Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package swtpm for openSUSE:Factory checked
in at 2022-03-11 21:41:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/swtpm (Old)
and /work/SRC/openSUSE:Factory/.swtpm.new.25692 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "swtpm"
Fri Mar 11 21:41:04 2022 rev:10 rq:960503 version:0.7.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/swtpm/swtpm.changes 2022-02-24
18:18:20.458740252 +0100
+++ /work/SRC/openSUSE:Factory/.swtpm.new.25692/swtpm.changes 2022-03-11
21:41:07.518064116 +0100
@@ -1,0 +2,15 @@
+Wed Mar 9 14:07:03 UTC 2022 - Wolfgang Frisch <wolfgang.fri...@suse.com>
+
+- Update to version 0.7.2:
+ - swtpm:
+ - Do not chdir(/) when using --daemon
+ - swtpm-localca:
+ - Re-implement variable resolution for swtpm-localca.conf
+ - tests:
+ - Use ${WORKDIR} in config files to test env. var replacement
+ - man pages:
+ - Add missing .config directory to path description when using ${HOME}
+ - build-sys:
+ - Add probing for -fstack-protector
+
+-------------------------------------------------------------------
Old:
----
swtpm-0.7.1.tar.gz
New:
----
swtpm-0.7.2.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ swtpm.spec ++++++
--- /var/tmp/diff_new_pack.jnQpsx/_old 2022-03-11 21:41:09.198065405 +0100
+++ /var/tmp/diff_new_pack.jnQpsx/_new 2022-03-11 21:41:09.202065409 +0100
@@ -24,7 +24,7 @@
%define modulename2 swtpm_svirt
%define modulename3 swtpmcuse
Name: swtpm
-Version: 0.7.1
+Version: 0.7.2
Release: 0
Summary: Software TPM emulator
License: BSD-3-Clause
++++++ swtpm-0.7.1.tar.gz -> swtpm-0.7.2.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/CHANGES new/swtpm-0.7.2/CHANGES
--- old/swtpm-0.7.1/CHANGES 2022-02-18 14:32:34.000000000 +0100
+++ new/swtpm-0.7.2/CHANGES 2022-03-07 15:16:11.000000000 +0100
@@ -1,5 +1,17 @@
CHANGES - changes for swtpm
+version 0.7.2:
+ - swtpm:
+ - Do not chdir(/) when using --daemon
+ - swtpm-localca:
+ - Re-implement variable resolution for swtpm-localca.conf
+ - tests:
+ - Use ${WORKDIR} in config files to test env. var replacement
+ - man pages:
+ - Add missing .config directory to path description when using ${HOME}
+ - build-sys:
+ - Add probing for -fstack-protector
+
version 0.7.1:
- swtpm:
- Check header size indicator against expected size (CVE-2022-23645)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/configure.ac new/swtpm-0.7.2/configure.ac
--- old/swtpm-0.7.1/configure.ac 2022-02-18 14:32:34.000000000 +0100
+++ new/swtpm-0.7.2/configure.ac 2022-03-07 15:16:11.000000000 +0100
@@ -23,7 +23,7 @@
# This file is derived from tpm-tool's configure.in.
#
-AC_INIT([swtpm],[0.7.1])
+AC_INIT([swtpm],[0.7.2])
AC_PREREQ([2.69])
AC_CONFIG_SRCDIR(Makefile.am)
AC_CONFIG_HEADERS([config.h])
@@ -400,9 +400,12 @@
AS_HELP_STRING([--disable-hardening], [Disable hardening flags]))
if test "x$enable_hardening" != "xno"; then
- TMP="$($CC -fstack-protector-strong $srcdir/include/swtpm/tpm_ioctl.h
2>&1)"
- if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then
- HARDENING_CFLAGS="-fstack-protector -Wstack-protector"
+ # Some versions of gcc fail with -Wstack-protector,
+ # some with -Wstack-protector-strong enabled
+ if ! $CC -fstack-protector-strong -Wstack-protector
$srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
+ if $CC -fstack-protector -Wstack-protector
$srcdir/include/swtpm/tpm_ioctl.h 2>/dev/null; then
+ HARDENING_CFLAGS="-fstack-protector -Wstack-protector"
+ fi
else
HARDENING_CFLAGS="-fstack-protector-strong -Wstack-protector"
fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/debian/changelog
new/swtpm-0.7.2/debian/changelog
--- old/swtpm-0.7.1/debian/changelog 2022-02-18 14:32:34.000000000 +0100
+++ new/swtpm-0.7.2/debian/changelog 2022-03-07 15:16:11.000000000 +0100
@@ -1,3 +1,9 @@
+swtpm (0.7.2) RELEASED; urgency=low
+
+ * Stable release
+
+ -- Stefan Berger <stef...@linux.ibm.com> Mon, 07 Mar 2022 09:00:00 -0500
+
swtpm (0.7.1) RELEASED; urgency=medium
* Stable release
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/man/man8/swtpm_setup.pod
new/swtpm-0.7.2/man/man8/swtpm_setup.pod
--- old/swtpm-0.7.1/man/man8/swtpm_setup.pod 2022-02-18 14:32:34.000000000
+0100
+++ new/swtpm-0.7.2/man/man8/swtpm_setup.pod 2022-03-07 15:16:11.000000000
+0100
@@ -28,7 +28,7 @@
will be used. The search order for the default configuration file is
as follows. If the environment variable XDG_CONFIG_HOME is set,
