May  8 09:05:31 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.9:
+  + This release adds the following features:
+    - Add some documentation about updating the KEK and db
+    - Allow installing multiple db certificate updates at the same time
+    - Show what certificate signed the EFI authenticated variable
+    - Use readline to look up inputs from user, and make it optional
+  + This release fixes the following bugs:
+    - Add several devices with broken firmware to the UEFI dbx blocklist
+    - Constructing the authenticated URI properly when using FirmwareBaseURI
+    - Do not enumerate non-updatable OptionROM devices
+    - Do not export Redfish backup partitions as devices
+    - Fix a crash when installing some Wacom firmware types
+    - Fix a crash when parsing uevents that are not KEY=VALUE
+    - Fix parsing the DFU descriptor when not using libusb
+    - Fix PK and KEK enumeration failure on some systems
+    - Fix SMBIOS parsing for ROM size >= 16MiB
+    - Include a resolution for more of the HSI failures
+    - Include more output when using fwupdtool get-devices --json
+    - Never allow updating updatable-hidden devices with fwupdtool
+    - Properly handle redfish location redirect when installing firmware
+    - Recognize a very old dbx hash to allow upgrades
+    - Require a reboot after updating Intel CVS devices
+    - Rework the MEI code so that a device can use more than one interface
+    - Rewrite the ModemManger plugin to be simpler and more supportable
+    - Simplify parsing USB descriptors
+  + This release adds support for the following hardware:
+    - Intel Arc Battlemage GPUs
+- Add explicit pkgconfig(libusb-1.0) B?uildREquires: pulled in by
+  gusb already, but having it explicit allows to add specific
+  version constrains.
+- Add pkgconfig(readline) BuildRequires: new dependency.
+
+-------------------------------------------------------------------
+Fri Apr 11 07:33:28 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.8:
+  + This release adds the following features:
+    - Add the updated UEFI db as a new HSI attribute
+    - Add two new plugins that can update the UEFI Signature Database and KEK
+  + This release fixes the following bugs:
+    - Add /sys/firmware/efi/efivars to ReadWritePaths
+    - Avoid any DPAUX IO if the BnR DPCD does not match
+    - Be more careful falling back to older emulation versions
+    - Detect the Firehose protocol features if not automatically sent
+    - Do not match SMC Redfish method on non-Supermicro hardware
+    - Do not show prompts or messages in --json mode
+    - Fix a critical warning when enumerating DTH135K0C
+    - Make the EFI LOADOPT either a path or ShimHive when setting metadata
+    - Match lowercase directory names when checking for ESP
+    - Only allow UEFI capsule updates on UEFI-capable architectures
+    - Set the version format when using fwupdtool install offline
+    - Support segment value 0 in the ccgx-dmc image parser
+
+-------------------------------------------------------------------
+Tue Mar 25 16:35:12 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.7:
+  + This release adds the following features:
+    - Allow calling 'fwupdtool security' with a fwupd version parameter
+    - A new plugin to update B&R DisplayPort receivers
+    - A new plugin to update Intel CVS cameras
+    - A new plugin to verify UEFI memory protection attributes
+    - A new quirk to signify that no additional ESP space is required
+    - Build additional Redfish instance IDs for Dell server hardware
+    - Implement the HPE proprietary Redfish firmware push method
+    - Support cabinet archives greater in size than 2GB
+    - Support for showing the SBOM release URL
+    - Support for UEFI capsule installation in the bootloader
+  + This release fixes the following bugs:
+    - Always close USB file descriptors after starting the daemon
+    - Do not add a Redfish release date if set to 00:00:00Z
+    - Fix a critical warning when rescanning a device with no GUIDs
+    - Fix a small memory leak when emumerating Logitech Rallysystem devices
+    - Fix a tiny Redfish memory leak when writing firmware
+    - Fix building against pygobject 3.52
