Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

keylime-base-7.3.0-13.el9_3 RPM for x86_64

From AlmaLinux 9.5 AppStream for x86_64

Name: keylime-base Distribution: AlmaLinux
Version: 7.3.0 Vendor: AlmaLinux
Release: 13.el9_3 Build date: Wed Mar 6 09:36:33 2024
Group: Unspecified Build host: x64-builder02.almalinux.org
Size: 196768 Source RPM: keylime-7.3.0-13.el9_3.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://github.com/keylime/keylime
Summary: The base package contains the default configuration
The base package contains the Keylime default configuration

Provides

Requires

License

MIT

Changelog

* Fri Jan 05 2024 Sergio Correia <scorreia@redhat.com> - 7.3.0-13
  - Backport fix for CVE-2023-3674
    Resolves: RHEL-21013
* Tue Oct 17 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-12
  - Set the generator and timestamp in create_policy.py
    Related: RHEL-11866
* Mon Oct 09 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-11
  - Suppress unnecessary error message
    Related: RHEL-11866
* Fri Oct 06 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-10
  - Restore allowlist generation script
    Resolves: RHEL-11866
    Resolves: RHEL-11867
* Wed Sep 06 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-9
  - Rebuild for properly tagging the resulting build
    Resolves: RHEL-1898
* Fri Sep 01 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-8
  - Add missing dependencies python3-jinja2 and util-linux
    Resolves: RHEL-1898
* Mon Aug 28 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-7
  - Automatically update agent API version
    Resolves: RHEL-1518
* Mon Aug 28 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-6
  - Fix registrar is subject to a DoS against SSL (CVE-2023-38200)
    Resolves: rhbz#2222694
* Fri Aug 25 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-5
  - Fix challenge-protocol bypass during agent registration (CVE-2023-38201)
    Resolves: rhbz#2222695
* Tue Aug 22 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-4
  - Update spec file to use %verify(not md5 size mode mtime) for files updated in %post scriptlets
    Resolves: RHEL-475
* Tue Aug 15 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-3
  - Fix Keylime configuration upgrades issues introduced in last rebase
    Resolves: RHEL-475
  - Handle session close using a session manager
    Resolves: RHEL-1252
  - Add ignores for EV_PLATFORM_CONFIG_FLAGS
    Resolves: RHEL-947
* Tue Aug 08 2023 Patrik Koncity <pkoncity@redhat.com> - 7.3.0-2
  - Keylime SELinux policy provides more restricted ports.
  - New SELinux label for ports used by keylime.
  - Adding tabrmd interfaces allow unix stream socket communication and dbus communication.
  - Allow the keylime_server_t domain to get the attributes of all filesystems.
    Resolves: RHEL-595
    Resolves: RHEL-390
    Resolves: RHEL-948
* Wed Jul 19 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-1
  - Update to 7.3.0
    Resolves: RHEL-475
* Fri Jan 13 2023 Sergio Correia <scorreia@redhat.com> - 6.5.2-4
  - Backport upstream PR#1240 - logging: remove option to log into separate file
    Resolves: rhbz#2154584 - keylime verifier is not logging to /var/log/keylime
* Thu Dec 01 2022 Sergio Correia <scorreia@redhat.com> - 6.5.2-3
  - Remove leftover policy file
    Related: rhbz#2152135
* Thu Dec 01 2022 Patrik Koncity <pkoncity@redhat.com> - 6.5.2-2
  - Use keylime selinux policy from upstream.
    Resolves: rhbz#2152135
* Mon Nov 14 2022 Sergio Correia <scorreia@redhat.com> - 6.5.2-1
  - Update to 6.5.2
    Resolves: CVE-2022-3500
    Resolves: rhbz#2138167 - agent fails IMA attestation when one scripts is executed quickly after the other
    Resolves: rhbz#2140670 - Segmentation fault in /usr/share/keylime/create_mb_refstate script
    Resolves: rhbz#142009 - Registrar may crash during EK validation when require_ek_cert is enabled
* Tue Sep 13 2022 Sergio Correia <scorreia@redhat.com> - 6.5.0-1
  - Update to 6.5.0
    Resolves: rhbz#2120686 - Keylime configuration is too complex
* Fri Aug 26 2022 Sergio Correia <scorreia@redhat.com> - 6.4.3-1
  - Update to 6.4.3
    Resolves: rhbz#2121044 - Error parsing EK ASN.1 certificate of Nuvoton HW TPM
* Fri Aug 26 2022 Patrik Koncity <pkoncity@redhat.com> - 6.4.2-6
  - Update keylime SELinux policy
  - Resolves: rhbz#2121058
* Fri Aug 26 2022 Patrik Koncity <pkoncity@redhat.com> - 6.4.2-5
  - Update keylime SELinux policy and removed duplicate rules
  - Resolves: rhbz#2121058
* Fri Aug 26 2022 Patrik Koncity <pkoncity@redhat.com> - 6.4.2-4
  - Update keylime SELinux policy
  - Resolves: rhbz#2121058
* Wed Aug 17 2022 Patrik Koncity <pkoncity@redhat.com> - 6.4.2-3
  - Add keylime-selinux policy as subpackage
  - See https://fedoraproject.org/wiki/SELinux/IndependentPolicy
  - Resolves: rhbz#2121058
* Mon Jul 11 2022 Sergio Correia <scorreia@redhat.com> - 6.4.2-2
  - Fix efivar-libs dependency
    Related: rhbz#2082989
* Thu Jul 07 2022 Sergio Correia <scorreia@redhat.com> - 6.4.2-1
  - Update to 6.4.2
    Related: rhbz#2082989
* Tue Jun 21 2022 Sergio Correia <scorreia@redhat.com> - 6.4.1-1
  - Add keylime to RHEL-9
    Resolves: rhbz#2082989

