Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package keylime for openSUSE:Factory checked
in at 2023-08-30 10:17:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/keylime (Old)
and /work/SRC/openSUSE:Factory/.keylime.new.1766 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "keylime"
Wed Aug 30 10:17:47 2023 rev:40 rq:1105560 version:7.5.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/keylime/keylime.changes 2023-08-03
17:27:17.582859179 +0200
+++ /work/SRC/openSUSE:Factory/.keylime.new.1766/keylime.changes
2023-08-30 10:18:48.288553784 +0200
@@ -1,0 +2,19 @@
+Thu Aug 24 06:55:14 UTC 2023 - apla...@suse.com
+
+- Update to version v7.5.0 (CVE-2023-38201, bsc#1213314):
+ * Monthly release (7.5.0)
+ * Fix for CVE-2023-38201 (Security Advisory GHSA-f4r5-q63f-gcww)
+ * verifier: should read parameters from verifier.conf only
+ * tests: Correctly configure kernel IMA
+ * Handle session close using a session manager
+ * requirements.txt: update the need sqlalchemy version to 1.3.12 and above.
+ * elchecking/example: add ignores for EV_PLATFORM_CONFIG_FLAGS
+ * tpm_cert_store: add the Alibaba Cloud vTPM EK x509 cert
+ * installer.sh: use the -i parameter to set the default binding and
listening IP about the agent, verifier, and registrar server is 127.0.0.1 or
0.0.0.0
+ * installer.sh: remove the unused command line params
+ * Update container build workflow actions
+ * mba: Manage the number of times measure boot attestation is done.
+ * codestyle: Fix access to possibly not available package 'rpm' (pyright)
+ * templates/2.0/mapping.json: fix the default registrar_port error in the
verifier config
+
+-------------------------------------------------------------------
Old:
----
keylime-v7.4.0.tar.xz
New:
----
keylime-v7.5.0.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ keylime.spec ++++++
--- /var/tmp/diff_new_pack.ZuTTcl/_old 2023-08-30 10:18:50.672638865 +0200
+++ /var/tmp/diff_new_pack.ZuTTcl/_new 2023-08-30 10:18:50.676639007 +0200
@@ -27,7 +27,7 @@
%define _config_norepl %config(noreplace)
%endif
Name: keylime
-Version: 7.4.0
+Version: 7.5.0
Release: 0
Summary: Open source TPM software for Bootstrapping and Maintaining
Trust
License: Apache-2.0 AND MIT AND BSD-3-Clause
++++++ _service ++++++
--- /var/tmp/diff_new_pack.ZuTTcl/_old 2023-08-30 10:18:50.716640435 +0200
+++ /var/tmp/diff_new_pack.ZuTTcl/_new 2023-08-30 10:18:50.720640578 +0200
@@ -1,7 +1,7 @@
<services>
<service name="tar_scm" mode="disabled">
<param name="versionformat">@PARENT_TAG@</param>
- <param name="revision">refs/tags/v7.4.0</param>
+ <param name="revision">refs/tags/v7.5.0</param>
<param name="url">https://github.com/keylime/keylime.git</param>
<param name="scm">git</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.ZuTTcl/_old 2023-08-30 10:18:50.736641149 +0200
+++ /var/tmp/diff_new_pack.ZuTTcl/_new 2023-08-30 10:18:50.740641292 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/keylime/keylime.git</param>
- <param
name="changesrevision">37809d40ced15c38daa41d578b39b12a595d1167</param></service></servicedata>
+ <param
name="changesrevision">29657502a4b59f1ffc702043fdb375c0e02bed60</param></service></servicedata>
(No newline at EOF)
++++++ keylime-v7.4.0.tar.xz -> keylime-v7.5.0.tar.xz ++++++
/work/SRC/openSUSE:Factory/keylime/keylime-v7.4.0.tar.xz
/work/SRC/openSUSE:Factory/.keylime.new.1766/keylime-v7.5.0.tar.xz differ: char
15, line 1
++++++ registrar.conf.diff ++++++
--- /var/tmp/diff_new_pack.ZuTTcl/_old 2023-08-30 10:18:50.800643433 +0200
+++ /var/tmp/diff_new_pack.ZuTTcl/_new 2023-08-30 10:18:50.804643576 +0200
@@ -1,12 +1,12 @@
---- registrar.conf.ORIG 2022-09-26 10:45:14.032956447 +0200
-+++ registrar.conf 2022-09-26 10:59:47.477707174 +0200
+--- config/registrar.conf.ORIG 2023-08-24 09:34:59.228880762 +0200
++++ config/registrar.conf 2023-08-24 09:36:34.165570356 +0200
@@ -5,7 +5,8 @@
version = 2.0
- # The registrar server IP address and port
--ip = 127.0.0.1
-+# ip = 127.0.0.1
-+ip = 0.0.0.0
+ # The binding address and port for the registrar server
+-ip = "127.0.0.1"
++# ip = "127.0.0.1"
++ip = "0.0.0.0"
port = 8890
tls_port = 8891
++++++ verifier.conf.diff ++++++
--- /var/tmp/diff_new_pack.ZuTTcl/_old 2023-08-30 10:18:50.836644718 +0200
+++ /var/tmp/diff_new_pack.ZuTTcl/_new 2023-08-30 10:18:50.840644860 +0200
@@ -1,22 +1,22 @@
---- verifier.conf.ORIG 2023-01-23 09:36:14.684727116 +0100
-+++ verifier.conf 2023-01-23 09:45:13.585042153 +0100
+--- config/verifier.conf.ORIG 2023-08-24 09:34:59.222214093 +0200
++++ config/verifier.conf 2023-08-24 09:37:53.332256150 +0200
@@ -8,7 +8,8 @@
uuid = default
- # The verifier server IP address and port
--ip = 127.0.0.1
-+# ip = 127.0.0.1
-+ip = 0.0.0.0
+ # The binding address and port for the verifier server
+-ip = "127.0.0.1"
++# ip = "127.0.0.1"
++ip = "0.0.0.0"
port = 8881
# The address and port of registrar server that the verifier communicates with
-@@ -233,7 +234,8 @@
+@@ -242,7 +243,8 @@
enabled_revocation_notifications = ['agent']
# The binding address and port of the revocation notifier service via ZeroMQ.
-zmq_ip = 127.0.0.1
+# zmq_ip = 127.0.0.1
-+zmp_ip = 0.0.0.0
++zmq_ip = 0.0.0.0
zmq_port = 8992
# Webhook url for revocation notifications.
