forked from pool/fwupd
Dominique Leuenberger
eb179be8a1
- Update to version 1.9.10:
+ This release adds the following features:
- Add support for not_hardware requirements
- Add support for loongarch64
- Add support for per-release priority attributes
- Make USB claim retry count configurable across devices
+ This release fixes the following bugs:
- Compare the HID report value when checking for duplicates
- Consider the component priority when installing composite updates
- Deploy the CCGX firmware correctly the first time
- Do not export the 'main-system-firmware' and 'cpu' GUIDs
- Enforce fwupd version requirements client side
- Fix Genesys 'failed to get static tool info from device' error
- Fix potential 'dereference before null check' in ccmx-dmc
- Fix the 'already registered private FuMmDevice flag with value' warning
- Fix the 'assertion backend_id != NULL failed' runtime warning
- Fix Wacom USB device emulation by recording the composite phases
- Generate generic request message text where possible
- Hide HTTP passwords in fwupd debugging logs
- Let the client know what interaction is expected
- Make all critical warnings into backtraces for non-release builds
- Never obsolete the wrong HSI attribute
- Never show a HSI index that is impossible
- Only apply fastboot plugin to modem devices supporting fastboot
- Only send interactive requests when the sender is alive
- Remove the now-obsolete Synaptics MST cascade device scanning
- Replace the Redfish KCS user if required
- Restrict mediatek-scaler devices on specific hardware only
- Skip any recovery partitions when detecting ESP
OBS-URL: https://build.opensuse.org/request/show/1130755
OBS-URL: https://build.opensuse.org/package/show/Base:System/fwupd?expand=0&rev=156
19 lines
677 B
Diff
19 lines
677 B
Diff
Index: fwupd-1.9.10/data/motd/fwupd-refresh.service.in
|
|
===================================================================
|
|
--- fwupd-1.9.10.orig/data/motd/fwupd-refresh.service.in
|
|
+++ fwupd-1.9.10/data/motd/fwupd-refresh.service.in
|
|
@@ -14,5 +14,13 @@ SystemCallFilter=~@mount
|
|
ProtectKernelModules=yes
|
|
ProtectControlGroups=yes
|
|
RestrictRealtime=yes
|
|
+# added automatically, for details please see
|
|
+# https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
|
|
+ProtectSystem=full
|
|
+ProtectHome=true
|
|
+ProtectHostname=true
|
|
+ProtectKernelTunables=true
|
|
+ProtectKernelLogs=true
|
|
+# end of automatic additions
|
|
SuccessExitStatus=2
|
|
ExecStart=@bindir@/fwupdmgr refresh
|