swtpm-devel-0.7.3-150500.2.1 >  A dQ+p9|ʷ{ꏼ:_pT4+e߯X0zO0s±5P&WC }Z 7FOEV)ޫ!D6jYo昨ZqO?0.HAC!Օ®p?6h( W^( z4c܎wf2b,2~S]D5MLg-&Fhu{Щ+Uqpk ǔVܓ-8to;Gj~' 6b8efac3dc61acaf9e3ef34b4338576b61ca1f3715dc35ccfa340740b626c3fe26ddcc454609a463cd863fd3d24762a196bfb5b6TdQ+p9|dl8Tk4-ʐr/#K71TR1|dzآ5j3SSN:CL\ BTǸXU`z0@EMA٣p(G~)`(I1Y'_p rpxRL].| OBro2ЦwdiBJa Y^1:k%nM8?x0f&كTceSk^k{ g8!@u VkPʙ5 BcB-BTYV*`*E#xa9*$w?t>p;0?0d  ;\`pt (8 @ H X    4Td  M (s8|9:HF,G-H-$I-4X-8Y-@\-d]-t^-b-c.d.e.f.l.u/v/$z/////Cswtpm-devel0.7.3150500.2.1Development files for swtpmThe development files for SWTPMdQibs-power9-12BSD-3-Clausehttps://www.suse.com/Development/Libraries/C and C++https://github.com/stefanberger/swtpmlinuxppc64le'A큤dQdQdQdQ6d67d368af8e9f9591eb96403f06bd0d6854199674a1d221fac38bb974ddc249c5d472baa358eb14e45d0bf6d008c9ed9d3c4023db59c9431b1b250debedae4clibswtpm_libtpms.so.0.0.0rootrootrootrootrootrootrootrootswtpm-0.7.3-150500.2.1.src.rpmswtpm-develswtpm-devel(ppc-64)    glib2-devellibopenssl-devellibseccomp-devellibtpms-develrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)swtpm3.0.4-14.6.0-14.0-15.2-10.7.34.14.3dP@cAf@bk@bMb(b~a@aKau`O@_w@___R__5+@_"@_ ^1^,]pZmeissner@suse.commeissner@suse.commeissner@suse.commliska@suse.czwolfgang.frisch@suse.commeissner@suse.commeissner@suse.commeissner@suse.comgmbr3@opensuse.orgpmonreal@suse.commeissner@suse.comglin@suse.comglin@suse.comkai.liu@suse.comkai.liu@suse.comkai.liu@suse.comkai.liu@suse.comkai.liu@suse.comglin@suse.comglin@suse.comglin@suse.comglin@suse.com- remove python3 dependency, no longer needed after rewrite (bsc#1211010)- remove selinux support for now.- Updated to version 0.7.3: - swtpm: - Use uint64_t in tlv_data_append() to avoid integer overflows - Use uint64_t to avoid integer wrap-around when adding a uint32_t - removed allow-FORTIFY_SOURCE=3.patch (upstreamed)- Cheery-pick upstream patch allow-FORTIFY_SOURCE=3.patch.- Update to version 0.7.2: - swtpm: - Do not chdir(/) when using --daemon - swtpm-localca: - Re-implement variable resolution for swtpm-localca.conf - tests: - Use ${WORKDIR} in config files to test env. var replacement - man pages: - Add missing .config directory to path description when using ${HOME} - build-sys: - Add probing for -fstack-protector- Update to version 0.7.1: - swtpm: - Check header size indicator against expected size (CVE-2022-23645 bsc#1196240) - swtpm_localca: - Test for available issuercert before creating CA- Update to version 0.7.0: - swtpm: - Support for linear file storage backend (file://) - Report 'tpm-1.2' & 'tpm-2.0' in --print-capabilities depending what libtpms supports - Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs - Wipe keys from stack and heap - Many other small changes - Make --daemon not racy - swtpm_setup: - Only activate SHA256 PCR bank, not SHA1 bank anymore by default - Support for linear file storage backend (file://) - Implement option --create-config-files to create config files - Use non-deprecated APIs to contruct RSA key (OSSL 3) - Report stderr as returned by external tool (swtpm-localcal) - Replace '+' and ',' characters in VMId's to make work with common name in X509 subject - Add support for --reconfigure flag to change active PCR banks - swtpm_localca: - Created certificates for CAs and TPM that do not expire - swtpm_cert: - Allow passing -1 for days to get a non-expiring certificate - test: - ASAN-related test changes and skipping of