swtpm-devel-0.7.3-150500.2.1 >  A dQCp9|OJaBp2憈Etϻmr]dM?L{/XZAxs810wUyqrȥ7٘`S O'e'`Qp;0 ?/d  ;\`lp $4 < D T  0P`  M (s8|9:HF,G-H- I-0X-4Y-<\-`]-p^-b-c.d.e.f.l.u/v/ z/////Cswtpm-devel0.7.3150500.2.1Development files for swtpmThe development files for SWTPMdQ!ibs-arm-3BSD-3-Clausehttps://www.suse.com/Development/Libraries/C and C++https://github.com/stefanberger/swtpmlinuxaarch64'A큤dQdQdQdQ6d67d368af8e9f9591eb96403f06bd0d6854199674a1d221fac38bb974ddc249c5d472baa358eb14e45d0bf6d008c9ed9d3c4023db59c9431b1b250debedae4clibswtpm_libtpms.so.0.0.0rootrootrootrootrootrootrootrootswtpm-0.7.3-150500.2.1.src.rpmswtpm-develswtpm-devel(aarch-64)    glib2-devellibopenssl-devellibseccomp-devellibtpms-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)swtpm3.0.4-14.6.0-14.0-15.2-10.7.34.14.3dP@cAf@bk@bMb(b~a@aKau`O@_w@___R__5+@_"@_ ^1^,]pZmeissner@suse.commeissner@suse.commeissner@suse.commliska@suse.czwolfgang.frisch@suse.commeissner@suse.commeissner@suse.commeissner@suse.comgmbr3@opensuse.orgpmonreal@suse.commeissner@suse.comglin@suse.comglin@suse.comkai.liu@suse.comkai.liu@suse.comkai.liu@suse.comkai.liu@suse.comkai.liu@suse.comglin@suse.comglin@suse.comglin@suse.comglin@suse.com- remove python3 dependency, no longer needed after rewrite (bsc#1211010)- remove selinux support for now.- Updated to version 0.7.3: - swtpm: - Use uint64_t in tlv_data_append() to avoid integer overflows - Use uint64_t to avoid integer wrap-around when adding a uint32_t - removed allow-FORTIFY_SOURCE=3.patch (upstreamed)- Cheery-pick upstream patch allow-FORTIFY_SOURCE=3.patch.- Update to version 0.7.2: - swtpm: - Do not chdir(/) when using --daemon - swtpm-localca: - Re-implement variable resolution for swtpm-localca.conf - tests: - Use ${WORKDIR} in config files to test env. var replacement - man pages: - Add missing .config directory to path description when using ${HOME} - build-sys: - Add probing for -fstack-protector- Update to version 0.7.1: - swtpm: - Check header size indicator against expected size (CVE-2022-23645 bsc#1196240) - swtpm_localca: - Test for available issuercert before creating CA- Update to version 0.7.0: - swtpm: - Support for linear file storage backend (file://) - Report 'tpm-1.2' & 'tpm-2.0' in --print-capabilities depending what libtpms supports - Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs - Wipe keys from stack and heap - Many other small changes - Make --daemon not racy - swtpm_setup: - Only activate SHA256 PCR bank, not SHA1 bank anymore by default - Support for linear file storage backend (file://) - Implement option --create-config-files to create config files - Use non-deprecated APIs to contruct RSA key (OSSL 3) - Report stderr as returned by external tool (swtpm-localcal) - Replace '+' and ',' characters in VMId's to make work with common name in X509 subject - Add