rpms
/
keylime
7
0
Fork 0
Code Issues Pull Requests Releases Activity
35 Commits 5 Branches 10 Tags 297 KiB
Commit Graph

35 Commits

Author SHA1 Message Date
Sergio Correia 2fe0402462 Backport fix for CVE-2023-3674 2024-01-23 02:32:34 +00:00
Anderson Toshiyuki Sasaki ff4acbb939 Set generator and timestamp in create_policy.py 
Related: RHEL-11866

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-10-17 13:47:05 +02:00
Anderson Toshiyuki Sasaki fe555461ae Suppress unnecessary error message 
Related: RHEL-11866

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-10-09 17:14:40 +02:00
Anderson Toshiyuki Sasaki 3da6d75ef3 Restore create allowlist script 
Resolves: RHEL-11866
Resolves: RHEL-11867

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-10-06 17:24:40 +02:00
Sergio Correia fc3ab656ed
Rebuild for properly tagging the resulting build 
Resolves: RHEL-1898
 2023-09-06 14:39:27 +01:00
Sergio Correia e2f9c60fc2
Add missing dependencies python3-jinja2 and util-linux 
Resolves: RHEL-1898
 2023-09-01 14:48:17 +01:00
Anderson Toshiyuki Sasaki 86a18d1bb4 Automatically update agent API version 
Resolves: RHEL-1518

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-08-28 22:55:42 +02:00
Sergio Correia 2c457d5430
Fix registrar is subject to a DoS against SSL (CVE-2023-38200) 
Resolves: rhbz#2222694
 2023-08-28 14:27:44 +01:00
Anderson Toshiyuki Sasaki 6ac5a8f8e6 Fix challenge-protocol bypass during agent registration (CVE-2023-38201) 
Resolves: rhbz#2222695

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
 2023-08-25 18:28:17 +02:00
Sergio Correia d9401cfa43
Update test plan to fix rpmverify test 2023-08-25 09:05:52 +01:00
Sergio Correia 606d9c0c62
Follow-up fix for files updated in %post scriptlets 
Update spec file to use %verify(not md5 size mode mtime) for
files updated in %post scriptlets.

Resolves: RHEL-475
 2023-08-25 09:05:48 +01:00
Karel Srot 873def54c4 tests: Add rpmverify test 
Related: RHEL-475
 2023-08-22 17:10:56 +02:00
Sergio Correia bb2aac1ec0
Fix Keylime configuration upgrades issues introduced in last rebase 
- Fix Keylime configuration upgrades issues introduced in last rebase
  Resolves: RHEL-475
- Handle session close using a session manager
  Resolves: RHEL-1252
- Add ignores for EV_PLATFORM_CONFIG_FLAGS
  Resolves: RHEL-947
 2023-08-17 11:42:24 +01:00
Karel Srot 70baae46da tests: Add package update testplan 
Related: RHEL-475
 2023-08-17 12:38:45 +02:00
Patrik Koncity 931f17ab63 Add dynamic ref branching for e2e test plan 2023-08-11 14:20:21 +02:00
Patrik Koncity 92ac23c8bc Prepare build for new keylime-selinux policy release 2023-08-08 16:25:29 +02:00
Sergio Correia 306aeaf2ab
tests: update tests to run in test plan 2023-07-31 08:36:03 +01:00
Sergio Correia 4dba8b49a7
Update to 7.3.0 
Resolves: RHEL-475
 2023-07-28 14:14:46 +01:00
Karel Srot d04c383743 Enable CI with e2e tests 
Resolves: RHEL-296
 2023-03-13 14:36:20 +01:00
Sergio Correia 7842bcd0bc
Backport upstream PR#1240 - logging: remove option to log into separate file 
Resolves: rhbz#2154584 - keylime verifier is not logging to /var/log/keylime
 2023-01-16 07:53:36 -03:00
Sergio Correia bf9cfcee94
- Remove leftover policy file 
Related: rhbz#2152135
 2022-12-13 16:02:22 -03:00
Patrik Koncity 12403b5c1c Use source file for keylime selinux from upstream. 
Download keylime selinux upstream as tarball file and
build it.

Resolves: rhbz#2152135
 2022-12-13 16:28:16 +01:00
Sergio Correia 6c01a5e3ec Update to 6.5.2 
Resolves: CVE-2022-3500
Resolves: rhbz#2138167 - agent fails IMA attestation when one scripts is executed quickly after the other
Resolves: rhbz#2140670 - Segmentation fault in /usr/share/keylime/create_mb_refstate script
Resolves: rhbz#142009 - Registrar may crash during EK validation when require_ek_cert is enabled
 2022-11-29 17:26:15 +01:00
Sergio Correia 346f3201ee Update to 6.5.0 
Resolves: rhbz#2120686 - Keylime configuration is too complex
 2022-09-21 13:59:21 -03:00
Sergio Correia d27537fb46
Update to 6.4.3 
Resolves: rhbz#2121044 - Error parsing EK ASN.1 certificate of Nuvoton HW TPM
 2022-08-27 02:54:43 +00:00
Patrik Koncity 59b5fc166b Update keylime selinux policy 2022-08-26 22:48:19 +02:00
Patrik Koncity ba67a34300 Update keylime selinux policy 
Resolves: rhbz#2121058
 2022-08-26 19:16:50 +02:00
Patrik Koncity f33189eab3 Update selinux policy and add misssing rules 
Resolves: rhbz#2121058
 2022-08-26 12:47:27 +02:00
Patrik Koncity 97e752b0b6 Add keylime-selinux policy 
Update .spec file to build
keylime-selinux subpackage.

Resolves: rhbz#2121058
 2022-08-25 19:45:42 -03:00
Sergio Correia 3fa30ae884 Fix typo in test name in gating.yaml 
swtMp -> swtpm
 2022-07-27 08:31:02 -03:00
Karel Srot e0f54f007e Fix typo in gating.yaml 
Signed-off-by: Karel Srot <ksrot@redhat.com>
 2022-07-12 07:47:17 +02:00
Sergio Correia 9017e1e7ec Fix efivar-libs dependency 
Related: rhbz#2082989
 2022-07-11 09:02:05 -03:00
Sergio Correia 9865b69545 Update to 6.4.2 
Related: rhbz#2082989
 2022-07-07 15:51:07 -03:00
Sergio Correia b19c921a82 Add keylime to RHEL-9 
Resolves: rhbz#2082989
 2022-06-24 14:43:37 -03:00
Release Configuration Management 9c72dfea97 New branch setup 2022-06-07 14:39:21 +00:00