SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for pesign-obs-integration-10.0-109.1.i586.rpm :

* Thu Feb 22 2018 glinAATTsuse.com- Provide password file for \'certutil -A\' due to the change in mozilla-nss 3.35 (boo#1082235)
* Wed Nov 08 2017 jleeAATTsuse.com- Modified modsign-repackage, using certificate to try to decrypt the signature of kernel module. It can be used to verify the integrity of signature.
* Wed Sep 27 2017 jleeAATTsuse.com- Michael Schröder improved the original kernel-sign-file script to support PKCS#7 kernel module signing. Replacing sign-file.c with new kernel-sign-file script. (bsc#1049122)
* Sun Sep 24 2017 cooloAATTsuse.com- escape regexp in pesign-gen-repackage-spec for perl 5.26
* Wed Sep 06 2017 jleeAATTsuse.com- To support PKCS#7 kernel module signing, copy sign-file.c from SLE-15 v4.12 kernel source to replace the kernel-sign-file script to align upstream. (bsc#1049122)
* Tue Nov 29 2016 mmarekAATTsuse.cz- Copy over any
*.log files from the first build (bsc#1012422)
* Thu Mar 03 2016 glinAATTsuse.com- Add aarch64 support since pesign also build on aarch64
* Thu Jan 22 2015 mmarekAATTsuse.cz- Add support for file verify flags (bnc#905420).
* Thu Jan 22 2015 mmarekAATTsuse.cz- Sort the parts of the repackage spec file for easier debugging.
* Tue Sep 16 2014 mlsAATTsuse.de- fall back to project cert in the followup spec if it exists
* Tue Sep 02 2014 roAATTsuse.de- sanitize release line in specfile
* Wed Aug 20 2014 mmarekAATTsuse.cz- brp-99-compress-vmlinux: Compress the vmlinux image after find-debuginfo (bnc#880848, bnc#884459)
* Tue Aug 12 2014 meissnerAATTsuse.com- switch gen-hmac to use fipscheck instead of sha256hmac
* Mon Aug 04 2014 mmarekAATTsuse.cz- Set BRP_PESIGN_FILES=\"\" in the repackage build to avoid loops.
* Wed Jul 30 2014 mmarekAATTsuse.cz- Accept also rpmlintrc files without any - prefix.
* Mon Jul 28 2014 mmarekAATTsuse.cz- Use package\'s rpmlintrc files in the second build.
* Thu Jul 03 2014 mmarekAATTsuse.cz- Drop support for signing firmware files (bnc#867199)
* Thu Apr 24 2014 mmarekAATTsuse.cz- Fix matching /boot and /lib/firmware in pesign-repackage.spec
* Wed Apr 23 2014 mmarekAATTsuse.com- Do not store the buildroot in the .
*.hmac file.
* Wed Apr 23 2014 mmarekAATTsuse.com- Regenerate the HMAC checksum when signing and EFI binary with a checksum (fate#316930, bnc#856310).
* Wed Apr 23 2014 mmarekAATTsuse.com- Update README.
* Wed Apr 23 2014 mmarekAATTsuse.cz- Add /usr/lib/rpm/pesign/gen-hmac tool to generate a hmac checksum for a given file (fate#316930, bnc#856310).
* Thu Apr 03 2014 roAATTsuse.de- pesign-gen-repackage-spec: switch to new rpm style handling of weak dependencies
* Thu Jan 16 2014 mmarekAATTsuse.cz- Do not sign any files if BRP_PESIGN_FILES is set not an empty string (bnc#857599).
* Tue Jan 07 2014 mmarekAATTsuse.cz- Fix a typo in the last change.
* Mon Jan 06 2014 mmarekAATTsuse.cz- Default to BRP_PESIGN_FILES=\"
*.ko /lib/firmware\" (bnc#857599).
* Mon Jan 06 2014 mmarekAATTsuse.cz- Add --signatures= option to modsign-repackage (bnc#841627).
* Fri Jun 14 2013 mmarekAATTsuse.cz- Put debuginfo packages to %_topdir/OTHER (bnc#824971).
* Thu Mar 28 2013 mmarekAATTsuse.cz- Version 10- Add modsign-repackage tool to repackage RPMs outside the buildservice
* Tue Mar 26 2013 glinAATTsuse.com- Calculate the digest of the padded data section to be consistent with the output file (bnc#808594, bnc#811325)
* Fri Mar 15 2013 cooloAATTsuse.com- correct the license of the generated package to fix build
* Tue Mar 05 2013 mmarekAATTsuse.cz- Do not repackage debuginfo package (bnc#806637)
* Mon Mar 04 2013 mmarekAATTsuse.cz- Version 9- Add support for triggers (bnc#806737)
* Wed Feb 20 2013 mmarekAATTsuse.cz- Do not fail the build if %_topdir/OTHER cannot be created
* Wed Feb 13 2013 mmarekAATTsuse.cz- Version 8- Hide baselibs from post-build-checks
* Wed Feb 13 2013 mmarekAATTsuse.cz- Do not repackage baselibs
* Wed Feb 13 2013 mmarekAATTsuse.cz- Version 7- Fix for scriptlets with empty body
* Tue Feb 12 2013 mlsAATTsuse.de- reduce debugging as pesign is now fixed
* Tue Feb 12 2013 mlsAATTsuse.de- add a bit of debug output to find out why the kernel signatures are bad
* Wed Feb 06 2013 mlsAATTsuse.de- switch to normal brp hook- mv stuff in pesign directory instead of cluttering /usr/lib/rpm
* Fri Feb 01 2013 mlsAATTsuse.de- fix pesign calls
* Fri Feb 01 2013 mmarekAATTsuse.cz- Add some preliminary code to sign EFI binaries, marked with FIXMEs.
* Wed Jan 30 2013 mmarekAATTsuse.cz- Version 6- Fix handling packages with NoSource- Fix for multiple patterns in %sign_files
* Tue Jan 29 2013 mmarekAATTsuse.cz- Version 5- Use newc-style cpio archives, as required by the buildservice.- Use signing certificates provided by the buildservice.- Minor fixes.
* Mon Jan 28 2013 mmarekAATTsuse.cz- Version 4- Support for firmware signatures.- Expect the correct archive with signatures (.cpio.rsasign.sig).- Minor fixes.
* Wed Jan 23 2013 mmarekAATTsuse.cz- Version 3- Switch to storing whole files in the
*.cpio.rsasign archive.- Append the signatures to kernel modules.
* Fri Jan 18 2013 mmarekAATTsuse.cz- Version 2- Generates another specfile in pesign-repackage.spec to be able to copy nearly all RPM tags from the original packages.- Changed to only store sha256 hashes in the
*.cpio.rsasign file, instead of whole files.
* Thu Dec 13 2012 mmarekAATTsuse.com- Created package with macros and scripts to integrate kernel and bootloader signing into OBS (fate#314552).
  
ICM