tests if ASAN is used - Fix tests using tpm2-abrmd by preventing concurrency - Skip chardev related tests after checking for chardev support - exit with error code if mktemp fails - OSSL 3: Make TPM 1.2 test compile; skip IBM TSS 2 test - build-sys: - Introduce --enable-sanitizers to configure - Remove check for pip3 that was used by python swtpm_setup - Allow passing of aditional CFLAGS during build- Update to version 0.6.1: - swtpm: - Clear keys from stack and heap - swtpm-localca: - Add missing else branch for pkcs11 and PIN - swtpm_setup: - Initialize Gerror and free it - Replace '\\s' in regex with [[:space:]] to fix cygwin - tests: - Kill tpm2-abrmd with SIGKILL rather SIGTERM - build-sys: - Use -DOPENSSL_SUPPRESS_DEPRECATED to suppress deprecation warnings (OSSL 3) - Enable configuring with CFLAGS and passing additional CFLAGS on build- Update to version 0.6.0: - Addressed potential symlink attack issue (CVE-2020-28407) - Rewritten in 'C'; needs json-glib - Use timeouts for communicating with swtpm (Unix socket) - Fix --print-capabilities for 'swtpm chardev' - Various cleanups and fixes (coverity) - Enable selinux support - Removed swtpm-rename_deprecated_libtasn1_types.patch: upstream - Fix rpmlint errors- swtpm_cert: rename deprecated libtasn1 types. * https://github.com/stefanberger/swtpm/pull/443 * Add swtpm-rename_deprecated_libtasn1_types.patch- Update to version 0.5.2 - swtpm: - Fix potential buffer overflow related to largely unused data hashing function in control channel - swtpm: Unconditionally close fd if writing of pidfile fails (coverity) - swtpm_setup: - Increase timeout from 10s to 30s for slower machines - Travis: - Not building on OS X anymore due to additional costs- Use "Requires user(tss)" for the "tss" user and group- Create /var/lib/swtpm-localca to store the keys created by swtpm-localca (bsc#1179811) - Replace net-tools-deprecated with iproute2 since the scripts in swtpm now can use 'ss' instead of 'netstat'- Update to version 0.5.1 * swtpm & swtpm_setup: - Addressed potential symlink attack issue (CVE-2020-28407) * build-sys: - Fix configure python cryptography error message - Misc. spec file changes.- Update Requires and BuildRequires for changes since 0.4.0. - Remove patch files that are no longer needed: * swtpm-adjust-seccomp-path.patch * swtpm-setup-tcsd-path.patch * swtpm-tpm-tools-path.patch - Update to version 0.5.0 * swtpm: - Write files atomically using a temp file and then renaming * swtpm_setup: - Removed remaining 'c' wrapper program - Do not truncate logfile when testing write-access (regression) - Remove TPM state file in case error occurred * swtpm-localca: - Rewrite in python - Allow passing pkcs11 PIN using signingkey_password - Allow passing environment variables needed for pkcs11 modules using swtpm-localca.conf and format 'env:VARNAME=VALUE'. * build-sys: - Add python-install and python-uninstall targets - Add configure option to disable installation of Python module - Use -Wl,-z,relro and -Wl,-z,now only when linking (clang) - Use AC_LINK_IFELSE to check whether support for hardening flags - Changes from version 0.4.1 * swtpm_setup: - Do not hardcode '/etc' but use SYSCONFDIR - Fix support for -h and -? options - Add missing .config path when using ${HOME} * swtpm-localca: - Apply password for signing key when creating platform cert - Properly apply passwords for localca signing key - Changes from