------------------------------------------------------------------- Wed Mar 15 07:27:47 UTC 2023 - Guillaume GARDET - Add patch to fix build on Tumbleweed (update tss-esapi to 7.2.0): * 664.patch - Add true to _service to apply security updates - Use cargo-packaging for all flavors - Enable cargo_audit ------------------------------------------------------------------- Thu Jan 19 11:03:49 UTC 2023 - Guillaume GARDET - Add libstdc++6-devel-gcc11 to fix build with GCC11 on Backports SLE15-SP4/5 ------------------------------------------------------------------- Tue Oct 4 13:03:09 UTC 2022 - Guillaume GARDET - Update to 1.1.0: * Main updates: - Add generate random support into TPM and PKCS11 providers - Implement configurable exclusion of deprecated primitives - Allow binary PIN values for PKCS11 provider - Recognise a PKCS11 hardware token with its serial number instead of slot number * Full changelog: https://github.com/parallaxsecond/parsec/releases/tag/1.1.0 ------------------------------------------------------------------- Mon Sep 26 07:41:22 UTC 2022 - Guillaume GARDET - Update to 1.1.0-rc2 ------------------------------------------------------------------- Wed Apr 6 07:00:43 UTC 2022 - Marcus Meissner - rust-packaging -> cargo-packaging (bsc#1198131) ------------------------------------------------------------------- Thu Mar 31 06:17:05 UTC 2022 - Guillaume GARDET - Update to 1.0.0: * Update changelog file only - Disable build on x86 since the build fails ------------------------------------------------------------------- Mon Mar 21 13:02:29 UTC 2022 - Guillaume GARDET - Update to 1.0.0-rc3: * Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc2...1.0.0-rc3 * Fixes CVE-2022-24713 - boo#1196972 ------------------------------------------------------------------- Tue Mar 8 17:29:56 UTC 2022 - Guillaume GARDET - Update to 1.0.0-rc2: * Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc1...1.0.0-rc2 - Remove CryptoAuthLib (CAL) provider as it is unmaintained. ------------------------------------------------------------------- Thu Feb 24 08:29:19 UTC 2022 - Guillaume GARDET - Update to 1.0.0-rc1: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.1...1.0.0-rc1 - Drop upstream patch: * harden_parsec.service.patch ------------------------------------------------------------------- Thu Jan 13 13:25:14 UTC 2022 - Guillaume GARDET - Update to 0.8.1: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.0...0.8.1 ------------------------------------------------------------------- Thu Dec 9 11:05:48 UTC 2021 - Guillaume GARDET - Fix /run/parsec permission to 755. This is enough for all users to access the service - boo#1193484 - CVE-2021-36781 ------------------------------------------------------------------- Fri Oct 15 07:01:37 UTC 2021 - Johannes Segitz - Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_parsec.service.patch Modified: * parsec.service * Upstream submission: https://github.com/parallaxsecond/parsec/issues/569 ------------------------------------------------------------------- Mon Sep 27 10:18:08 UTC 2021 - Guillaume GARDET - Allow access to /run/parsec to all users - Requires rust 1.53+ (now also available in 15.3/15-SP3 via Update) which allow to enable same features accross distros ------------------------------------------------------------------- Fri Aug 6 07:01:27 UTC 2021 - Guillaume GARDET - Update to 0.8.0: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.7.2...0.8.0 - Drop upstream patch: * parsec-fix-old-rust.patch - Disable 'trusted-service-provider' as it currently fails to build - Disable 'jwt-svid-authenticator' (SPIFFE-based authenticator) on Leap, as it cannot be compiled with rust 1.43.1 ------------------------------------------------------------------- Fri Apr 30 11:36:56 UTC 2021 - Guillaume GARDET - Fix build with old rust used in Leap 15.3/SLE15-SP3. * parsec-fix-old-rust.patch ------------------------------------------------------------------- Wed Apr 14 14:54:32 UTC 2021 - Guillaume GARDET - Requires 'tpm2-0-tss' as it holds the udev rule to make /dev/tpm* owned by tss user - Requires 'libtss2-tcti-device0' as it is required to start parsec with TPM support ------------------------------------------------------------------- Wed Apr 7 07:42:24 UTC 2021 - Guillaume GARDET - Enable all authenticators which adds 'direct-authenticator' - Add CryptoAuthLib template (disabled) in config.toml ------------------------------------------------------------------- Thu Apr 1 10:19:21 UTC 2021 - Guillaume GARDET - Make 'parsec' user part of 'tss' group to access /dev/tpm* devices ------------------------------------------------------------------- Wed Mar 31 16:02:31 UTC 2021 - Guillaume GARDET - Update to 0.7.2: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.6.0...0.7.2 ------------------------------------------------------------------- Tue Mar 30 13:20:44 UTC 2021 - Guillaume GARDET - Recommends 'opensc' as it is used to initialize HSM keys (PKCS#11 backend) - Add PKCS#11 template (disabled) in config.toml - Disable Tpm backend by default in config.toml ------------------------------------------------------------------- Fri Nov 13 14:19:05 UTC 2020 - Guillaume GARDET - Enable 'all-providers' which adds 'pkcs11-provider' compared to previous config - Drop unneeded patch: * pkcs11-libloading-issue.patch ------------------------------------------------------------------- Fri Oct 23 15:10:32 UTC 2020 - Guillaume GARDET - Update to 0.6.0 - Update config.toml - Add patch: * pkcs11-libloading-issue.patch ------------------------------------------------------------------- Fri Oct 16 16:07:51 UTC 2020 - Guillaume GARDET - Initiale version 0.5.0