RPM Search

Changelog for rekor-debuginfo-1.3.6-lp160.1.5.x86_64.rpm :

* Fri Jul 26 2024 opensuse_buildserviceAATTojkastl.de- Update to version 1.3.6:
* New Features - Add support for IEEE P1363 encoded ECDSA signatures - Add index performance script (#2042) - Add support for ed25519ph user keys in hashedrekord (#1945) - Add metrics for index insertion (#2015) - Add TLS support for Redis Client implementation (#1998)
* Bug Fixes - fix typo in remoteIp and set full name for trace field
* Fri Jul 26 2024 Johannes Kastl - refactor spec file- switch to using obs_scm to generate the source obscpio archive
* this way we do no longer need to hardcode the commit hash
* and the tarball was never verified anyway
* Mon Feb 05 2024 Marcus Meissner - update to 1.3.5 (jsc#SLE-23476): - Additional unique index correction - Remove timestamp from checkpoint - Drop conditional when verifying entry checkpoint - Fix panic for DSSE canonicalization - Change Redis value for locking mechanism - give log timestamps nanosecond precision - output trace in slog and override correlation header name- bumped embedded golang.org/x/crypto/ssh to fix the Terrapin attack CVE-2023-48795 (bsc#1218207)
* Sun Jan 28 2024 Dirk Müller - update to 1.3.4:
* add mysql indexstorage backend
* add s3 storage for attestations
* fix: Do not check for pubsub.topics.get on initialization
* fix optional field in cose schema
* Update ranges.go
* update indexstorage interface to reduce roundtrips
* use a single validator library in rekor-cli
* Remove go-playground/validator dependency from pkg/pki
* Fri Nov 24 2023 Marcus Meissner - updated to rekor 1.3.3 (jsc#SLE-23476): - Update signer flag description - update trillian to 1.5.3 - adds redis_auth - Add method to get artifact hash for an entry - make e2e tests more usable with docker-compose - install go at correct version for codeql- updated to rekor 1.3.2 (jsc#SLE-23476):- updated to rekor 1.3.1 (jsc#SLE-23476): New Features: - enable GCP cloud profiling on rekor-server (#1746) - move index storage into interface (#1741) - add info to readme to denote additional documentation sources (#1722) - Add type of ed25519 key for TUF (#1677) - Allow parsing base64-encoded TUF metadata and root content (#1671) Quality Enhancements: - disable quota in trillian in test harness (#1680) Bug Fixes: - Update contact for code of conduct (#1720) - Fix panic when parsing SSH SK pubkeys (#1712) - Correct index creation (#1708) - docs: fixzes a small typo on the readme (#1686) - chore: fix backfill-redis Makefile target (#1685)
* Fri Sep 01 2023 Marcus Meissner - updated to rekor 1.3.0 (jsc#SLE-23476): - Update openapi.yaml (#1655) - pass transient errors through retrieveLogEntry (#1653) - return full entryID on HTTP 409 responses (#1650) - feat: Support publishing new log entries to Pub/Sub topics (#1580) - Change values of Identity.Raw, add fingerprints (#1628) - Extract all subjects from SANs for x509 verifier (#1632) - Fix type comment for Identity struct (#1619) - Refactor Identities API (#1611) - Refactor Verifiers to return multiple keys (#1601) - Update checkpoint link (#1597) - Use correct log index in inclusion proof (#1599) - remove instrumentation library (#1595)- updated to rekor 1.2.2 (jsc#SLE-23476): - pass down error with message instead of nil - swap killswitch for \'docker-compose restart\'
* Tue May 30 2023 Marcus Meissner - updated to rekor 1.2.1 (jsc#SLE-23476): Security fix: - CVE-2023-33199: Fixed that malformed proposed intoto v0.0.2 entries can cause a panic (bsc#1211790) Functional Enhancements - add client method to generate TLE struct (#1498) - add dsse type (#1487) - support other KMS providers (AWS, Azure, Hashicorp) in addition to GCP (#1488) - Add concurrency to backfill-redis (#1504) - omit informational message if machine-parseable output has been requested (#1486) - Publish stable checkpoint periodically to Redis (#1461) - Add intoto v0.0.2 to backfill script (#1500) - add new method to test insertability of proposed entries into log (#1410) Quality Enhancements - use t.Skip() in fuzzers (#1506) - improve fuzzing coverage (#1499) - Remove watcher script (#1484) Bug Fixes - Merge pull request from GHSA-frqx-jfcm-6jjr (CVE-2023-33199) - Remove requirement of PayloadHash for intoto 0.0.1 (#1490) - fix lint errors, bump linter up to 1.52 (#1485) - Remove dependencies from pkg/util (#1469)
