Request 1089753: Submit rekor - openSUSE Build Service

Overview

Request 1089753 accepted

- updated to rekor 1.2.1 (jsc#SLE-23476):
Security fix:
- CVE-2023-33199: Fixed that malformed proposed intoto v0.0.2 entries can cause a panic (bsc#1211790)
Functional Enhancements
- add client method to generate TLE struct (#1498)
- add dsse type (#1487)
- support other KMS providers (AWS, Azure, Hashicorp) in addition to GCP (#1488)
- Add concurrency to backfill-redis (#1504)
- omit informational message if machine-parseable output has been requested (#1486)
- Publish stable checkpoint periodically to Redis (#1461)
- Add intoto v0.0.2 to backfill script (#1500)
- add new method to test insertability of proposed entries into log (#1410)
Quality Enhancements
- use t.Skip() in fuzzers (#1506)
- improve fuzzing coverage (#1499)
- Remove watcher script (#1484)
Bug Fixes
- Merge pull request from GHSA-frqx-jfcm-6jjr (CVE-2023-33199)
- Remove requirement of PayloadHash for intoto 0.0.1 (#1490)
- fix lint errors, bump linter up to 1.52 (#1485)
- Remove dependencies from pkg/util (#1469) (forwarded request 1089735 from msmeissn)

Created by msmeissn 12 months ago
In state accepted

Submit rekor

Comments for request 1089753 0

Login required, please login in order to comment

Request History

msmeissn created request 12 months ago

- updated to rekor 1.2.1 (jsc#SLE-23476):
Security fix:
- CVE-2023-33199: Fixed that malformed proposed intoto v0.0.2 entries can cause a panic (bsc#1211790)
Functional Enhancements
- add client method to generate TLE struct (#1498)
- add dsse type (#1487)
- support other KMS providers (AWS, Azure, Hashicorp) in addition to GCP (#1488)
- Add concurrency to backfill-redis (#1504)
- omit informational message if machine-parseable output has been requested (#1486)
- Publish stable checkpoint periodically to Redis (#1461)
- Add intoto v0.0.2 to backfill script (#1500)
- add new method to test insertability of proposed entries into log (#1410)
Quality Enhancements
- use t.Skip() in fuzzers (#1506)
- improve fuzzing coverage (#1499)
- Remove watcher script (#1484)
Bug Fixes
- Merge pull request from GHSA-frqx-jfcm-6jjr (CVE-2023-33199)
- Remove requirement of PayloadHash for intoto 0.0.1 (#1490)
- fix lint errors, bump linter up to 1.52 (#1485)
- Remove dependencies from pkg/util (#1469) (forwarded request 1089735 from msmeissn)

factory-auto added opensuse-review-team as a reviewer 12 months ago

Please review sources

factory-auto accepted review 12 months ago

Check script succeeded

jengelh accepted review 12 months ago

dimstar_suse added openSUSE:Factory:Staging:adi:26 as a reviewer 12 months ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:26"

dimstar_suse accepted review 12 months ago

Picked "openSUSE:Factory:Staging:adi:26"

licensedigger accepted review 12 months ago

The legal review is accepted preliminary. The package may require actions later on.

dimstar_suse accepted review 12 months ago

Staging Project openSUSE:Factory:Staging:adi:26 got accepted.

dimstar_suse approved review 12 months ago

Staging Project openSUSE:Factory:Staging:adi:26 got accepted.

dimstar_suse accepted request 12 months ago

Staging Project openSUSE:Factory:Staging:adi:26 got accepted.

openSUSE Build Service is sponsored by