support for --reconfigure flag to change active PCR banks - swtpm_localca: - Created certificates for CAs and TPM that do not expire - swtpm_cert: - Allow passing -1 for days to get a non-expiring certificate - test: - ASAN-related test changes and skipping of tests if ASAN is used - Fix tests using tpm2-abrmd by preventing concurrency - Skip chardev related tests after checking for chardev support - exit with error code if mktemp fails - OSSL 3: Make TPM 1.2 test compile; skip IBM TSS 2 test - build-sys: - Introduce --enable-sanitizers to configure - Remove check for pip3 that was used by python swtpm_setup - Allow passing of aditional CFLAGS during build- Update to version 0.6.1: - swtpm: - Clear keys from stack and heap - swtpm-localca: - Add missing else branch for pkcs11 and PIN - swtpm_setup: - Initialize Gerror and free it - Replace '\\s' in regex with [[:space:]] to fix cygwin - tests: - Kill tpm2-abrmd with SIGKILL rather SIGTERM - build-sys: - Use -DOPENSSL_SUPPRESS_DEPRECATED to suppress deprecation warnings (OSSL 3) - Enable configuring with CFLAGS and passing additional CFLAGS on build- Update to version 0.6.0: - Addressed potential symlink attack issue (CVE-2020-28407) - Rewritten in 'C'; needs json-glib - Use timeouts for communicating with swtpm (Unix socket) - Fix --print-capabilities for 'swtpm chardev' - Various cleanups and fixes (coverity) - Enable selinux support - Removed swtpm-rename_deprecated_libtasn1_types.patch: upstream - Fix rpmlint errors- swtpm_cert: rename deprecated libtasn1 types. * https://github.com/stefanberger/swtpm/pull/443 * Add swtpm-rename_deprecated_libtasn1_types.patch- Update to version 0.5.2 - swtpm: - Fix potential buffer overflow related to largely unused data hashing function in control channel - swtpm: Unconditionally close fd if writing of pidfile fails (coverity) - swtpm_setup: - Increase timeout from 10s to 30s for slower machines - Travis: - Not building on OS X anymore due to additional costs- Use "Requires user(tss)" for the "tss" user and group- Create /var/lib/swtpm-localca to store the keys created by swtpm-localca (bsc#1179811) - Replace net-tools-deprecated with iproute2 since the scripts in swtpm now can use 'ss' instead of 'netstat'- Update to version 0.5.1 * swtpm & swtpm_setup: - Addressed potential symlink attack issue (CVE-2020-28407) * build-sys: - Fix configure python cryptography error message - Misc. spec file changes.