Public bug reported: Scheduled-For: ubuntu-25.11 Ubuntu: 0.7.3-0ubuntu8 Debian Unstable: 0.10.1+ds-1
The current version in Ubuntu went ahead of Debian in the past, so this package may be diverged from Debian and require more review than usual to get back to mergeability. If this package should not be considered for merges or syncs in the future, you may wish to consider adding it to the `sync-blocklist` at: https://code.launchpad.net/~ubuntu-archive/+git/sync-blocklist A new release of swtpm is available for merging from Debian Unstable. If it turns out this needs a sync rather than a merge, please change the tagging from ['needs-merge', 'upgrade-software-version'] to ['needs- sync', 'upgrade-software-version'], and (optionally) update the title as desired. ### New Debian Changes ### swtpm (0.10.1+ds-1) unstable; urgency=medium * Implement package salvaging protocol (Closes: #1113719) * Mark swtpm-dev as MA: same * d/control: bump Standards-Version to 4.7.2, no changes * Add d/salsa-ci.yml * d/rules: drop manual nocheck workaround * Build with package-notes ELF stamping * Add lintian overrides for spare-manual-page * Drop upstream machinery to make swtpm_cert optional to install * d/rules: drop manual autogen.sh * Exclude upstream debian/ directory from imports * New upstream version 0.10.1 (Closes: #1025738) * Drop fix-typos.patch, merged upstream * Drop move-conf-and-options-files-to-man5.patch, merged upstream * Bump dependency on libtpms-dev * d/not-installed: list upstream installed-tests * Drop build dependency on fuse (Closes: #1084403) * d/rules: explicitly disable selinux support * d/rules: avoid cleaning up checked in source file * Backport patches to fix make maintainer-clean (Closes: #1049074) * Backport patch to install sysusers.d and tmpfiles.d configs and use them * increase-poll-timeout.patch: update header and set forwarded tag * Backport patch to fix failing test * Add support for nocheck profile -- Luca Boccassi <[email protected]> Mon, 22 Sep 2025 19:31:08 +0100 ### Old Ubuntu Delta ### swtpm (0.7.3-0ubuntu8) plucky; urgency=medium * d/usr.bin.swtpm: Allow additional tmp directory access through user-tmp abstraction, and remove the original full /tmp permissions (LP: #2086736) -- Lena Voytek <[email protected]> Fri, 08 Nov 2024 15:25:24 -0700 swtpm (0.7.3-0ubuntu7) oracular; urgency=medium * d/usr.bin.swtpm: - Add sys_admin capability to apparmor profile to allow access to kernel modules such as tpm_vtpm_proxy (LP: #2071478) - Allow non-owned lockfile write access in /var/lib/libvirt/swtpm/ to fix apparmor denials when working with TPM2 locks (LP: #2072524) -- Lena Voytek <[email protected]> Tue, 09 Jul 2024 06:06:00 -0700 swtpm (0.7.3-0ubuntu6) oracular; urgency=medium * Fix autopkgtests following dpkg changes (LP: #2071468) -- Gianfranco Costamagna <[email protected]> Tue, 09 Jul 2024 12:29:58 +0200 swtpm (0.7.3-0ubuntu5) noble; urgency=medium * Add patch to force the buildsystem to build with -D_FORTIFY_SOURCE=3 -- Jeremy BÃcha <[email protected]> Tue, 02 Apr 2024 15:18:02 -0400 swtpm (0.7.3-0ubuntu4) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- William Grant <[email protected]> Mon, 01 Apr 2024 19:21:09 +1100 swtpm (0.7.3-0ubuntu3) noble; urgency=medium * No-change rebuild against libssl3t64 -- Steve Langasek <[email protected]> Mon, 04 Mar 2024 21:29:18 +0000 swtpm (0.7.3-0ubuntu2) mantic; urgency=medium * d/usr.bin.swtpm: Configure apparmor to grant access to relevant files in /run/user/<UID>/libvirt/qemu/run/swtpm/ files when using the qemu:///session bus (LP: #2017874) -- Olivier Gayot <[email protected]> Fri, 04 Aug 2023 11:10:37 +0200 swtpm (0.7.3-0ubuntu1) lunar; urgency=medium * New upstream release 0.7.3: - Bug fixes include: + Fix secure boot failure - TPM 2.0 not supported (LP: #2012028) * Add new debian/ files from upstream - d/clean: Clean man and gch files from source tree during build - d/not-installed: Do not install .la lib files with package - d/swtpm-libs.install: Install swtpm .so files with swtpm-libs package * d/rules: Add dh_clean and dh_makeshlibs overrides from upstream * d/swtpm-tools.install: Update installation of swtpm-tools files for 0.7 * d/control: Remove unneeded dependencies for 0.7 * Remove d/p/0001-Install-swtpm-localca-to-the-correct-path.patch as it is no longer needed to change swtpm-localca's path * d/p/no-autoconf-in-debian.patch: Refresh to clean fuzz * d/p/openssl-not-certtool.patch: Update and refresh to apply with 0.7 -- Lena Voytek <[email protected]> Wed, 22 Mar 2023 14:03:19 -0700 swtpm (0.6.3-0ubuntu5) lunar; urgency=medium * d/usr.bin.swtpm: Allow swtpm to also access /run/libvirt/qemu/swtpm/*.pid files that it does not own (LP: #1989100) -- Lena Voytek <[email protected]> Mon, 24 Oct 2022 10:52:06 -0700 swtpm (0.6.3-0ubuntu4) kinetic; urgency=medium * d/usr.bin.swtpm: Update apparmor profile to match swtpm upstream In between adding the apparmor profile to Ubuntu and merging upstream additional rules were used to cover more common use cases. (LP: #1992377) - The six capability lines fix the broken upstream unit test cases: test_ctrlchannel, test_vtpm_proxy, test_tpm2_file_permissions, test_tpm2_save_load_state_2_block, and test_tpm2_ctrlchannel2 - owner @{HOME}/** rwk was added as using a folder in one's home directory is common for managing tpm states - Access in the tmp directory is further generalized as this is where swtpm interacts with qemu and libvirt - The ability to read from /etc/nsswitch.conf was added for vtpm proxy to work -- Lena Voytek <[email protected]> Tue, 11 Oct 2022 10:54:21 -0700 ** Affects: swtpm (Ubuntu) Importance: Undecided Status: New ** Tags: needs-merge upgrade-software-version -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2126004 Title: Merge swtpm from Debian Unstable for r-series To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/swtpm/+bug/2126004/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