Files

/etc/keylime/ca.conf
/etc/keylime/ca.conf.d
/etc/keylime/logging.conf
/etc/keylime/logging.conf.d
/run/keylime
/usr/bin/keylime_upgrade_config
/usr/lib/sysusers.d/keylime.conf
/usr/lib/tmpfiles.d/keylime.conf
/usr/share/doc/keylime-base
/usr/share/doc/keylime-base/README.md
/usr/share/keylime/scripts/create_allowlist.sh
/usr/share/keylime/scripts/ek-openssl-verify
/usr/share/keylime/templates
/usr/share/keylime/templates/2.0
/usr/share/keylime/templates/2.0/__pycache__
/usr/share/keylime/templates/2.0/__pycache__/adjust.cpython-39.pyc
/usr/share/keylime/templates/2.0/adjust.py
/usr/share/keylime/templates/2.0/agent.j2
/usr/share/keylime/templates/2.0/ca.j2
/usr/share/keylime/templates/2.0/logging.j2
/usr/share/keylime/templates/2.0/mapping.json
/usr/share/keylime/templates/2.0/registrar.j2
/usr/share/keylime/templates/2.0/tenant.j2
/usr/share/keylime/templates/2.0/verifier.j2
/usr/share/licenses/keylime-base
/usr/share/licenses/keylime-base/LICENSE
/var/lib/keylime
/var/lib/keylime/tpm_cert_store
/var/lib/keylime/tpm_cert_store/GS_TPM_RT.pem
/var/lib/keylime/tpm_cert_store/IFX1.pem
/var/lib/keylime/tpm_cert_store/IFX15.pem
/var/lib/keylime/tpm_cert_store/IFX2.pem
/var/lib/keylime/tpm_cert_store/IFX3.pem
/var/lib/keylime/tpm_cert_store/IFX4.pem
/var/lib/keylime/tpm_cert_store/IFX5.pem
/var/lib/keylime/tpm_cert_store/IFX8.pem
/var/lib/keylime/tpm_cert_store/IFX_ECC_034.pem
/var/lib/keylime/tpm_cert_store/IFX_ECC_042.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_01I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_02I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_034.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_03I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_042.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_04I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_05I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_08I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_17I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_18I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_20I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_21I.pem
/var/lib/keylime/tpm_cert_store/IFX_RSA_RT.pem
/var/lib/keylime/tpm_cert_store/INF_ECC_010I.pem
/var/lib/keylime/tpm_cert_store/INF_ECC_010RT.pem
/var/lib/keylime/tpm_cert_store/INF_ECC_011.pem
/var/lib/keylime/tpm_cert_store/INF_RSA_010I.pem
/var/lib/keylime/tpm_cert_store/INF_RSA_010RT.pem
/var/lib/keylime/tpm_cert_store/INF_RSA_011.pem
/var/lib/keylime/tpm_cert_store/INF_RSA_022.pem
/var/lib/keylime/tpm_cert_store/INTEL_I.pem
/var/lib/keylime/tpm_cert_store/INTEL_RT.pem
/var/lib/keylime/tpm_cert_store/NTC1.pem
/var/lib/keylime/tpm_cert_store/NTC2.pem
/var/lib/keylime/tpm_cert_store/NUVO_0100.pem
/var/lib/keylime/tpm_cert_store/NUVO_1110.pem
/var/lib/keylime/tpm_cert_store/NUVO_1111.pem
/var/lib/keylime/tpm_cert_store/NUVO_2110.pem
/var/lib/keylime/tpm_cert_store/NUVO_2111.pem
/var/lib/keylime/tpm_cert_store/STM_ECC_01I.pem
/var/lib/keylime/tpm_cert_store/STM_ECC_01RT.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_01I.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_02I.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_03I.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_04I.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_05I.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_06I.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_07I.pem
/var/lib/keylime/tpm_cert_store/STM_RSA_RT.pem
/var/log/keylime


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Nov 15 09:00:43 2024