version 0.4.0 * swtpm: - Invoke print capabilities after choosing TPM version - Add some recent syscalls to seccomp blacklist * swtpm_cert: - Support --ecc-curveid option to pass curve id * swtpm_setup & related scripts: - Rewrite swtpm_setup.sh in python with TPM 1.2 not requiring tcsd and TPM tools anymore; new dependencies: - python3: pip, cryptography, setuptools dropped dependencies for swtpm_setup: - tcsd, expect, tpm-tools (some still needed for pkcs11 tests) - Added support for RSA 3072 keys (for libtpms-0.8.0) and moved to ECC NIST P384 curve; default RSA key size is still 2048 - Added support for --rsa-keysize option - Extend script to create a CA using a TPM 2 for signing * tests: - Use the IBM TSS2 v1.5.0's test suite - Add test case for loading of an NVRAM completely full with keys - Have softhsm_setup use temporary directory for softhsm config & state - various other improvements * man pages: - Improvements * build-sys: - clang: properly test for linker flag 'now' and 'relro' - Gentoo: explicitly link libswtpm_libtpms with -lcrypto - Ownership of /var/lib/swtpm-localca is now tss:root and mode flags 0750.- Update to version 0.3.4: * swtpm: - Fix compilation for cygwin * swtpm_setup & swtpm-localca: - Get rid of bash's eval when invoking external tools to avoid abuse. Only use eval for 'resolving' variables. * tests: - Various fixes of minor issues- Update to version 0.3.3: * swtpm_setup: - openSUSE: Support tcsd configuration where tss user != tss group, such as root/tss; Fedora & Ubuntu for example use tss/tss * build-sys: - Check whether tss user and group are available - Add tss user & group build flags per upstream instruction. This together with v0.3.3 fixed the bug with TPM 1.2 emulation. Related upstream bug: https://github.com/stefanberger/swtpm/issues/284- Update to 0.3.2: + swtpm: + Remove unnecessary #include (fixes SuSE build) + Make coverity happy by handling default case in case statement + swtpm_setup: + bugfix: Create ECC storage primary key in owner hierarchy + bugfix: remove tpm2_stirrandom and tpm2_changeeps + tests: + Adjusted pcrUpdateCounter in tests to succeed with PCR TCB group fixes in libtpms TPM 2 code- Update to 0.3.1 + swtpm: Fix vtpm proxy case without startup flags + swtpm: Only call memcpy if tocopy != 0 (coverity) + man: Document new startup options and capabilities advertisement + swtpm: Enable sending startup commands before processing commands + swtpm_cert: Accept serial numbers that use up to 64bits + swtpm_cert: Use getopt_long_only to parse options + swtpm_cert: Add support for --print-capabilities option + swtpm_cert: Allow passing signing key and parent key via new option + swtpm_setup: Enable spaces in paths and other variables + swtpm_ioctl: Calculate strlen(input) only once + swtpm_ioctl: Block SIGPIPE so we can get EPIPE on write() + swtpm_bios: Block SIGPIPE so we can get EPIPE on write() + swtpm: Only accept() new client ctrl connection if we have none + swtpm_setup: Do not fail on future PCR banks' hashes + swtpm_setup: Use 1st part of SWTPM_EXE/SWTPM_IOCTL to determine executable + swtpm_setup: Keep reserved range of file descriptors for swtpm_setup.sh + swtpm_setup: Log about encryption and fix c&p error in err msg + swtpm: Add --print-capabilities to help screen of 'swtpm chardev' + swtpm_ioctl: Fix uninitialized variable 'pgi' + swtpm_cert: Use gnutls_x509_crt_get_subject_key_id API call