* Wed May 03 2023 Marcus Meissner - updated to rekor 1.1.1 (jsc#SLE-23476): Functional Enhancements - Refactor Trillian client with exported methods (#1454) - Switch to official redis-go client (#1459) - Remove replace in go.mod (#1444) - Add Rekor OID info. (#1390) Quality Enhancements - remove legacy encrypted cosign key (#1446) - swap cjson dependency (#1441) - Update release readme (#1456) Security fixes: - CVE-2023-30551: Fixed a potential denial of service (out of memory) when processing JAR META-INF files or .SIGN/.PKINFO files in APK files. (bsc#1211210 https://github.com/advisories/GHSA-2h5h-59f5-c5x9)
* Wed Apr 05 2023 Marcus Meissner - updated to rekor 1.1.0 (jsc#SLE-23476): Functional Enhancements - improve validation on intoto v0.0.2 type (#1351) - add feature to limit HTTP request body length to process (#1334) - add information about the file size limit (#1313) - Add script to backfill Redis from Rekor (#1163) - Feature: add search support for sha512 (#1142) Quality Enhancements - various fuzzing fixes Bug Fixes - remove goroutine usage from SearchLogQuery (#1407) - drop log messages regarding attestation storage to debug (#1408) - fix validation for proposed vs committed log entries for intoto v0.0.1 (#1309) - fix: fix regex for multi-digit counts (#1321) - return NotFound if treesize is 0 rather than calling trillian (#1311) - enumerate slice to get sugared logs (#1312) - put a reasonable size limit on ssh key reader (#1288) - CLIENT: Fix Custom Host and Path Issue (#1306) - do not persist local state if log is empty; fail consistency proofs from 0 size (#1290) - correctly handle invalid or missing pki format (#1281) - Add Verifier to get public key/cert and identities for entry type (#1210) - fix goroutine leak in client; add insecure TLS option (#1238) - Fix - Remove the force-recreate flag (#1179) - trim whitespace around public keys before parsing (#1175) - stop inserting envelope hash for intoto:0.0.2 types into index (#1171) - Revert \"remove double encoding of payload and signature fields for intoto (#1150)\" (#1158) - remove double encoding of payload and signature fields for intoto (#1150) - fix SearchLogQuery behavior to conform to openapi spec (#1145) - Remove pem-certificate-chain from client (#1138) - fix flag type for operator in search (#1136) - use sigstore/community dep review (#1132)
* Tue Nov 29 2022 Marcus Meissner - updated to rekor 1.0.1 (jsc#SLE-23476): - stop inserting envelope hash for intoto:0.0.2 types into index
* Wed Oct 19 2022 Marcus Meissner - updated to rekor 1.0.0 (jsc#SLE-23476): - add description on /api/v1/index/retrieve endpoint by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1073 - Adding e2e test coverage by AATTcdris in https://github.com/sigstore/rekor/pull/1071 - export rekor build/version information by AATTcpanato in https://github.com/sigstore/rekor/pull/1074 - Use POST instead of GET for /api/log/entries/retrieve metrics. by AATTvar-sdk in https://github.com/sigstore/rekor/pull/1083 - Search through all shards when searching by hash by AATTpriyawadhwa in https://github.com/sigstore/rekor/pull/1082 - verify: verify checkpoint\'s STH against the inclusion proof root hash by AATTasraa in https://github.com/sigstore/rekor/pull/1092 - add ability to enable/disable specific rekor API endpoints by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1080 - enable configurable client retries with backoff in RekorClient by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1096 - remove dead code around api-key and timestamp references by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1098 - update swagger API version to 1.0.0 by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1102 - remove unused RekorVersion API definition by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1101 - install gocovmerge in hack/tools by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1103 - add retry command line flag on rekor-cli by AATTbobcallaway in https://github.com/sigstore/rekor/pull/1097 - Add some info and debug logging to commonly used funcs by AATTpriyawadhwa in https://github.com/sigstore/rekor/pull/1106
* Fri Sep 30 2022 Marcus Meissner - updated to rekor 0.12.2 (jsc#SLE-23476): - add description on /api/v1/index/retrieve endpoint - Adding e2e test coverage - export rekor build/version information - Use POST instead of GET for /api/log/entries/retrieve metrics. - Search through all shards when searching by hash
* Tue Sep 27 2022 Marcus Meissner - updated to rekor 0.12.1 (jsc#SLE-23476): -
*
* Rekor
*
* v0.12.1 comes with a breaking change to rekor-cli v0.12.1. Users of rekor-cli MUST upgrade to the latest version The addition of the intotov2 created a breaking change for the rekor-cli - What\'s Changed - fix: fix harness tests with intoto v0.0.2 by AATTasraa in #1052 - feat: add file based signer and password by AATTasraa in #1049 - Adds new rekor metrics for latency and QPS. by AATTvar-sdk in #1059