+    - Fix Logitech BulkController setup for new device firmware versions
+    - Fix scaler-only Wacom USB update deployment
+    - Fix updating the RMM component in the dell-kestrel dock
+    - Fix writing new EFI variables to workaround a kernel regression
+    - Make PCI NAME and SSVID_SSPID based modem-manager IDs visible
+    - Parse firmware before putting the device into bootloader mode
+    - Prepend the capsule header when using Capsule-on-Disk
+    - Put a memory limit on decoding LZMA streams when parsing firmware
+    - Retry claiming the fastboot interface for up to 2500ms
+    - Trigger dpaux rescan on drm changes correctly
+    - Use the metadata version format to set the version_lowest when required
+  + This release adds support for the following hardware:
+    - Another HP wireless dongle
+    - Lenovo ThinkPad Thunderbolt 4 Smart Dock Gen2
+    - Lenovo USB-C Dual Display Travel Dock
+    - More EDL 5G modem devices
+- Drop 8583.patch and 8588.patch: fixed upsrtream.
+- Align meson call with current upstream supported parameters. 
+
+-------------------------------------------------------------------
+Mon Mar 17 15:11:43 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Add 8588.patch: Fix compile when using Pango >= 1.56.2.
+
+-------------------------------------------------------------------
+Tue Mar 11 14:41:20 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Add explicit pkgconfig(pango) BuildRequires: used to be pulled in
+  by python-gobject, but that's no longer the case with 3.52.
+- Add 8583.patch: Fix build againts pygobject 3.52.
+
+-------------------------------------------------------------------
+Fri Feb 14 13:22:21 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.6:
+  + This release adds the following features:
+    - Add 'fwupdtool efiboot-hive' to allow setting the nmbl cmdline
+    - Allow setting the inhibit reason from fwupdmgr
+    - Allow USB-provided hidraw devices to use DS-20 descriptors
+  + This release fixes the following bugs:
+    - Correctly deploy the dbx on MSI hardware
+    - Correctly extract the milestone from Lenovo version numbers
+    - Do not add invalid CoSWID entities to fix a fuzzing hang
+    - Fix Logitech HID++ child device detection
+    - Get the correct internal network VID and PID from Redfish
+    - Include the payload length in the Wacom scaler update start command
+    - Only use emulated devices when using device-emulate
+    - Reload the thunderbolt retimer version after the payload is deployed
+    - Speed up startup by ~1% by limiting the precision of percentage updates
+    - Support new version formats for future Huddly devices
+    - Updating the Logitech Rallybar in a more reliable way
+  + This release adds support for the following hardware:
+    -  HPE Gen10/Gen10+ devices using Redfish
+
+-------------------------------------------------------------------
+Mon Feb  3 14:12:39 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.5:
+  + This release adds the following features:
+    - Allow emulating devices reading EFI keys
+    - Allow skipping device tests by CPU architecture
+  + This release fixes the following bugs:
+    - Cleanup Dell kestrel devices when disconnected
+    - Correctly build binary EFI_SIGNATURE_LIST objects
+    - Do not allow dbx updates when no ESP was found
+    - Ignore BootXXXX entries that do not exist when checking the dbx
+    - Ignore EFI binaries that are zero-sized, or not well formed
+    - Inhibit dbx updates if snapd is not available when using Ubuntu-style FDE
+    - Only match the device checksum if the protocol matches
+    - Raise authentication requirements for emulation-load
+    - Request to upload failed reports for install/downgrade too
+    - Use the kernel architecture when building the dbx instance ID
+    - Write sbatlevel to PE/COFF files correctly
+  + This release adds support for the following hardware:
+    - More ELAN Fingerprint readers
+    - Star Labs StarLite Magnetic Keyboard
+
+-------------------------------------------------------------------
+Mon Jan 20 16:02:53 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.4+4:
+  + dell-kestrel: cleanup the devices when disconnected
