|Index||index by Group||index by Distribution||index by Vendor||index by creation date||index by Name||Mirrors||Help||Search|
|Name: libtspi1||Distribution: openSUSE Tumbleweed|
|Version: 0.3.15||Vendor: openSUSE|
|Release: 6.1||Build date: Fri May 26 02:35:40 2023|
|Group: Productivity/Security||Build host: cloud120|
|Size: 555128||Source RPM: trousers-0.3.15-6.1.src.rpm|
|Summary: TSS (TCG Software Stack) access daemon for a TPM chip|
The trousers package provides a TSS implementation through the help of a user-space daemon, the tcsd, and a library Trousers aims to be compliant to the 1.1b and 1.2 TSS specifications as available from the Trusted Computing website https://www.trustedcomputinggroup.org/. The package needs the /dev/tpm device file to be present on your system. It is a character device file major 10 minor 224, 0600 tss:tss.
* Mon Aug 22 2022 Dominique Leuenberger <firstname.lastname@example.org> - BuildRequire pkgconfig(udev) instead of udev: allow OBS to shortcut through the -mini flavors. * Tue Apr 12 2022 Marcus Meissner <email@example.com> - changed urls to https (except main URL which has no https) * Thu Nov 25 2021 Johannes Segitz <firstname.lastname@example.org> - Added hardening to systemd service(s) (bsc#1181400). Modified: * tcsd.service * Tue Oct 05 2021 Matthias Gerstner <email@example.com> - move libraries to /usr/lib (bsc#1191102) * Thu Nov 05 2020 Matthias Gerstner <firstname.lastname@example.org> - update to new upstream version 0.3.15: - Corrected mutliple security issues that existed if the tcsd is started by root instead of the tss user. CVE-2020-24332, CVE-2020-24330, CVE-2020-24331 - Replaced use of _no_optimize with asm memory barrier - Fixed multiple potential instances of use after free memory handling - Removed unused global variables which caused build issue on some distros - drop gcc-10.patch: now contained in upstream tarball - drop bsc1164472.patch: now contained in upstream tarball - adjusted %setup macro invocation which seemed to be wrong * Mon Jul 27 2020 email@example.com - In a previous commit the Requires line for the tss user got accidentally dropped. This change reintroduces it. * Tue Jun 02 2020 Matthias Gerstner <firstname.lastname@example.org> - add gcc-10.patch: fixes the build on gcc 10 by removing unused global variables. This patch was posted on the TrouSerS mailing list . : https://sourceforge.net/p/trousers/mailman/message/36951419/ * Wed May 20 2020 Matthias Gerstner <email@example.com> - get rid of %pre/%post logic that fixes the old packaging bug. Turns out %pretrans and %posttrans had their purpose before, because the logic needed to run before old files owned by the package got deleted. But I'm not reimplementing this strange logic in Lua ... users that didn't get the fix yet will have to live with it. * Wed May 20 2020 Matthias Gerstner <firstname.lastname@example.org> - fix a potential tss user to root privilege escalation when running tcsd (bsc#1164472). To do this run tcsd as the 'tss' user right away to prevent badly designed privilege drop and initialization code to run. - add bsc1164472.patch: additionally harden operation of tcsd when running as root. No longer follow symlinks in /var/lib/tpm. Drop gid to tss main group. require /etc/tcsd.conf to be owned by root:tss mode 0640. * Wed May 13 2020 email@example.com - add correct Requires(pre) and change %pretrans and %posttrans into %pre and %post. %pretrans can't have any dependencies and therefore can only be %implemented in lua. This currently leads to build errors "/bin/sh: no such file or directory". * Wed Feb 19 2020 Matthias Gerstner <firstname.lastname@example.org> - leave creation of /var/lib/tpm to the new system-user-tss package. Otherwise we're getting conflicts in packages depending on trousers (bsc#1162360). * Fri Jan 31 2020 Michal Suchanek <email@example.com> - Use system-users for tss user creation (boo#1162360).
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Sep 23 23:20:37 2023