Revisions of ima-evm-utils
Dominique Leuenberger (dimstar_suse)
accepted
request 1135992
from
Marcus Meissner (msmeissn)
(revision 23)
Dominique Leuenberger (dimstar_suse)
accepted
request 1070713
from
Marcus Meissner (msmeissn)
(revision 22)
- Update to version 1.5 * CI changes: * New: UML kernel testing environment * Support for running specific test(s) * Update distros * Update software release versions * New features: * Signing fs-verity signatures * Reading TPM 2.0 PCRs via sysfs interface * New tests: * Missing IMA mmapped file measurements * Overlapping IMA policy rules * EVM portable signatures * fs-verity file measurements in the IMA measurement list * Build and library changes: * OpenSSL 3.0 version related changes * New configuration options: --disable-engine, --enable-sigv1 * Deprecate IMA signature v1 format * Misc bug fixes and code cleanup: * memory leaks, bounds checking, use after free * Fix and update test output * Add missing sanity checks * Documentation: * Store the sourceforge ima-evm-utils wiki for historical purposes. - Upstream bumped soname to 4.0.0 - Add BuildRequires: e2fsprogs util-linux (required by tests, which are mandatory) - /usr/sbin to PATH (0001-fsverity.test-Add-usr-sbin-into-PATH.patch, sent to upstream ML) (forwarded request 1070704 from pevik)
Dominique Leuenberger (dimstar_suse)
accepted
request 972600
from
Marcus Meissner (msmeissn)
(revision 21)
- switch to use https urls
Dominique Leuenberger (dimstar_suse)
accepted
request 722572
from
Marcus Meissner (msmeissn)
(revision 15)
- Update to version 1.2.1 (included changes of unreleased v1.2) version 1.2 new features: * Generate EVM signatures based on the specified hash algorithm * include "security.apparmor" in EVM signature * Add support for writing & verifying "user.xxxx" xattrs for testing * Support Strebog/Gost hash functions * Add OpenSSL engine support * Use of EVP_PKEY OpenSSL API to generate/verify v2 signatures * Support verifying multiple signatures at once * Support new template "buf" field and warn about other unknown fields * Improve OpenSSL error reporting * Support reading TPM 2.0 PCRs using tsspcrread Bug fixes and code cleanup: * Update manpage stylesheet detection * Fix xattr.h include file * On error when reading TPM PCRs, don't log gargabe * Properly return keyid string to calc_keyid_v1/v2 callers, caused by limiting keyid output to verbose mode * Fix hash buffer overflow caused by EVM support for larger hashes, defined MAX_DIGEST_SIZE and MAX_SIGNATURE_SIZE, and added "asserts". * Linked with libcrypto instead of OpenSSL * Updated Autotools, replacing INCLUDES with AM_CPPFLAGS * Include new "hash-info.gen" in tar * Log the hash algorithm, not just the hash value * Fixed memory leaks in: EV_MD_CTX, init_public_keys * Fixed other warnings/bugs discovered by clang, coverity * Remove indirect calls in verify_hash() to improve code readability * Don't fallback to using sha1 * Namespace some too generic object names * Make functions/arrays static if possible (forwarded request 719901 from pevik)
Yuchen Lin (maxlin_factory)
accepted
request 635260
from
Marcus Meissner (msmeissn)
(revision 14)
- ima-evm-utils-xattr.patch: xattr.h is now libattr.h
Dominique Leuenberger (dimstar_suse)
accepted
request 587839
from
Marcus Meissner (msmeissn)
(revision 13)
- Update to version 1.1
* Support the new openssl 1.1 api
* Support for validating multiple pcrs
* Verify the measurement list signature based on the list digest
* Verify the "ima-sig" measurement list using multiple keys
* Fixed parsing the measurement template data field length
* Portable & immutable EVM signatures (new format)
* Multiple fixes that have been lingering in the next branch. Some
are for experimental features that are not yet supported in the
kernel.
- Drop ima-evm-utils-openssl1.patch (not needed any more as IMA got
backward compatible support for openssl 1.1). (forwarded request 587829 from pevik)
Dominique Leuenberger (dimstar_suse)
accepted
request 546015
from
Alexander Naumov (Alexander_Naumov)
(revision 12)
Dominique Leuenberger (dimstar_suse)
accepted
request 539892
from
Marcus Meissner (msmeissn)
(revision 11)
- ima-evm-utils-openssl1.patch: allow building against openssl 1.1 (bsc#1066947)
Dominique Leuenberger (dimstar_suse)
accepted
request 536019
from
Marcus Meissner (msmeissn)
(revision 10)
- added openssl-devel dependency to ima-evm-utils-devel. otherwise the ima header can't be included if the openssl headers are missing (forwarded request 535941 from mgerstner)
Dominique Leuenberger (dimstar_suse)
accepted
request 534142
from
Marcus Meissner (msmeissn)
(revision 9)
- No need to remove .a files which don't exist. - Drop extraneous ldconfig call on preun. - Update RPM groups and descriptions. (forwarded request 534000 from jengelh)
Dominique Leuenberger (dimstar_suse)
accepted
request 517195
from
Marcus Meissner (msmeissn)
(revision 8)
- Add ima-evm-utils to SLES. (FATE#321603)
Dominique Leuenberger (dimstar_suse)
accepted
request 494960
from
Factory Maintainer (factory-maintainer)
(revision 7)
Automatic submission by obs-autosubmit
Dominique Leuenberger (dimstar_suse)
accepted
request 354724
from
Marcus Meissner (msmeissn)
(revision 6)
- ima-evm-utils-fix-docbook-xsl-directory.patch: fixed the nwalsh docbook directory again
Dominique Leuenberger (dimstar_suse)
accepted
request 347180
from
Marcus Meissner (msmeissn)
(revision 5)
update (forwarded request 347178 from posophe)
Dominique Leuenberger (dimstar_suse)
accepted
request 282575
from
Marcus Meissner (msmeissn)
(revision 4)
1
Displaying revisions 1 - 20 of 23