+  + Raise authentication requirements for emulation-load
+  + uefi-dbx: Only list the version in the quirk file key
+- Update to version 2.0.4:
+  + This release adds the following features:
+    - Record the entire USB descriptor in the emulation data
+    - Return defined return code when network metadata refresh
+      fails
+  + This release fixes the following bugs:
+    - Add a new private flag of 'delayed-removal' to remove a
+      footgun
+    - Added a more specific instance ID for qc-s5gen2 USB devices
+    - Add fadvise64 to the systemd syscall allowlist
+    - Add the Unifying bootloader VID/PID as a full instance ID
+    - Allow disabling zero-length packet for modem-manager devices
+    - Allow recovering Logitech Bolt receiver in bootloader mode
+    - Correctly parse CSV streams without trailing NULs
+    - Detect if network is reachable before downloading metadata
+    - Disabling reading the OptionROM device after dumping
+    - Do not claim kernel interface to avoid Parade downstream port
+      resets
+    - Do not save BootOrder when measuring system integrity
+    - Enumerate child nordic-hid devices correctly
+    - Fix a possible critical warning for Mediatek scaler devices
+    - Fix Firehose padding for some modem-manager devices
+    - Fix UEFI capsule updates when using 4096 byte NVME blocksize
+    - Get the Dell dock update package version correctly
+    - Never read more of the composite stream from a partial stream
+    - Notify snapd about DBX updates
+    - Probe sd_mod before starting
+    - Properly handle FU_DEVICE_PRIVATE_FLAG_NO_GENERIC_GUIDS
+    - Remove the test for CSME 18 manufacturing lock
+    - Restore the Logitech compatibility UFY instance IDs
+    - Show the correct version when installing a same-device
+      composite update
+    - Show updates with problems when using 'fwupdmgr get-releases'
+    - Split up the AMD GPU VBIOS P/N for the version
+    - Use attr USB4_TYPE rather than guessing from
+      thunderbolt_domain
+    - Use the ISO date as a dbx version number for the Microsoft
+      KEK
+    - Use the KEK to set the dbx vendor ID
+
+-------------------------------------------------------------------
+Thu Jan  9 14:51:34 UTC 2025 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 2.0.3:
+  + This release adds the following features:
+    - Add a power quirk for Framework systems
+    - Speed up writing firmware to the new Dell dock
+  + This release fixes the following bugs:
+    - Deinitialize DRM after getting GPU marketing name to fix Xorg
+      startup
+    - Do not show 'Device has been removed' as a dock device error
+    - Fix a warning about legion-hid2 progress going backwards
+    - Fix some small memory leaks in realtek-mst and dell-kestrel
+    - Only mark supported Logitech devices as updatable
+    - Parse FDTs with missing END tokens to work on more
+      ChromeBooks
+    - Reduce the device emulation RSS requirement by ~40%
+    - Skip checking BootXXXX entries when the partition does not
+      exist
+  + This release adds support for the following hardware:
+    - Primax Ryder Mouse
+- Changes from version 2.0.2:
+  + Add fwupdtool 'get-version-formats' and 'vercmp' commands
+  + Add support for checking AMD HW configuration MSR
+  + Add support for enumerate-only device emulation to increase
+    test coverage
+  + Add support for passing a JSON file for emulation instead of
+    ZIP
+  + Remove support for now-obsolete CSR DFU and Nitrokey devices
+- Changes from version 2.0.1:
+  + Add API so that gnome-firmware can record devices for emulation
+  + Save the emulation-tag devices to the database rather than the
+    config file
+- Changes from version 2.0.0:
+  + Drop legacy signing formats for verification of metadata and
+    firmware
+  + Reduce the runtime memory usage and CPU startup cost
+    significantly
+  + Remove all the long-deprecated legacy CLI tools
+  + Remove libgusb and GUdev from plugins and use libusb and sysfs
+    instead
+  + Stream firmware binaries over a file descriptor rather than
+    into memory
+- Drop harden_fwupd-offline-update.service.patch: offline service
+  no longer exists.
+- Drop harden_fwupd-refresh.service.patch: merged upstream.