${XDG_CONFIG_HOME}/swtpm_setup.conf will be used if available, otherwise if
-the environment variable HOME is set, ${HOME}/swtpm_setup.conf
+the environment variable HOME is set, ${HOME}/.config/swtpm_setup.conf
will be used if available. If none of the previous ones are available,
/etc/swtpm_setup.conf
will be used.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/src/swtpm/daemonize.c
new/swtpm-0.7.2/src/swtpm/daemonize.c
--- old/swtpm-0.7.1/src/swtpm/daemonize.c 2022-02-18 14:32:34.000000000
+0100
+++ new/swtpm-0.7.2/src/swtpm/daemonize.c 2022-03-07 15:16:11.000000000
+0100
@@ -274,12 +274,6 @@
return;
}
- if (chdir("/") == -1) {
- fprintf(stderr, "Failed to change directory to /: %s\n",
- strerror(errno));
- fflush(stderr);
- exit(1);
- }
if (dup2(devnullfd, STDOUT_FILENO) == -1) {
fprintf(stderr, "Failed to redirect output stream to /dev/null: %s\n",
strerror(errno));
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/src/swtpm_localca/swtpm_localca_utils.c
new/swtpm-0.7.2/src/swtpm_localca/swtpm_localca_utils.c
--- old/swtpm-0.7.1/src/swtpm_localca/swtpm_localca_utils.c 2022-02-18
14:32:34.000000000 +0100
+++ new/swtpm-0.7.2/src/swtpm_localca/swtpm_localca_utils.c 2022-03-07
15:16:11.000000000 +0100
@@ -58,9 +58,12 @@
for (idx = 0; config_file_lines[idx] != NULL; idx++) {
const gchar *line = config_file_lines[idx];
if (regexec(&preg, line, 2, pmatch, 0) == 0) {
- result = g_strndup(&line[pmatch[1].rm_so],
- pmatch[1].rm_eo - pmatch[1].rm_so);
- g_strchomp(result);
+ g_autofree gchar *tmp = NULL;
+
+ tmp = g_strndup(&line[pmatch[1].rm_so],
+ pmatch[1].rm_eo - pmatch[1].rm_so);
+ g_strchomp(tmp);
+ result = resolve_string(tmp);
break;
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/swtpm.spec new/swtpm-0.7.2/swtpm.spec
--- old/swtpm-0.7.1/swtpm.spec 2022-02-18 14:32:34.000000000 +0100
+++ new/swtpm-0.7.2/swtpm.spec 2022-03-07 15:16:11.000000000 +0100
@@ -8,7 +8,7 @@
Summary: TPM Emulator
Name: swtpm
-Version: 0.7.1
+Version: 0.7.2
Release: 1%{?dist}
License: BSD
Url: https://github.com/stefanberger/swtpm
@@ -174,6 +174,9 @@
%{_datadir}/swtpm/swtpm-create-tpmca
%changelog
+* Mon Mar 07 2022 Stefan Berger <stef...@linux.ibm.com> -
0.7.2-1.20220225git-------
+- v0.7.2 release
+
* Fri Feb 18 2022 Stefan Berger <stef...@linux.ibm.com> -
0.7.1-1.20220218git-------
- v0.7.1 release
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/swtpm.spec.in
new/swtpm-0.7.2/swtpm.spec.in
--- old/swtpm-0.7.1/swtpm.spec.in 2022-02-18 14:32:34.000000000 +0100
+++ new/swtpm-0.7.2/swtpm.spec.in 2022-03-07 15:16:11.000000000 +0100
@@ -174,6 +174,9 @@
%{_datadir}/swtpm/swtpm-create-tpmca
%changelog
+* Mon Mar 07 2022 Stefan Berger <stef...@linux.ibm.com> -
0.7.2-1.20220225git-------
+- v0.7.2 release
+
* Fri Feb 18 2022 Stefan Berger <stef...@linux.ibm.com> -
0.7.1-1.20220218git-------
- v0.7.1 release
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/swtpm-0.7.1/tests/test_swtpm_setup_create_cert
new/swtpm-0.7.2/tests/test_swtpm_setup_create_cert
--- old/swtpm-0.7.1/tests/test_swtpm_setup_create_cert 2022-02-18
14:32:34.000000000 +0100
+++ new/swtpm-0.7.2/tests/test_swtpm_setup_create_cert 2022-03-07
15:16:11.000000000 +0100
@@ -28,13 +28,14 @@
# We want swtpm_cert to use the local CA and see that the
# local CA script automatically creates a signingkey and
-# self-signed certificate
+# self-signed certificate; use ${WORKDIR} in the config files
+# to test env variable resolution
cat <<_EOF_ > ${workdir}/swtpm-localca.conf
-statedir=${workdir}
-signingkey = ${SIGNINGKEY}
-issuercert = ${ISSUERCERT}
-certserial = ${CERTSERIAL}
+statedir=\${WORKDIR}
+signingkey = \${WORKDIR}/signingkey.pem
+issuercert = \${WORKDIR}/issuercert.pem
+certserial = \${WORKDIR}/certserial
_EOF_
cat <<_EOF_ > ${workdir}/swtpm-localca.options
@@ -48,8 +49,8 @@
cat <<_EOF_ > ${workdir}/swtpm_setup.conf
create_certs_tool=${SWTPM_LOCALCA}
-create_certs_tool_config=${workdir}/swtpm-localca.conf
-create_certs_tool_options=${workdir}/swtpm-localca.options
+create_certs_tool_config=\${WORKDIR}/swtpm-localca.conf
+create_certs_tool_options=\${WORKDIR}/swtpm-localca.options
_EOF_
# We need to adapt the PATH so the correct swtpm_cert is picked
@@ -59,7 +60,8 @@
export SWTPM_ROOTCA_PASSWORD=password
# we need to create at least one cert: --create-ek-cert
-$SWTPM_SETUP \
+WORKDIR=${workdir} \
+ $SWTPM_SETUP \
--tpm-state ${workdir} \
--create-ek-cert \
--config ${workdir}/swtpm_setup.conf \