for subj keyId + swtpm_cert: Fix OIDs for TPM 2 platforms data + swtpm: Fix typo in error report: HMAC instead of hash + swtpm: Use writev_full rather than writev; fixes --vtpm-proxy EIO error - Refresh swtpm-setup-tcsd-path.patch- Amend swtpm-adjust-seccomp-path.patch to add the missing seccomp paths - Adjust the conditional check of net-tools-deprecated for SLE15 and SLE15-SP1- Update to 0.2.0 +Linux: swtpm now runs with a seccomp profile (blacklist) if compiled with libseccomp support + Added subpport for passing key and passphrase via file descriptor + TPM 2 commands can now be prefixed by 'the TCG header' and responses will have a 4-byte prefix and 4-byte suffix. + Added --print-capabilities command line option + Proper handling on EINTR on read, poll, and write - Patches to adjust the pathes + swtpm-tpm-tools-path.patch + swtpm-setup-tcsd-path.patch + swtpm-adjust-seccomp-path.patch- Initial import: 0.1.0-dev2ibs-power9-12 16830712480.7.3-150500.2.10.7.3-150500.2.1swtpmtpm_ioctl.hlibswtpm_libtpms.soswtpm_ioctls.3.gz/usr/include//usr/include/swtpm//usr/lib64/swtpm//usr/share/man/man3/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:SLE-15-SP5:GA/standard/fecc8529b0425a754cebef0033b99654-swtpmcpioxz5ppc64le-suse-linuxdirectoryC source, ASCII texttroff or preprocessor input, ASCII text (gzip compressed data, max compression, from Unix)j.1z#HWڌ`>_]Eo9wh8LEBG^e7,#jjyl%vx)׃qq#h[d)*^Q01~ #{p|1fecێ/J>iQN>P `vݺ3϶)MV/K*)p+ZF#Wl`=RM7lBɠ5_N`LotD9A {O! q%¿# K?Ͼ`Di'K>4Ɣȼ||NI?@EJ㯨O{@ѥh-5בS/G$ J"b'_;Z  #9)/. s|%hfpHJ̯9Ye?7͋D |ۯ߭q;Ӊ7Ή%6Q]F= <"wIN 7*I5k{iDRV.jn%;IxM4KiQ$=V%9} Vi텻+XmGx/6[V #Ol)[[2YlB ӓ6ڔ*Y0y8ÿ3 fI?LC#[yKU (1[(h`5h"tsއ!PUt|ݖv)'6*ctBu޻<%X/=XA/-ᖠWucZ޲V3d[~13.`2zꈁ>]}~sZLp2.5&MgcepS(U7.6@|^{"FJ=gq};m=y {ViXi~(/mܣG9POe-Q#*S%*蟳MҡO:XqjJ""ֲUO\ls 0_%rP\Jڣg{V EVDFl˫f! Ti+A=cNy6Y U S(IXJ^ - V]c29W23yvQnV"AY ΀3m)nU_ybEXt̤wg҉ERkK<9\ œʊxq'G8ֹ~5&V\ac8[9iJ [o VIJ͑I5,fNt[ts)9T>(zm3Y90[b1c.ntZ5"e]^9uV_t͒LxohWYa;aD͈vӍ|y۷0ȢQW6¯Ro3l;&:hEiI;@fw ^uػi0.[I\PABL,1v9 ;W(3 =)MFѓ'?xsf{Bb:)+Zj!WKE-&DW /K o@aYG`+i%F|VA(s8`diTMK(m̍q,"޷" m8-}QT9H$^#v+ǽ X Fp~05"Ze~ܖ[ zODqx&%! \,sih Iϡw(.oqԄ=dL8!j8r9%' /{r>B%ToK1n5r%Q4 ִ% n9}MioQЁS%R6KTհ˵O=>~[H8=04xƘe9/fgCm¾ Ͻ2XJmiAsiupsrr+Lj#_9 mE$J@Y7q{DJ=noe|^Y#:1)ZQ p?o:i|iHdZzlHtSu hV.΀\Y7b})X=[??8 vsJhפ[[~fnˎ',#bݙW^4SØm; n0B)y!TD^^%Nib(ڎ]Ttq)s^Av-kFC"s4FFUO{xta 2dzzmbȣ 62Fmvs\szfglcZuAZ7ᜀ2Txݿ߼]." C01u@Ic+LcSx6T c}ΩIFL^*dn Ng)VFB%'wA T0(b̃ "Q0 _msûLnCE$a_2qGפ*m>2 @7%/I~ F=;"N庙t'XuI쎨0M$^~ 򊥻рv7EAC+LwsV6dL|[ '@ 3JӡDESQ? $y$'{eisJ:桏hίbzqPWp |ӷ6S6׋{aV)vW*Rbja@lɻ爦WNlbAm귥d28Ҷ꜔lE!Wʛ1sY0\İRӒ =_QCf`!K(X2 Y@WY*ɺjg쇁G.2Æw8)X؇ *xJޅun(F9oR 6*a숙2B*y_ӏT~=Yh(ғPVx?V':D$KV`0ubʆZ ]꣒Ǵ3 ;@V },.@Gtاp̫f2ª~M** dX6=wsqtU?|57ΣJY+1Iƨ؁ŷ2<>>c"s}^T15p%r7N3pXb(|m6Pf;pF_ I:uo\gACTQBmm5y1k-mF:ž0e#Bъpyz\ QF$BlØSej25 lHb( /V礳P{#5|=<4]"Xl'khᴊ_ %휎d5("}vǸDcy074vSs wǛō=:Kj?3S\?vYs~Y/Y^ 7&V=ŀ ٕ3w6e㒷m@t ߠKے- 3_v;i#|Jf??/ Ožv $Vp3EU7`;Û5+Qd?A4ԨX1ͪD@˧ $xZ8kRǓ`+M\Sŀǯ(co}&-=ɕ)ZV-{ K5q&㇨zi:O8 ) 6XFt9.ۄq}!Dz4:s?[Κ7?{U/,OՌ1sCp6!cKs 7Zo_է;XX*Y흷emUE%QH-<ӗ5^ރ:r0@R“1<{2Z!Y@ix/` 'ډeMTeiKb'g~^-̼Gr[ˎMc0ta&pg8i֬NCV1*8I,:ɽZTA!`FQԪ3̢zHIK#E$ggiB'^P9]MdG وK5x;kA}*\]F7u/X.QY;.{l DcUR6e*5|5ɁJ׋&`oq#p Otyg]NͰ⽪Kߙs<E-$q>q$(Sfyy; &鳏$}!p/vrhyjn1@e'ךSV`[hk$nnhMv+MV'`!N@t ĝvtb+$%U`||ej>bLB,JoӍBΡhw4w4IDK U~%?7-{e&=L;4.UB)O!)! EN̵-֒&dFf4աwh A;yUKןh;0EV/6JEhV`+](]vO*~.%^%nyxfԍ8;}!`3agXj/w]c,+Yr@;)T]AG%Nf)gP0XfQd9+ӅwS鉓wpp:N4 BQz<0yR(*1qG(3!4F[cǖyl]HeX4^VS ;UPx_FJPW#u*Y 8~? b6@fk+`sL/6 |? :ƈB }e8YYC8\xCse:j.A~fS YZ