- Update Requires and BuildRequires for changes since 0.4.0. - Remove patch files that are no longer needed: * swtpm-adjust-seccomp-path.patch * swtpm-setup-tcsd-path.patch * swtpm-tpm-tools-path.patch - Update to version 0.5.0 * swtpm: - Write files atomically using a temp file and then renaming * swtpm_setup: - Removed remaining 'c' wrapper program - Do not truncate logfile when testing write-access (regression) - Remove TPM state file in case error occurred * swtpm-localca: - Rewrite in python - Allow passing pkcs11 PIN using signingkey_password - Allow passing environment variables needed for pkcs11 modules using swtpm-localca.conf and format 'env:VARNAME=VALUE'. * build-sys: - Add python-install and python-uninstall targets - Add configure option to disable installation of Python module - Use -Wl,-z,relro and -Wl,-z,now only when linking (clang) - Use AC_LINK_IFELSE to check whether support for hardening flags - Changes from version 0.4.1 * swtpm_setup: - Do not hardcode '/etc' but use SYSCONFDIR - Fix support for -h and -? options - Add missing .config path when using ${HOME} * swtpm-localca: - Apply password for signing key when creating platform cert - Properly apply passwords for localca signing key - Changes from version 0.4.0 * swtpm: - Invoke print capabilities after choosing TPM version - Add some recent syscalls to seccomp blacklist * swtpm_cert: - Support --ecc-curveid option to pass curve id * swtpm_setup & related scripts: - Rewrite swtpm_setup.sh in python with TPM 1.2 not requiring tcsd and TPM tools anymore; new dependencies: - python3: pip, cryptography, setuptools dropped dependencies for swtpm_setup: - tcsd, expect, tpm-tools (some still needed for pkcs11 tests) - Added support for RSA 3072 keys (for libtpms-0.8.0) and moved to ECC NIST P384 curve; default RSA key size is still 2048 - Added support for --rsa-keysize option - Extend script to create a CA using a TPM 2 for signing * tests: - Use the IBM TSS2 v1.5.0's test suite - Add test case for loading of an NVRAM completely full with keys - Have softhsm_setup use temporary directory for softhsm config & state - various other improvements * man pages: - Improvements * build-sys: - clang: properly test for linker flag 'now' and 'relro' - Gentoo: explicitly link libswtpm_libtpms with -lcrypto - Ownership of /var/lib/swtpm-localca is now tss:root and mode flags 0750.- Update to version 0.3.4: * swtpm: - Fix compilation for cygwin * swtpm_setup & swtpm-localca: - Get rid of bash's eval when invoking external tools to avoid abuse. Only use eval for 'resolving' variables. * tests: - Various fixes of minor issues- Update to version 0.3.3: * swtpm_setup: - openSUSE: Support tcsd configuration where tss user != tss group, such as root/tss; Fedora & Ubuntu for example use tss/tss * build-sys: - Check whether tss user and group are available - Add tss user & group build flags per upstream instruction. This together with v0.3.3 fixed the bug with TPM 1.2 emulation. Related upstream bug: https://github.com/stefanberger/swtpm/issues/284- Update to 0.3.2: + swtpm: + Remove unnecessary #include (fixes SuSE build) + Make coverity happy by handling default case in case statement + swtpm_setup: + bugfix: Create