+- Drop fwupd-jscSLE-11766-close-efidir-leap-gap.patch: fwupd now
+  falls back to ID_LIKE.
+- Bump shlib_sover to 3, following upstream.
+- Add python3-dbusmock BuildRequires: new dependency.
+
+-------------------------------------------------------------------
+Thu Jan  9 06:38:36 UTC 2025 - Gary Ching-Pang Lin <glin@suse.com>
+
+- Update fwupd-bsc1130056-change-shim-path.patch to correct the
+  path for shim.efi
+
+-------------------------------------------------------------------
+Mon Dec 23 11:53:48 UTC 2024 - Callum Farmer <gmbr3@opensuse.org>
+
+- Correct efi_fw_update arch list:
+  * Remove ppc64le and s390x - these aren't supported
+  * Add armv6hl/armv7hl and riscv64 - support recently added
+
+-------------------------------------------------------------------
+Sat Dec 21 11:01:39 UTC 2024 - tobi.goergens@gmail.com
+
+- Update to version 1.9.27:
+  + This release fixes the following bugs:
+    - Add a power quirk for Framework systems
+    - Allow cros-ec repair the device after flush failure
+    - Check the VLI USB3 firmware size before erasing
+    - Disallow DBX updates on the Samsung Galaxy Book2 360
+    - Do not show 'Device has been removed' as a dock error
+    - Do not use a CMSE11 function when using CSME18
+    - Fix an unlikely memory leak when using ModemManger Sahara devices
+    - Fix a tiny memory leak in algoltek-usb when checking status
+    - Mark UEFI dbx updates as affecting full disk encryption
+    - Parse FDTs with missing END tokens
+    - Rename the dell-k2 plugin to dell-kestrel and rework the update flow
+  + This release adds support for the following hardware:
+    - Google GID8 Headset
+    - Parade PS188
+    - Primax Ryder Mouse
+    
+- Update to version 1.9.26:
+  + This release fixes the following bugs:
+    - Add HSI tests for Arrow and Meteor Lake CSME
+    - Allow UEFI capsule config values to be set with fwupdmgr modify-config
+    - Check for the logitech-bulkcontroller response packet length correctly
+    - Fix using ID_LIKE for fallback when ESP isn't mounted
+    - Fix various Coverity-reported overflowed constants
+    - Only compare the first 10 characters of the AMD GPU part number
+  + This release adds support for the following hardware:
+    - Jabra PanaCast
+    - Some Lenovo Legion HID devices
+
+-------------------------------------------------------------------
+Tue Oct 15 14:47:07 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Drop rcFOO symlinks (PED-266).
+
+-------------------------------------------------------------------
+Mon Oct 14 18:40:47 UTC 2024 - Matwey Kornilov <matwey.kornilov@gmail.com>
+
+- Enable plugin_amdgpu: the plugin built succesfully
+
+-------------------------------------------------------------------
+Wed Sep 25 08:47:28 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 1.9.25:
+  + This release fixes the following bugs:
+    - Fix checking new Synaptics MST firmware size
+    - Make another ModemManager instance ID visible for firmware
+      matching
+    - Never set a zero-length device name when matching the vendor
+      name
+    - Recalculate the device supported flag when reparenting
+      devices
+    - Reduce idle power consumption of paired logitech-hidpp
+      devices
+    - Retry the open action to fix BC901 NVMe reload
+  + This release adds support for the following hardware:
+    - Algoltek devices supporting sector erase
+    - Dell K2 dock
+    - Intel USB4 hub 5787
+    - More MediaTek scaler devices
+    - Nordic HID devices supporting DFUv1
+
+-------------------------------------------------------------------
+Thu Aug 22 06:07:43 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Update to version 1.9.24:
+  + This release fixes the following bugs:
+    - Add support for capsule on disk for Dell systems
+    - Do not re-use the connection cache to fix Redfish BMC restart
+    - Exclude known recovery partitions when choosing an ESP volume
+    - Fix the VLI usb3 private flag registration
+  + This release adds support for the following hardware:
+    - More Mediatek scaler devices
+    - Parade USB hubs
+
 -------------------------------------------------------------------
 Tue Aug  6 05:36:59 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
 

