openSUSE Build Service

Marcus Meissner (msmeissn) accepted request 956473 from

Marcus Meissner (msmeissn) about 2 years ago (revision 23)

- Update to version 0.7.1:
  - swtpm:
    - Check header size indicator against expected size (CVE-2022-23645 bsc#1196240)
  - swtpm_localca:
    - Test for available issuercert before creating CA

Marcus Meissner (msmeissn) committed over 2 years ago (revision 22)

- Update to version 0.7.0:
  - swtpm:
    - Support for linear file storage backend (file://)
    - Report 'tpm-1.2' & 'tpm-2.0' in --print-capabilities depending what
      libtpms supports
    - Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs
    - Wipe keys from stack and heap
    - Many other small changes
    - Make --daemon not racy
  - swtpm_setup:
    - Only activate SHA256 PCR bank, not SHA1 bank anymore by default
    - Support for linear file storage backend (file://)
    - Implement option --create-config-files to create config files
    - Use non-deprecated APIs to contruct RSA key (OSSL 3)
    - Report stderr as returned by external tool (swtpm-localcal)
    - Replace '+' and ',' characters in VMId's to make work with
      common name in X509 subject
    - Add support for --reconfigure flag to change active PCR banks
  - swtpm_localca:
    - Created certificates for CAs and TPM that do not expire
  - swtpm_cert:
    - Allow passing -1 for days to get a non-expiring certificate
  - test:
    - ASAN-related test changes and skipping of tests if ASAN is used
    - Fix tests using tpm2-abrmd by preventing concurrency
    - Skip chardev related tests after checking for chardev support
    - exit with error code if mktemp fails
    - OSSL 3: Make TPM 1.2 test compile; skip IBM TSS 2 test
  - build-sys:
    - Introduce --enable-sanitizers to configure

Marcus Meissner (msmeissn) committed over 2 years ago (revision 21)

- Update to version 0.6.1:
  - swtpm:
    - Clear keys from stack and heap
  - swtpm-localca:
    - Add missing else branch for pkcs11 and PIN
  - swtpm_setup:
    - Initialize Gerror and free it
    - Replace '\\s' in regex with [[:space:]] to fix cygwin
  - tests:
    - Kill tpm2-abrmd with SIGKILL rather SIGTERM
  - build-sys:
    - Use -DOPENSSL_SUPPRESS_DEPRECATED to suppress deprecation warnings (OSSL 3)
    - Enable configuring with CFLAGS and passing additional CFLAGS on build

Marcus Meissner (msmeissn) accepted request 911320 from

Callum Farmer (gmbr3) almost 3 years ago (revision 20)

minor change

Marcus Meissner (msmeissn) committed almost 3 years ago (revision 19)

- swtpm-rename_deprecated_libtasn1_types.patch: upstream

Marcus Meissner (msmeissn) accepted request 910608 from

Callum Farmer (gmbr3) almost 3 years ago (revision 18)

- Update to version 0.6.0:
  - Addressed potential symlink attack issue (CVE-2020-28407)
  - Rewritten in 'C'; needs json-glib
  - Use timeouts for communicating with swtpm (Unix socket)
  - Fix --print-capabilities for 'swtpm chardev'
  - Various cleanups and fixes (coverity)
- Enable selinux support

buildservice-autocommit accepted request 894591 from

Gary Ching-Pang Lin (gary_lin) almost 3 years ago (revision 17)

baserev update by copy to link target

Gary Ching-Pang Lin (gary_lin) accepted request 894521 from

Pedro Monreal Gonzalez (pmonrealgonzalez) about 3 years ago (revision 16)

- swtpm_cert: rename deprecated libtasn1 types.
  * https://github.com/stefanberger/swtpm/pull/443
  * Add swtpm-rename_deprecated_libtasn1_types.patch

buildservice-autocommit accepted request 858915 from

Gary Ching-Pang Lin (gary_lin) over 3 years ago (revision 15)

baserev update by copy to link target

Gary Ching-Pang Lin (gary_lin) accepted request 858841 from

Marcus Meissner (msmeissn) over 3 years ago (revision 14)

- Update to version 0.5.2
  - swtpm:
    - Fix potential buffer overflow related to largely unused data hashing
      function in control channel
    - swtpm: Unconditionally close fd if writing of pidfile fails (coverity)
  - swtpm_setup:
    - Increase timeout from 10s to 30s for slower machines
  - Travis:
    - Not building on OS X anymore due to additional costs

buildservice-autocommit accepted request 858005 from

Gary Ching-Pang Lin (gary_lin) over 3 years ago (revision 13)

baserev update by copy to link target

Gary Ching-Pang Lin (gary_lin) accepted request 858004 from

Gary Ching-Pang Lin (gary_lin) over 3 years ago (revision 12)

Use "Requires user(tss)" for the "tss" user and group

Gary Ching-Pang Lin (gary_lin) accepted request 857979 from

Gary Ching-Pang Lin (gary_lin) over 3 years ago (revision 11)

- Create /var/lib/swtpm-localca to store the keys created by
  swtpm-localca (bsc#1179811)
- Replace net-tools-deprecated with iproute2 since the scripts in
  swtpm now can use 'ss' instead of 'netstat'

buildservice-autocommit accepted request 850055 from

Gary Ching-Pang Lin (gary_lin) over 3 years ago (revision 10)

baserev update by copy to link target

Gary Ching-Pang Lin (gary_lin) accepted request 850053 from

Kai Liu (kailiu) over 3 years ago (revision 9)

Update to version 0.5.1.  Misc. spec file changes, fix rpmlint errors.

Dominique Leuenberger (dimstar_suse) accepted request 844896 from

Marcus Meissner (msmeissn) over 3 years ago (revision 8)

initialized devel package after accepting 844896

Gary Ching-Pang Lin (gary_lin) accepted request 841653 from

Kai Liu (kailiu) over 3 years ago (revision 7)

- Update Requires and BuildRequires for changes since 0.4.0.
- Remove patch files that are no longer needed:
  * swtpm-adjust-seccomp-path.patch
  * swtpm-setup-tcsd-path.patch
  * swtpm-tpm-tools-path.patch
- Update to version 0.5.0

Gary Ching-Pang Lin (gary_lin) accepted request 826253 from

Kai Liu (kailiu) almost 4 years ago (revision 6)

Update to v0.3.4.

Gary Ching-Pang Lin (gary_lin) accepted request 823607 from

Kai Liu (kailiu) almost 4 years ago (revision 5)

- Update to version 0.3.3 and fix a bug of TPM 1.2 emulation.

Gary Ching-Pang Lin (gary_lin) accepted request 820470 from

Kai Liu (kailiu) almost 4 years ago (revision 4)

Version bump to 0.3.2.

Places

Revisions of swtpm

Places