ECC storage primary key in owner hierarchy + bugfix: remove tpm2_stirrandom and tpm2_changeeps + tests: + Adjusted pcrUpdateCounter in tests to succeed with PCR TCB group fixes in libtpms TPM 2 code- Update to 0.3.1 + swtpm: Fix vtpm proxy case without startup flags + swtpm: Only call memcpy if tocopy != 0 (coverity) + man: Document new startup options and capabilities advertisement + swtpm: Enable sending startup commands before processing commands + swtpm_cert: Accept serial numbers that use up to 64bits + swtpm_cert: Use getopt_long_only to parse options + swtpm_cert: Add support for --print-capabilities option + swtpm_cert: Allow passing signing key and parent key via new option + swtpm_setup: Enable spaces in paths and other variables + swtpm_ioctl: Calculate strlen(input) only once + swtpm_ioctl: Block SIGPIPE so we can get EPIPE on write() + swtpm_bios: Block SIGPIPE so we can get EPIPE on write() + swtpm: Only accept() new client ctrl connection if we have none + swtpm_setup: Do not fail on future PCR banks' hashes + swtpm_setup: Use 1st part of SWTPM_EXE/SWTPM_IOCTL to determine executable + swtpm_setup: Keep reserved range of file descriptors for swtpm_setup.sh + swtpm_setup: Log about encryption and fix c&p error in err msg + swtpm: Add --print-capabilities to help screen of 'swtpm chardev' + swtpm_ioctl: Fix uninitialized variable 'pgi' + swtpm_cert: Use gnutls_x509_crt_get_subject_key_id API call for subj keyId + swtpm_cert: Fix OIDs for TPM 2 platforms data + swtpm: Fix typo in error report: HMAC instead of hash + swtpm: Use writev_full rather than writev; fixes --vtpm-proxy EIO error - Refresh swtpm-setup-tcsd-path.patch- Amend swtpm-adjust-seccomp-path.patch to add the missing seccomp paths - Adjust the conditional check of net-tools-deprecated for SLE15 and SLE15-SP1- Update to 0.2.0 +Linux: swtpm now runs with a seccomp profile (blacklist) if compiled with libseccomp support + Added subpport for passing key and passphrase via file descriptor + TPM 2 commands can now be prefixed by 'the TCG header' and responses will have a 4-byte prefix and 4-byte suffix. + Added --print-capabilities command line option + Proper handling on EINTR on read, poll, and write - Patches to adjust the pathes + swtpm-tpm-tools-path.patch + swtpm-setup-tcsd-path.patch + swtpm-adjust-seccomp-path.patch- Initial import: 0.1.0-dev2ibs-arm-3 16830712650.7.3-150500.2.10.7.3-150500.2.1swtpmtpm_ioctl.hlibswtpm_libtpms.soswtpm_ioctls.3.gz/usr/include//usr/include/swtpm//usr/lib64/swtpm//usr/share/man/man3/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP5:GA/standard/fecc8529b0425a754cebef0033b99654-swtpmcpioxz5aarch64-suse-linuxdirectoryC source, ASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)IE|y[utf-8ade483026aa9a37b519d0201309c95fa1bce69adc254cd05666408c9905bc077?P7zXZ !t/?s Y] crt:bLL rSѭ|,/Od\>JNKGLH ӎbanZzgd.