openSUSE Feature Update: Feature update for tboot ______________________________________________________________________________ Announcement ID: openSUSE-FU-2021:1627-1 Rating: moderate References: SLE-19516 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that has 0 feature fixes and contains one feature can now be installed. Description: This feature update for tboot fixes the following issues: Update to upstream version 1.10.2 of tboot to sync with SLE-15-SP4 status (jsc#SLE-19516) - `acminfo` and `parse_err` now are called `txt-acminfo` and `txt-parse_err` - lcptools are deprecated (tpm 1.2, TrouSerS dependency) and are no longer packaged - tpmnv_* binaries are deprecated and no longer packaged - lcptools-v2: implement SM2 signing and SM2 signature verification and add pconf2 policy element support - Add SHA256, SHA384 and SHA512 support in `tb_polgen` - Add Doxygen documentation - Add SHA384 and SHA512 digest algorithms - Add support for 64bit framebuffer address - Add warning when using SHA1 as hashing algorithm - Default to D/A mapping instead of legacy when TPM1.2 and CBnT platform - Enable VGA logging for EFI platforms - Ensure `txt-acminfo` does not print false information if msr module is not loaded - Fix ACM chipset/processor list validation - Fix a harmless overflow caused by wrong loop limits - Fix issue with TPM1.2 - invalid default policy - Fix issue with multiboot(1) booting - infinite loop during boot - Fix warnings after "Avoid unsafe functions" scan - Print latest tag in logs - README is now README.md - Replace VMAC with Poly1305 - Strip executable file before generating tboot.gz - Update GRUB scripts to use multiboot2 only - Use SHA256 as default hashing algorithm - Validate TPM NV index attributes This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Feature Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-1627=1 Package List: - openSUSE Leap 15.2 (x86_64): tboot-20170711_1.10.2-lp152.5.12.1 tboot-debuginfo-20170711_1.10.2-lp152.5.12.1 tboot-debugsource-20170711_1.10.2-lp152.5.12.1 References: