forked from pool/parsec
Guillaume GARDET
cb3d0190c0
- Update to 1.0.0-rc3: * Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc2...1.0.0-rc3 * Fixes CVE-2022-24713 - boo#1196972 OBS-URL: https://build.opensuse.org/request/show/963699 OBS-URL: https://build.opensuse.org/package/show/security/parsec?expand=0&rev=25
121 lines
4.8 KiB
Plaintext
121 lines
4.8 KiB
Plaintext
-------------------------------------------------------------------
|
|
Mon Mar 21 13:02:29 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.0.0-rc3:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc2...1.0.0-rc3
|
|
* Fixes CVE-2022-24713 - boo#1196972
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 8 17:29:56 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.0.0-rc2:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc1...1.0.0-rc2
|
|
- Remove CryptoAuthLib (CAL) provider as it is unmaintained.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 24 08:29:19 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 1.0.0-rc1:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.1...1.0.0-rc1
|
|
- Drop upstream patch:
|
|
* harden_parsec.service.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jan 13 13:25:14 UTC 2022 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.8.1:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.0...0.8.1
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Dec 9 11:05:48 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Fix /run/parsec permission to 755. This is enough for all
|
|
users to access the service - boo#1193484 - CVE-2021-36781
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 15 07:01:37 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
|
|
|
|
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es):
|
|
* harden_parsec.service.patch
|
|
Modified:
|
|
* parsec.service
|
|
* Upstream submission: https://github.com/parallaxsecond/parsec/issues/569
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Sep 27 10:18:08 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Allow access to /run/parsec to all users
|
|
- Requires rust 1.53+ (now also available in 15.3/15-SP3 via Update)
|
|
which allow to enable same features accross distros
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 6 07:01:27 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.8.0:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.7.2...0.8.0
|
|
- Drop upstream patch:
|
|
* parsec-fix-old-rust.patch
|
|
- Disable 'trusted-service-provider' as it currently fails to build
|
|
- Disable 'jwt-svid-authenticator' (SPIFFE-based authenticator)
|
|
on Leap, as it cannot be compiled with rust 1.43.1
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Apr 30 11:36:56 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Fix build with old rust used in Leap 15.3/SLE15-SP3.
|
|
* parsec-fix-old-rust.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 14 14:54:32 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Requires 'tpm2-0-tss' as it holds the udev rule to make /dev/tpm*
|
|
owned by tss user
|
|
- Requires 'libtss2-tcti-device0' as it is required to start parsec
|
|
with TPM support
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 7 07:42:24 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Enable all authenticators which adds 'direct-authenticator'
|
|
- Add CryptoAuthLib template (disabled) in config.toml
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 1 10:19:21 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Make 'parsec' user part of 'tss' group to access /dev/tpm* devices
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 31 16:02:31 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.7.2:
|
|
* Changelog: https://github.com/parallaxsecond/parsec/compare/0.6.0...0.7.2
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 30 13:20:44 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Recommends 'opensc' as it is used to initialize HSM keys (PKCS#11 backend)
|
|
- Add PKCS#11 template (disabled) in config.toml
|
|
- Disable Tpm backend by default in config.toml
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 13 14:19:05 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Enable 'all-providers' which adds 'pkcs11-provider' compared to
|
|
previous config
|
|
- Drop unneeded patch:
|
|
* pkcs11-libloading-issue.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 23 15:10:32 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Update to 0.6.0
|
|
- Update config.toml
|
|
- Add patch:
|
|
* pkcs11-libloading-issue.patch
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 16 16:07:51 UTC 2020 - Guillaume GARDET <guillaume.gardet@opensuse.org>
|
|
|
|
- Initiale version 0.5.0
|
|
|