commit tboot for openSUSE:Factory
Hello community, here is the log from the commit of package tboot for openSUSE:Factory checked in at 2017-11-16 14:04:28 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tboot (Old) and /work/SRC/openSUSE:Factory/.tboot.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "tboot" Thu Nov 16 14:04:28 2017 rev:29 rq:542218 version:20170711_1.9.6 Changes: -------- --- /work/SRC/openSUSE:Factory/tboot/tboot.changes 2017-11-11 14:20:13.289846699 +0100 +++ /work/SRC/openSUSE:Factory/.tboot.new/tboot.changes 2017-11-16 14:04:31.529990698 +0100 @@ -1,0 +2,8 @@ +Thu Nov 16 09:49:48 UTC 2017 - matthias.gerstner@suse.com + +- tboot-CVE-2017-16837.patch: fix a major security issue in tboot. tboot + failed to validate a number of immutable function pointers, which could + allow an attacker to bypass the chain of trust and execute arbitrary code + (bnc#1068390, CVE-2017-16837). + +------------------------------------------------------------------- New: ---- tboot-CVE-2017-16837.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tboot.spec ++++++ --- /var/tmp/diff_new_pack.HgRMut/_old 2017-11-16 14:04:32.277963588 +0100 +++ /var/tmp/diff_new_pack.HgRMut/_new 2017-11-16 14:04:32.281963443 +0100 @@ -28,6 +28,7 @@ Patch3: tboot-grub2-fix-menu-in-xen-host-server.patch Patch4: tboot-grub2-fix-xen-submenu-name.patch Patch5: tboot-openssl-1-1-0.patch +Patch6: tboot-CVE-2017-16837.patch # PATCH-FIX-UPSTREAM -- https://sourceforge.net/p/tboot/code/merge-requests/1/ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: openssl-devel @@ -44,6 +45,7 @@ %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 %build export CFLAGS="%{optflags}" ++++++ tboot-CVE-2017-16837.patch ++++++ ++++ 1059 lines (skipped)
participants (1)
-
root@hilbert.suse.de