* Thu Sep 15 2022 Marcus Meissner - updated to rekor 0.12.0 (jsc#SLE-23476): - check supportedVersions list rather than directly reading from version map by AATTbobcallaway in #1003 - enable blocking specific pluggable type versions from being inserted into the log by AATTbobcallaway in #1004 - api.SearchLogQueryHandler thread safety by AATTcdris in #1006 - \'docker compose\' to \'docker-compose\' by AATTbobcallaway in #1009 - Intoto v0.0.2 by AATTpxp928 in #973 - Add bounds on number of elements in api/v1/log/entries/retrieve by AATTpriyawadhwa in #1011 - Change Checkpoint origin to be \"Hostname - Tree ID\" by AATThaydentherapper in #1013 - feat: add verification functions by AATTasraa in #986 - Validate tree ID on calls to /api/v1/log/entries/retrieve by AATTpriyawadhwa in #1017 - Include checkpoint (STH) in entry upload and retrieve responses by AATThaydentherapper in #1015 - fix: use entry uuid uniformly in return responses by AATTasraa in #1012 - remove /api/v1/version endpoint by AATTbobcallaway in #1022 - Fix rekor-cli backwards incompatibility & run harness tests against HEAD by AATTpriyawadhwa in #1030 - Fix harness tests AATT main by AATTpriyawadhwa in #1038 - Fetch all tags in harness tests by AATTpriyawadhwa in #1039 - fix retrieve endpoint response code and add testing by AATTasraa in #1043- updated to rekor 0.11.0: - Add rekor harness tests by AATTpriyawadhwa in #945 - Persist and check attestations across harness tests by AATTpriyawadhwa in #952 - Add harness test for getting all entries by UUID and EntryID by AATTpriyawadhwa in #957 - api: fix inclusion proof verification flake by AATTasraa in #956 - change default value for rekor_server.hostname to server\'s hostname by AATTbobcallaway in #963 - fix nil-pointer error when artifact-hash is passed without artifact by AATTdsa0x in #965 - Add prometheus summary to track metric latency by AATTpriyawadhwa in #966 - compute payload and envelope hashes upon validating intoto proposed entries by AATTbobcallaway in #967 - update field documentation on publicKey for hashedrekord by AATTbobcallaway in #969 - Allow sharding config to be written in yaml or json by AATTpriyawadhwa in #974 - fix incorrect schema id for cose type by AATTbobcallaway in #979 - fix: make rekor verify work with sharded uuids by AATTasraa in #970 - update builder and cosign images by AATTcpanato in #981 - remove trailing slash on directories by AATTbobcallaway in #984 - add support for intersection & union in search operations by AATTdsa0x in #968 - Update scorecard-action to v2:alpha by AATTazeemshaikh38 in #987- updated to rekor 0.10.0: - reuse DSSE signature wrappers instead of a local copy by AATTbobcallaway in #912 - Updates on the release job/makefile cleanup by AATTcpanato in #914 - Return 404 if entry isn\'t found in log by AATTpriyawadhwa in #915 - Update cosign image in validate-release job by AATTpriyawadhwa in #931 - update go builder and cosign image by AATTcpanato in #934 - Drop application/yaml content type by AATThaydentherapper in #933 - Add rekor test harness to presubmit tests by AATTpriyawadhwa in #921 - sparkles Enable Scorecard badge by AATTazeemshaikh38 in #941 - update go mod in hack/tools to go1.18 by AATTcpanato in #935 - add ldflags back by AATTcpanato in #944
* Wed Jul 27 2022 Marcus Meissner - updated to rekor 0.9.1 - feat: add subject URIs to index for x509 certificates by AATTasraa in #897 - fix: sql syntax in dbcreate script by AATTxens in #903 - Switch to go 1.18 and pin release-utils to v0.7.1 by AATTsaschagrunert in #904 - Check inactive shards for UUID for /retrieve endpoint by AATTpriyawadhwa in #905 - ensure log messages have requestID where possible by AATTbobcallaway in #907 - Remove unnecessary lookup of non-existent attestations from storage layer by AATTbobcallaway in #909 - Fix bug where /retrieve endpoint returns wrong logIndex across shards by AATTpriyawadhwa in #908- updated to rekor 0.9.0 - Add COSE support to Rekor by AATTkommendorkapten in #867 - Fix intoto index keys by AATTbobcallaway in #889 - Resolve virtual log index when calling /retrieve endpoint by AATTpriyawadhwa in #894- updated to rekor 0.8.2 - collect docker-compose logs if sharding tests fail, also trim IDs by AATTbobcallaway in #869 - ensure fallback logic executes if attestation key is empty when fetching attestation by AATTbobcallaway in #878
* Wed Jun 29 2022 Marcus Meissner - rekor-zypper-verify.sh: add a small script that verifies the on-system zypper repo cache against rekor transparency log.
