Overview Repositories Revisions Requests Users Attributes Meta

Revisions of tpm2.0-abrmd

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1193691 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 27) 
- Fix SELinux sbin/bin merge (bsc#1229047)
  1229047-fix-bin-sbin-selinux.patch
  Can be dropped once https://github.com/tpm2-software/tpm2-abrmd/pull/846
  is merged upstream (forwarded request 1193685 from cahu)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 966798 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 22) 
- dbus-access.patch: restrict D-Bus access to tpm2-abrmd to members of the tss
  group (bsc#1197532). This prevents arbitrary users from meddling with TPM
  state and thus potential denial-of-service vectors.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 934685 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 20) 
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort (forwarded request 933795 from jsegitz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 908096 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 19) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 843600 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 17) 
- update to version 2.3.3:
  - changes in version 2.3.1:
    - Fixed handle resource leak exhausting TPM resources.
  - changes in version 2.3.2:
    - Added cirrus CI specific config files to enable FreeBSD builds.
    - Changed test scripts to be more portable.
    - Changed include header paths specific to FreeBSD.
  - changes in version 2.3.1:
    - Provide meaningful exit codes on initialization failures.
    - Prevent systemd from starting the daemon before udev changes ownership
      of the TPM device node.
    - Prevent systemd from starting the daemon if there is no TPM device node.
    - Prevent systemd from restarting the daemon if it fails.
    - Add SELinux policy to allow daemon to resolve names.
    - Add SELinux policy boolean (disabled by default) to allow daemon to
      connect to all unreserved ports.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 755854 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 16) 
! please handle this together with sr#755853 for tpm2-0-tss !

- update to version 2.3.0:
  - changes in version 2.3.0:
    - Add '--enable-debug' flag to configure script to simplify debug builds.
      This relies on the AX_CHECK_ENABLE_DEBUG autoconf archive macro.
    - Replaced custom dynamic TCTI loading code with libtss2-tctildr from
      upstream tpm2-tss repo. (requires tpm2-0-tss version 2.3.0)
    - Explicitly set '-O2' optimization when using FORTIFY_SOURCE as required.
  - changes in version 2.2.0:
    - New configuration option `--disable-defaultflags/ added. This is
      for use for packaging for targets that do not support the default
      compilation / linking flags.
    - Use private dependencies properly in pkg-config metadata for TCTI.
    - Refactor daemon main module to enable better handling of error
      conditions and enable more thorough unit testing.
    - Updated dependencies to ensure compatibility with pkg-config fixes
      in tpm2-tss.
    - Fixed bug causing TCTI to block when used by libtss2-sys built with
      partial reads enabled.
    - Removed unnecessary libs / flags for pthreads in the TCTI pkg-config.
    - Output from configure script now accurately describes the state of the
      flags that govern the integration tests.
- drop fix_dlopen.patch: no longer necessary since abrmd not uses the tctildr
  shared library. This one hopefully now does the right thing.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 726060 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 15) 
- update to version 2.1.1:
  - changes in version 2.1.1:
    - Unit tests accessing dbus have been fixed to use mock functions. Unit
    tests no longer depend on dbus.
    - Race condition between client connections and dbus proxy object
    creation by registering bus name after instantiation of the proxy object.
Yuchen Lin's avatar Yuchen Lin (maxlin_factory) accepted request 698147 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 14) 
- bsc#1130588: Require shadow instead of old pwdutils
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 682103 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 13) 
- update to version 2.1.0:
  - changes in version 2.1.0:
    - `-Wstrict-overflow=5` now used in default CFLAGS.
    - Handling of `TPM2_RC_CONTEXT_GAP` on behalf of users.
    - Convert `TPM2_PT_CONTEXT_GAP_MAX` response from lower layer to
      `UINT32_MAX`
    - travis-ci now uses 'xenial' builder
    - Significant refactoring of TCTI handling code.
    - `--install` added to ACLOCAL_AMFLAGS to install aclocal required macros
      instead of using the default symlinks
    - Launch `dbus-run-session` in the automake test environment to
      automagically set up a dbus session bus instance when one isn't present.
    - Bug caused by unloading of `libtss2-tcti-tabrmd.so` on dlclose. GLib
    does not support reloading a second time.
    - Bug causing `-fstack-protector-all` to be used on systems with core
      libraries (i.e. libc) that do not support it. This caused failures at
      link-time.
    - Unnecessary symbols from libtest utility library no longer included in
      TCTI library.
  - changes  in version 2.0.3:
    - Update build to account for upstream change to glib '.pc' files
      described in: https://gitlab.gnome.org/GNOME/glib/issues/1521
- added _service file for syncing with upstream tags
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 665953 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 12) 
Incorporate FATE# in changes file for SLE-15-SP1 (bsc#1121860)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 644573 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 11) 
- add a Requires towards tpm2-0-tss, because that main package holds the udev
  rules and logic for setting up the tss user. Without this the daemon can't
  start up correctly.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 643993 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 10) 
- fix broken build due to newer glib dependency that reports a full path for
  gdbus-codegen, breaking the configure check.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 638481 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 9) 
- update to version 2.0.2:
  - --enable-integration option to configure script now works as documented.
  - Format specifier with wrong size in util module.
  - Initialize TCTI context to 0 before setting values. This will cause all
    members that aren't explicitly initialized by be 0.
Yuchen Lin's avatar Yuchen Lin (maxlin_factory) accepted request 636379 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 8) 
- add recommends to the tcti-device and tcti-abrmd. Otherwise they're not
  installed right away, rendering the abrmd quite unusable.
Displaying revisions 1 - 20 of 27
openSUSE Build Service is sponsored by
Places