Hello community, here is the log from the commit of package tpm2.0-abrmd for openSUSE:Factory checked in at 2017-08-30 16:24:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tpm2.0-abrmd (Old) and /work/SRC/openSUSE:Factory/.tpm2.0-abrmd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tpm2.0-abrmd" Wed Aug 30 16:24:39 2017 rev:2 rq:519625 version:1.1.1 Changes: -------- --- /work/SRC/openSUSE:Factory/tpm2.0-abrmd/tpm2.0-abrmd.changes 2017-08-24 18:45:51.240713354 +0200 +++ /work/SRC/openSUSE:Factory/.tpm2.0-abrmd.new/tpm2.0-abrmd.changes 2017-08-30 16:24:39.977141199 +0200 @@ -1,0 +2,20 @@ +Wed Aug 30 08:29:07 UTC 2017 - [email protected] + +- update to upstream version 1.1.1 which fixes some local denial-of-service + security issues among other things: + + - Replace use of sigaction with g_unix_signal_* stuff from glib. + - Rewrite of INSTALL.md including info on custom configure script options. + - Default value for --with-simulatorbin configure option has been removed. + New default behavior is to disable integration tests. + - CommandSource will no longer reject commands without parameters. + - Unit tests updated to use cmocka v1.0.0 API. + - Integration tests now run daemon under valgrind memcheck and fail when + errors are found. + - CommandSource now tracks max FD in set of client FDs to prevent unnecessary + iterations over FD_SETSIZE fds. + +- no longer call bootstrap and switch to the release upstream tarball which + has now been fixed to contain all necessary files + +------------------------------------------------------------------- Old: ---- 1.1.0.tar.gz New: ---- tpm2-abrmd-1.1.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tpm2.0-abrmd.spec ++++++ --- /var/tmp/diff_new_pack.ctNjsq/_old 2017-08-30 16:24:40.709038244 +0200 +++ /var/tmp/diff_new_pack.ctNjsq/_new 2017-08-30 16:24:40.713037681 +0200 @@ -1,5 +1,5 @@ # -# spec file for package tpm2-0-tss +# spec file for package tpm2.0-abrmd # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # @@ -17,22 +17,22 @@ Name: tpm2.0-abrmd -Version: 1.1.0 +Version: 1.1.1 Release: 0 Summary: Intel's TCG Software Stack Access Broker & Resource Manager for TPM 2.0 chips License: BSD-2-Clause Group: Productivity/Security Url: https://github.com/01org/tpm2-abrmd -Source0: https://github.com/01org/tpm2-abrmd/archive/%{version}.tar.gz +Source0: https://github.com/01org/tpm2-abrmd/releases/download/1.1.1/tpm2-abrmd-%{version}.tar.gz BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: gcc-c++ BuildRequires: libtool BuildRequires: pkg-config +BuildRequires: systemd-rpm-macros BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(gio-unix-2.0) BuildRequires: pkgconfig(sapi) -BuildRequires: systemd-rpm-macros Requires(pre): pwdutils BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -44,9 +44,9 @@ %package devel Summary: Development headers the Access Broker & Resource Manager for TPM 2.0 chips Group: Development/Libraries/C and C++ -Requires: tpm2.0-abrmd = %{version} Requires: glibc-devel Requires: libtcti-tabrmd0 = %{version} +Requires: tpm2.0-abrmd = %{version} %description devel This package provides the development files for the Access Broker & Resource @@ -68,12 +68,6 @@ # %%patch0 -p1 %build -# TODO: we shouldn't bootstrap, but there is currently upstream issue #102 -# we are using the source tarball which doesn't ship generated configure -# scripts, but it ships README and LICENSE files which are missing from the -# distribution tarball. When we get an updated distribution tarball we should -# remove the bootstrap and switch to the distribution tarball. -bash bootstrap export CFLAGS="%optflags -fPIE" export LDFLAGS="-pie -fPIE" %configure --disable-static --with-udevrulesdir=%{_udevrulesdir} --with-systemdsystemunitdir=%{_unitdir} @@ -88,6 +82,9 @@ %define udev_rule_file 90-tpm.rules mv %{buildroot}%{_udevrulesdir}/tpm-udev.rules %{buildroot}%{_udevrulesdir}/%{udev_rule_file} ln -sv %{_sbindir}/service %{buildroot}%{_sbindir}/rctpm2-abrmd +# don't install the systemd preset, our presets are handled by +# systemd-presets-* packages +rm %{buildroot}/usr/lib*/systemd/system-preset/tpm2-abrmd.preset %pre # the same user is employed by trousers (and was employed by the old