fwupd.obsinfo

@@ -1,4 +1,4 @@
 name: fwupd
-version: 1.9.23
-mtime: 1722861110
-commit: 28a3138f0e647a12c17b2b5a1d078b8b115bd3f3
+version: 2.0.13
+mtime: 1753173703
+commit: d65d2fb3f32839c6a2390c379678be3089a0b878

fwupd.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package fwupd
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,7 +16,7 @@
 #
 
 
-%ifarch %{ix86} x86_64 aarch64 riscv64 s390x ppc64le
+%ifarch %{ix86} x86_64 %{arm} aarch64 riscv64
 %bcond_without efi_fw_update
 %else
 %bcond_with efi_fw_update
@@ -36,11 +36,11 @@
 %bcond_with fish_support
 %endif
 
-%define shlib_sover  2
+%define shlib_sover  3
 %define docs 0
 
 Name:           fwupd
-Version:        1.9.23
+Version:        2.0.13
 Release:        0
 Summary:        Device firmware updater daemon
 License:        GPL-2.0-or-later AND LGPL-2.1-or-later
@@ -49,13 +49,7 @@ URL:            https://fwupd.org/
 Source:         %{name}-%{version}.tar.xz
 
 # PATCH-FIX-OPENSUSE fwupd-bsc1130056-shim-path.patch bsc#1130056
-Patch1:         fwupd-bsc1130056-change-shim-path.patch
-# PATCH-FIX-OPENSUSE fwupd-jscSLE-11766-close-efidir-leap-gap.patch jsc#SLE-11766 qkzhu@suse.com -- Set SLE and openSUSE esp os dir at runtime
-Patch2:         fwupd-jscSLE-11766-close-efidir-leap-gap.patch
-# PATCH-FEATURE-OPENSUSE harden_fwupd-offline-update.service.patch -- Harden services
-Patch3:         harden_fwupd-offline-update.service.patch
-# PATCH-FEATURE-OPENSUSE harden_fwupd-refresh.service.patch -- Harden services
-Patch4:         harden_fwupd-refresh.service.patch
+Patch99:        fwupd-bsc1130056-change-shim-path.patch
 
 BuildRequires:  dejavu-fonts
 BuildRequires:  fdupes
@@ -67,7 +61,6 @@ BuildRequires:  gcab
 BuildRequires:  gnutls
 BuildRequires:  gobject-introspection
 BuildRequires:  gobject-introspection-devel
-BuildRequires:  gpgme-devel
 BuildRequires:  help2man
 BuildRequires:  intltool
 BuildRequires:  libelf-devel
@@ -76,6 +69,7 @@ BuildRequires:  pkgconfig
 BuildRequires:  procps
 BuildRequires:  python3-Pillow
 BuildRequires:  python3-cairo
+BuildRequires:  python3-dbusmock
 BuildRequires:  python3-gobject-Gdk
 BuildRequires:  python3-setuptools
 BuildRequires:  python3-xml
@@ -106,20 +100,24 @@ BuildRequires:  pkgconfig(json-glib-1.0) >= 1.1.1
 BuildRequires:  pkgconfig(libarchive)
 BuildRequires:  pkgconfig(libcbor)
 BuildRequires:  pkgconfig(libcurl) >= 7.62.0
+BuildRequires:  pkgconfig(libdrm_amdgpu)
 BuildRequires:  pkgconfig(libelf)
 BuildRequires:  pkgconfig(libgcab-1.0) >= 1.0
 BuildRequires:  pkgconfig(libprotobuf-c)
 BuildRequires:  pkgconfig(libsystemd)
+BuildRequires:  pkgconfig(libusb-1.0) >= 0.1.27
 BuildRequires:  pkgconfig(mbim-glib)
 BuildRequires:  pkgconfig(mm-glib)
+BuildRequires:  pkgconfig(pango)
 BuildRequires:  pkgconfig(polkit-gobject-1) >= 0.103
 BuildRequires:  pkgconfig(protobuf)
 BuildRequires:  pkgconfig(qmi-glib)
+BuildRequires:  pkgconfig(readline)
 BuildRequires:  pkgconfig(sqlite3)
 BuildRequires:  pkgconfig(tss2-esys) >= 2.0
 BuildRequires:  pkgconfig(udev)
 BuildRequires:  pkgconfig(umockdev-1.0)
-BuildRequires:  pkgconfig(xmlb) >= 0.1.13
+BuildRequires:  pkgconfig(xmlb) >= 0.3.19
 %if %{with efi_fw_update}
 BuildRequires:  pkgconfig(efiboot)
 BuildRequires:  pkgconfig(efivar) >= 33
@@ -136,7 +134,9 @@ Requires:       shim >= 11
 Requires:       udisks2
 %endif
 %endif
-Requires:       (fwupd-efi if shim)
+%if %{with efi_fw_update}
+Requires:       fwupd-efi
+%endif
 