* Mon Jun 20 2022 Marcus Meissner - Updated to rekor 0.8.1 - Fix indexing bug for intoto attestations by AATTpriyawadhwa in #870 - Allow an expired certificate chain to be uploaded and verified by AATThaydentherapper in #873- Updated to rekor 0.8.0 - Update go-tuf and sigstore/sigstore to non-vulnerable go-tuf version. by AATTdhaus67 in #847 - Configure rekor server in e2e tests via env variable by AATTpriyawadhwa in #850 - update cross-builder image to use go1.17.11 and dockerfile base image by AATTcpanato in #860 - update go.mod to go1.17 by AATTcpanato in #861 - Improve error message when using ED25519 with HashedRekord type by AATThaydentherapper in #862 - Allow retrieving entryIDs or UUIDs via /api/v1/log/entries/retrieve endpoint by AATTpriyawadhwa in #859 - Print total tree size, including inactive shards in rekor-cli loginfo by AATTpriyawadhwa in #864- Updated to rekor 0.7.0 - remove URL fetch of keys/artifacts server-side by AATTbobcallaway in #735 - intoto: add index on materials digest of slsa provenance by AATTasraa in #793 - chore(deps): Included dependency review by AATTnaveensrinivasan in #788 - Check if intoto hash is available before accessing it as an index key by AATTpriyawadhwa in #800 - Move deprecated dependency: google/trillian/merkle to transparency-dev by AATTasraa in #807 - Retrieve shard tree length if it isn\'t provided in the config by AATTpriyawadhwa in #810 - update release builder images to use go 1.17.10 and cosign image to 1.8.0 by AATTcpanato in #820 - update go to 1.17.10 in the dockerfile by AATTcpanato in #819 - Limit the number of certificates parsed in a chain by AATThaydentherapper in #823 - Breaking change: Remove timestamping authority by AATThaydentherapper in #813 - Add back owners for rfc3161 package type by AATThaydentherapper in #833 - all: remove dependency on deprecated github.com/pkg/errors by AATTzchee in #834 - name stored attestations by digest instead of UUID by AATTbobcallaway in #769
* Tue Apr 26 2022 Marcus Meissner - Updated to rekor 0.6.0 - attempting to fix codeowners file by AATTbobcallaway in #653 - Update the warning text for the GA release. by AATTdlorenc in #654 - Add docs about API stability and deprecation policy by AATTpriyawadhwa in #661 - update cross-build and dockerfile to use go 1.17.7 by AATTcpanato in #666 - Move k8s objects out of the default namespace by AATTk4leung4 in #674 - add securityContext to deployment. by AATTk4leung4 in #678 - Add intoto type documentation by AATTjspeed-meyers in #679 - create namespace for rekor config in yaml. by AATTk4leung4 in #680 - Set rekor-cli User-Agent header on requests by AATTbobcallaway in #684 - update security process link by AATTbobcallaway in #685 - explicitly set permissions for github actions by AATTk4leung4 in #687 - Add documentation about Alpine type by AATTjspeed-meyers in #697 - Add code coverage to pull requests. by AATTk4leung4 in #676 - Consistent parenthesis use in Makefile by AATTk4leung4 in #700 - Use logRangesFlag in API, route reads based on TreeID by AATTlkatalin in #671 - Generate release yaml for non-CI builds. by AATTk4leung4 in #702 - Mirror signed release images from GCR to GHCR as part of release by AATTk4leung4 in #701 - build trillian container to existing release. by AATTk4leung4 in #715 - Make the loginfo command a bit more future/backwards proof. by AATTdlorenc in #718 - Switch to using the swag library for pointer manipulation. by AATTdlorenc in #719 - Change TreeID to be of type string instead of int64 by AATTpriyawadhwa in #712 - Add sharding e2e test to Github Actions by AATTpriyawadhwa in #714 - fix merge conflict by AATTpriyawadhwa in #720 - Clearer logging for createAndInitTree by AATTpriyawadhwa in #724 - Return virtual index when creating and getting a log entry by AATTpriyawadhwa in #725 - Fix copy/paste mistake in repo name. by AATTk4leung4 in #730 - Use reusuable release workflow in sigstore/sigstore by AATTk4leung4 in #729 - Get log proofs by Tree ID by AATTpriyawadhwa in #733 - Refactor rekor-cli loginfo by AATTpriyawadhwa in #734 - Update loginfo API endpoint to return information about inactive shards by AATTpriyawadhwa in #738 - Replace trillian_log_server.log_id_ranges flag with a config file by AATTpriyawadhwa in #742 - fix build date format for version command by AATTcpanato in #745 - Require tlog_id when log_id_ranges is passed in by AATTlkatalin in #739 - Use active tree on server startup by AATTlkatalin in #727 - Specify public key for inactive shards in shard config by AATTpriyawadhwa in #746 - Add support for providing certificate chain for X509 signature types by AATThaydentherapper in #747 - fix typo in filename by AATTbobcallaway in #758 - Update release jobs and trillian images by AATTcpanato in #756 - Add the SHA256 digest of the intoto payload into the rekor entry by AATTbobcallaway in #764 - Add index to hashed intoto envelope by AATTasraa in #761 - Fix link in types README by AATTeddiezane in #765 - set p.Block after parsing in helm provenance type by AATTbobcallaway in #759 - Fix search without sha prefix by AATTeddiezane in #767 - Add in configmap to release for sharding config by AATTpriyawadhwa in #766 - Search inactive trees for GET by UUID requests by AATTlkatalin in #750 - Create EntryID for new artifacts and return EntryID to user by AATTlkatalin in #623 - Update cloudbuild to not fail when copy the images by AATTcpanato in #773
* Fri Apr 01 2022 Marcus Meissner - Updated to rekor 0.5.0
* Highlights - Add Rekor logo to README (#650) - update API calls to v5 (#591) - Refactor helm type to remove intermediate state. (#575) - Refactor the shard map parsing so we can pass it down into the API object. (#564) - Refactor the alpine type to reduce intermediate state. (#573)
* Enhancements - Add logic to GET artifacts via old or new UUID (#587) - helpful error message for hashedrekord types (#605) - Set Accept header in dynamic counter requests (#594) - Add sharding package and update validators (#583) - rekor-cli: show the url in case of error (#581) - Enable parsing of incomplete minisign keys, to enable re-indexing. (#567) - Cleanups on the TUF pluggable type. (#563) - Refactor the RPM type to remove more intermediate state. (#566) - Do some cleanups of the jar type to remove intermediate state. (#561)
* Others - update version comments since dependabot doesn\'t do it (#617) - Use workload identity provider instead of GitHub Secret for GCR access (#600) - add OSSF scorecard action (#599) - enable the sbom for rekor releases (#586) - Point to the official website (instead of a 404) (#580) - Add a Makefile target for the \"ko apply\" step. (#572) - types/README.md: Corrected documentation link (#568)
* Thu Feb 03 2022 Marcus Meissner - enable server build too, as people might want to deploy rekor chain themselves.
* Tue Jan 25 2022 Bernhard Wiedemann - Fix BUILD_DATE for reproducible build results (boo#1047218)
* Thu Jan 06 2022 Marcus Meissner - updated to 0.4.0 Highlights - Adds hashed rekord type that can be used to upload signatures along with the hashed content signed (#501)
* Wed Dec 08 2021 Marcus Rueckert - prepare building of the serve part
* Fri Nov 26 2021 Marcus Rueckert - initial package