forked from pool/parsec
Guillaume GARDET
dc2f3cb281
- Update to 1.2.0: * Closed issue since 1.2.0-rc1: - Parsec 1.1 fails to build with meta-security master branch OBS-URL: https://build.opensuse.org/request/show/1080909 OBS-URL: https://build.opensuse.org/package/show/security/parsec?expand=0&rev=44
186 lines
7.2 KiB
Plaintext
186 lines
7.2 KiB
Plaintext
-------------------------------------------------------------------
|
|
Thu Apr 20 15:01:10 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.2.0:
|
|
* Closed issue since 1.2.0-rc1:
|
|
- Parsec 1.1 fails to build with meta-security master branch
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 27 09:55:24 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Disable jwt-svid-authenticator (SPIFFE) until fixed upstream
|
|
with gcc13 - https://github.com/parallaxsecond/parsec/issues/672
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 23 09:01:01 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.2.0-rc1
|
|
- Drop upstream patch:
|
|
* 664.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 15 07:27:47 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Add patch to fix build on Tumbleweed (update tss-esapi to 7.2.0):
|
|
* 664.patch
|
|
- Add <param name="update">true</param> to _service to apply
|
|
security updates
|
|
- Use cargo-packaging for all flavors
|
|
- Enable cargo_audit
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 19 11:03:49 UTC 2023 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Add libstdc++6-devel-gcc11 to fix build with GCC11 on
|
|
Backports SLE15-SP4/5
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 4 13:03:09 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.1.0:
|
|
* Main updates:
|
|
- Add generate random support into TPM and PKCS11 providers
|
|
- Implement configurable exclusion of deprecated primitives
|
|
- Allow binary PIN values for PKCS11 provider
|
|
- Recognise a PKCS11 hardware token with its serial number
|
|
instead of slot number
|
|
* Full changelog: https://github.com/parallaxsecond/parsec/releases/tag/1.1.0
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 26 07:41:22 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.1.0-rc2
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 6 07:00:43 UTC 2022 - Marcus Meissner <meissner@suse.com>
|
|
|
|
- rust-packaging -> cargo-packaging (bsc#1198131)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 31 06:17:05 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.0.0:
|
|
* Update changelog file only
|
|
- Disable build on x86 since the build fails
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 21 13:02:29 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.0.0-rc3:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc2...1.0.0-rc3
|
|
* Fixes CVE-2022-24713 - boo#1196972
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 8 17:29:56 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.0.0-rc2:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc1...1.0.0-rc2
|
|
- Remove CryptoAuthLib (CAL) provider as it is unmaintained.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 24 08:29:19 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.0.0-rc1:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.1...1.0.0-rc1
|
|
- Drop upstream patch:
|
|
* harden_parsec.service.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 13 13:25:14 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.8.1:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.0...0.8.1
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 9 11:05:48 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Fix /run/parsec permission to 755. This is enough for all
|
|
users to access the service - boo#1193484 - CVE-2021-36781
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 15 07:01:37 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
|
|
|
|
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
|
|
* harden_parsec.service.patch
|
|
Modified:
|
|
* parsec.service
|
|
* Upstream submission: https://github.com/parallaxsecond/parsec/issues/569
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 27 10:18:08 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Allow access to /run/parsec to all users
|
|
- Requires rust 1.53+ (now also available in 15.3/15-SP3 via Update)
|
|
which allow to enable same features accross distros
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 6 07:01:27 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.8.0:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.7.2...0.8.0
|
|
- Drop upstream patch:
|
|
* parsec-fix-old-rust.patch
|
|
- Disable 'trusted-service-provider' as it currently fails to build
|
|
- Disable 'jwt-svid-authenticator' (SPIFFE-based authenticator)
|
|
on Leap, as it cannot be compiled with rust 1.43.1
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 30 11:36:56 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Fix build with old rust used in Leap 15.3/SLE15-SP3.
|
|
* parsec-fix-old-rust.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 14 14:54:32 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Requires 'tpm2-0-tss' as it holds the udev rule to make /dev/tpm*
|
|
owned by tss user
|
|
- Requires 'libtss2-tcti-device0' as it is required to start parsec
|
|
with TPM support
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 7 07:42:24 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Enable all authenticators which adds 'direct-authenticator'
|
|
- Add CryptoAuthLib template (disabled) in config.toml
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 1 10:19:21 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Make 'parsec' user part of 'tss' group to access /dev/tpm* devices
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 31 16:02:31 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.7.2:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.6.0...0.7.2
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 30 13:20:44 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Recommends 'opensc' as it is used to initialize HSM keys (PKCS#11 backend)
|
|
- Add PKCS#11 template (disabled) in config.toml
|
|
- Disable Tpm backend by default in config.toml
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 13 14:19:05 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Enable 'all-providers' which adds 'pkcs11-provider' compared to
|
|
previous config
|
|
- Drop unneeded patch:
|
|
* pkcs11-libloading-issue.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 23 15:10:32 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.6.0
|
|
- Update config.toml
|
|
- Add patch:
|
|
* pkcs11-libloading-issue.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 16 16:07:51 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Initiale version 0.5.0
|
|
|