 %description
 fwupd is a daemon to allows session software to update device firmware on
@@ -226,36 +226,15 @@ export CFLAGS="%{optflags} -D_GNU_SOURCE"
 # Dell support requires direct SMBIOS access,
 # Synaptics requires Dell support, i.e. x86 only
 %meson \
-  -Dlaunchd=disabled \
-  -Dplugin_amdgpu=disabled \
   -Dpassim=disabled \
 %if %{with efi_fw_update}
-  -Dplugin_uefi_capsule=enabled \
-  -Dplugin_uefi_pk=enabled \
   -Defi_binary=false \
-  -Dcompat_cli=true \
-%else
-  -Dplugin_uefi_capsule=false \
-  -Dplugin_uefi_pk=false \
 %endif
-%if %{with msr_support}
-  -Dplugin_msr=enabled \
-%else
-  -Dplugin_msr=disabled \
-%endif
-%if %{with dell_support}
-  -Dplugin_synaptics_mst=enabled \
-%else
-  -Dplugin_synaptics_mst=disabled \
-%endif
-%ifnarch %{ix86} x86_64
-  -Dplugin_synaptics_rmi=disabled \
-%endif
-  -Dplugin_nvme=enabled \
-  -Dplugin_redfish=enabled \
   -Ddocs=enabled \
   -Dsupported_build=enabled \
   -Dtests=false \
+  -Dvalgrind=disabled \
+  -Dvendor_ids_dir=/usr/share/hwdata \
 %ifarch s390x ppc64le
   -Dplugin_flashrom=disabled \
 %endif
@@ -269,11 +248,6 @@ export CFLAGS="%{optflags} -D_GNU_SOURCE"
 
 %install
 %meson_install
-# Add SUSE specific rcfoo service symlink
-mkdir -p %{buildroot}%{_sbindir}
-ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{name}
-ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcfwupd-offline-update
-ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rcfwupd-refresh
 %find_lang %{name}
 %fdupes -s %{buildroot}%{_datadir}/doc
 
@@ -297,38 +271,28 @@ rm -fr %{buildroot}%{_datadir}/fish
 %ldconfig_scriptlets -n libfwupd%{shlib_sover}
 
 %preun
-%service_del_preun %{name}.service fwupd-offline-update.service fwupd-refresh.service
+%service_del_preun %{name}.service fwupd-refresh.service
 
 %pre
-%service_add_pre %{name}.service fwupd-offline-update.service fwupd-refresh.service
+%service_add_pre %{name}.service fwupd-refresh.service
 
 %post
 %udev_rules_update
-%service_add_post %{name}.service fwupd-offline-update.service fwupd-refresh.service
+%service_add_post %{name}.service fwupd-refresh.service
 
 %postun
-%service_del_postun %{name}.service fwupd-offline-update.service fwupd-refresh.service
+%service_del_postun %{name}.service fwupd-refresh.service
 