~r ;wIhF߹ ED- lZw'MSQTwE< !;< ~:hVcX7aiGBAC& kzS'=v2o.b$? ƧS;]@v1V{||d_w`dFC^d/D7)`qq'%[<ΡMyai1fԒ9[MȂ*5H,6Sr57 ŶhxHdÆWQb{u1%apN59X,dQ<2} QN?wfdheؕۢI*wA (bjFX9C.bFwDRNI2j4_~`7#}4[otpl!33`%d_CuYi <'=/Y˗RZncR`Uo[F(6Ů(.#k} >IwRzOpzxh5ױZ5zPA|{Ͽ== z` 1S+3P+L WC,yxDk,d)>faGS)mH dYk?2QUZo?KZ23f۬ o|͸xuXz>Zj!#*,vzR.mgS 77\T5o1t$P{Ot7-GF閹ܬv('.\x]^ڕBcm 螤z_emiȭhhըBDi:%pjR3(3TB4H{x;&ꑍ&^~DI?O!vɵ@G V~&+E8kvO͘3LcS2+a5=]9LfHcM'X.M[ 8o\ꎃ#5ひ^%RdܡFNX [Ϋp"̵~SJYbQ`3?T٥#?F>֞ȸy,S6gӨ#\SHd`DŻM &#y貋ZU"Oّ<[6v'`nҺ'Ap52 BB=hidgBD7-⿅NEv4#->1rQFح t&K0ΜffĞvGNOX%3@&AiNbbj>)ׁpӶjUFXxZ\6f:P=sBk;ˬ:@luڢ0 vw%_1ZɸL [M8V1p*7{)K]1#IbXtCO/EPwد7|9Noϱ̰(2xCPL!P2c&)Oe$(d*m-P\Π0ϕGޱD &y5?J]5QR@Y $3(³bv6An;}l ҾWw%r>q<)<-eh} Z!P4( мy]k\!={׫Si )cM3m^͎ZʜH<CbY7s6[ΞKe y_կ\]肭#^hB9֤„ eޓMZZb?e,׹:tǴю 1\㹖cPPH(84 7 #-i"'thŖY~SojV^| 7U'ˮJMD̏4 8='!PJBiZT<`PA16lLj6,@4TE( A1T7nw΅"u%2 [| U 8uhua-Ec6'`s9$|%+>B޸Q$R.}ψz; "WXQZbmaH֣þFQ.B6Wt}5/B?5D Y pn1NQeTyv;6d7c)_6<ݠ'8 ;hLualu& L xZ^bc%3)^f &ۣO O  Q,Hl=r>مFk(kn_MFFr8y7# RDDLF8WKr\t1c&ĭ@g񭥹c9%8'y.X?r<%4*3 aQJ9 48fI[L,AQȳ(MR-@;G"BaƺPcVFs+ՙsɘǻ-gb* O=`ZUCXvz22L=ߛMKqB*w-?qjh*l[ LΌZIe;"g9'+S-D?ӏ3t)¾ALJVb!S󣉓1*:ȽkˢuZМnW- ;)6\l}\IVU( v ʊj)ke8Įb z0A-fܱ4S(QAEǼ=Ԓ r 6r5ܰi#\MJyt}Gc݆E6*&&K92P1g q-9 \/> 8ex)>dQ+a(# T'mP^+1r!꛹g_+<`[HY\Rr Ӯ-GoT(<t V`8@3_`$A9'+mq,٧tu uֵ&:=#tt7]zNswGA>Ӛt(ʻo&-tT#fK):$.NPK1Γ/h1R s@Cv OêҼf[t)„jGʈ9Us*f&\,c nWQSvowZCЋ1`@P|f`˜t)s߅䫂1Cε?SoD/Heٗ0]>+⭝?qҝMӣU"ȑX9!HՈF@Ayys=CPexx{WGZ"pu5k*6{AF \_ 1t%8# q{$?<Ѽ?=dz;)rm[k0VQ2v f?UHYIp뇙NU1j+mk^Lx/%_'9cJjʿ.ww QGrnh2|+6zy"ڵAXiO((mPO\qdO7Ser]v'r& }Yw7Ɛfxhqg]@q!aVg\5Sjz]BK2+A>k9 }F+N uL[ )""L"`J_ tɃ`ko~eO˽ -Q+T1r0-ه!=ub J񹜧` V(;cPDMd @Ț^2h玮5c&F;S7GyaC,hx… '^mŷ J~z) ~C|[p]"OD5(dU murtRo7'/8te$ɔ>V8,-8[LBb-.keͻ@OFMsҰMd1DN=$h]~o:0qw #wG rRw]6"vg@~=bpQ'ͷUM 4`3&?rZpGGnF2$'([fE/ F\,+Z}o?T"h91w!ja)0xnx!jC-%8[2"zҾ&x+ܴk̏t730ͲŤJXRE)ju+O4Xr\k!_^/Etwժ@Ff @-!ǿ$mzoԖ`VJP9+' H|wzmËR+Ԥ_8@!,V}ϟiV󪘠ʍ#_e:71ebfdYjE&/2*wJǁw\EЌ';|H].3;f6z{،GgS3E$C:GRW0B(qwΌ yPx,x5,+1*:C9 |9 cHV+ޅB%0/-i%8xK$2 Q)19s>f}2m2]G1[niJ |`#rel>=p"t2WR2AR;u^#@KÊC ZBv%}%E LE\"Lg5P;$0vW:ڃTёCp"c{?zC'01B=/4S oUD;̡g0W)Whd г=d6e;mPk&[H Da.LPTDd[}Oғ zRx2YrJJ{Mّ?<ՇS}=kHf cq*ʑ# ==7l̕,toLC"=И2`,t-mToQ 8߰mmǖ=$;"MӼ ٠/jB @nmZv+ #_Z +< K#t>dvMKDP9*pyoH_ѣJ1doDp6&䀚ChkKӘt,J H.?# G)ʹ+K"Cf i+wps/n;Bp+bqp^75QxxBkǂNy;jvkyg4!g2o(7GYWgT\tt|ncq\FV9&ۙNFHvO]czB1?Gф+K).kUH֓ @>k}0 *B&ɫaK!,R&75 迖U(3ff_-8c JBmd9bᵑhC۰ 58RP {y_PjBHh%L~%&R1:iFQRxByg ƭ@xF>.=TjO3|u,(2M3V04֧G*ipgEBDq ^Xdb9+~"(wM$,uR'xlusɱdɭȪQx>^fc. )mRe~'ZV8-> ^}ƞ=g\eu SPE)b']acHsL Kx*{iAgF&A>`6vhGmj>~`Pl\ZYEaH8!i =w~V"?qDcUatol 4Bu =o'B)Sbo*#7ڌN2aԴbZaiոɹʷ@7G.\ ,a$M8LtzMQTJ|Q:]Oe]uI=IpRgFMB/ũM002LzN$PVEp&R>.^j@Fο::H)ov(rߋ>pA~Y_k>-p#œX37,&*4hzUq+@gٺ%Ip,D$ 0< goq4B'sW4>=tNF  rxZkaTD@j0xCSvv d$D40QNWP O&a#XDǟ.[*J-+ YTT:l_ǍR&$}8 " 5˾.#T-aاDOu&?|AmpB&"n;u;޵X^cѴ7lS)Qb݃z4z'ߓ{P#utPZt8YUV"/#6g^9c1*oEZcE) l)Zc a $'tP |HKiWEőV};a[73<5|`l)]A~fS YZ