 %files
 %license COPYING
 %doc README.md
 %{_unitdir}/fwupd.service
-%{_unitdir}/fwupd-offline-update.service
-%dir %{_unitdir}/system-update.target.wants/
-%{_unitdir}/system-update.target.wants/fwupd-offline-update.service
 %{_unitdir}/fwupd-refresh.service
 %{_unitdir}/fwupd-refresh.timer
 %{_libexecdir}/fwupd
 %{_bindir}/fwupdmgr
 %{_bindir}/fwupdtool
-%if %{with efi_fw_update}
-%{_bindir}/fwupdagent
-%{_bindir}/fwupdate
-%endif
 %{_bindir}/dbxtool
-%{_sbindir}/rc%{name}
-%{_sbindir}/rcfwupd-offline-update
-%{_sbindir}/rcfwupd-refresh
 %{_datadir}/dbus-1/system.d/org.freedesktop.fwupd.conf
 %{_datadir}/dbus-1/interfaces/org.freedesktop.fwupd.xml
 %{_datadir}/dbus-1/system-services/org.freedesktop.fwupd.service
@@ -358,6 +322,7 @@ rm -fr %{buildroot}%{_datadir}/fish
 %endif
 %endif
 %{_datadir}/polkit-1/actions/org.freedesktop.fwupd.policy
+%{_modulesloaddir}/fwupd-i2c.conf
 %if %{with msr_support}
 %dir %{_modulesloaddir}
 %{_modulesloaddir}/fwupd-msr.conf
@@ -376,7 +341,6 @@ rm -fr %{buildroot}%{_datadir}/fish
 %dir %{_sysconfdir}/grub.d
 %{_sysconfdir}/grub.d/35_fwupd
 %endif
-%{_udevrulesdir}/90-fwupd-devices.rules
 %dir %{_datadir}/metainfo
 %{_datadir}/metainfo/org.freedesktop.fwupd.metainfo.xml
 %{_datadir}/icons/hicolor/*
@@ -392,14 +356,6 @@ rm -fr %{buildroot}%{_datadir}/fish
 %{_datadir}/%{name}/quirks.d/builtin.quirk.gz
 %_sysusersdir/fwupd.conf
 
-%if %{with efi_fw_update}
-%files -n dfu-tool
-%{_bindir}/dfu-tool
-%if 0%{?docs}
-%{_mandir}/man1/dfu-tool.1%{?ext_man}
-%endif
-%endif
-
 %files -n libfwupd%{shlib_sover}
 %{_libdir}/libfwupd.so.*
 
@@ -410,7 +366,7 @@ rm -fr %{buildroot}%{_datadir}/fish
 %{_datadir}/gir-1.0/Fwupd-2.0.gir
 %{_datadir}/vala/vapi/fwupd.deps
 %{_datadir}/vala/vapi/fwupd.vapi
-%{_includedir}/fwupd-1/
+%{_includedir}/fwupd-3/
 %{_libdir}/pkgconfig/fwupd.pc
 %{_libdir}/libfwupd.so
 

harden_fwupd-offline-update.service.patch

@@ -1,21 +0,0 @@
-Index: fwupd-1.7.2/data/fwupd-offline-update.service.in
-===================================================================
---- fwupd-1.7.2.orig/data/fwupd-offline-update.service.in
-+++ fwupd-1.7.2/data/fwupd-offline-update.service.in
-@@ -8,6 +8,16 @@ After=sysinit.target system-update-pre.t
- Before=shutdown.target system-update.target
- 
- [Service]
-+# added automatically, for details please see
-+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
-+ProtectSystem=full
-+ProtectHome=true
-+ProtectHostname=true
-+ProtectKernelTunables=true
-+ProtectKernelLogs=true
-+ProtectControlGroups=true
-+RestrictRealtime=true
-+# end of automatic additions 
- Type=oneshot
- ExecStart=@libexecdir@/fwupd/fwupdoffline
- FailureAction=reboot

harden_fwupd-refresh.service.patch

@@ -1,18 +0,0 @@
-Index: fwupd-1.9.10/data/motd/fwupd-refresh.service.in
-===================================================================
---- fwupd-1.9.10.orig/data/motd/fwupd-refresh.service.in
-+++ fwupd-1.9.10/data/motd/fwupd-refresh.service.in
-@@ -14,5 +14,13 @@ SystemCallFilter=~@mount
- ProtectKernelModules=yes
- ProtectControlGroups=yes
- RestrictRealtime=yes
-+# added automatically, for details please see
-+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
-+ProtectSystem=full
-+ProtectHome=true
-+ProtectHostname=true
-+ProtectKernelTunables=true
-+ProtectKernelLogs=true
-+# end of automatic additions 
- SuccessExitStatus=2
- ExecStart=@bindir@/fwupdmgr refresh