| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- Update to 1.2.0: * Closed issue since 1.2.0-rc1: - Parsec 1.1 fails to build with meta-security master branch
- Disable jwt-svid-authenticator (SPIFFE) until fixed upstream with gcc13 - https://github.com/parallaxsecond/parsec/issues/672
- Update to 1.2.0-rc1 - Drop upstream patch: * 664.patch
- Add patch to fix build on Tumbleweed (update tss-esapi to 7.2.0): * 664.patch - Add <param name="update">true</param> to _service to apply security updates - Use cargo-packaging for all flavors - Enable cargo_audit
- Add libstdc++6-devel-gcc11 to fix build with GCC11 on Backports SLE15-SP4/5
- Update to 1.1.0:
* Main updates:
- Add generate random support into TPM and PKCS11 providers
- Implement configurable exclusion of deprecated primitives
- Allow binary PIN values for PKCS11 provider
- Recognise a PKCS11 hardware token with its serial number
instead of slot number
* Full changelog: https://github.com/parallaxsecond/parsec/releases/tag/1.1.0
- Update to 1.1.0-rc2
- rust-packaging -> cargo-packaging (bsc#1198131)
- Update to 1.0.0: * Update changelog file only - Disable build on x86 since the build fails
- Update to 1.0.0-rc3: * Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc2...1.0.0-rc3 * Fixes CVE-2022-24713 - boo#1196972
- Update to 1.0.0-rc2: * Changelog: https://github.com/parallaxsecond/parsec/compare/1.0.0-rc1...1.0.0-rc2 - Remove CryptoAuthLib (CAL) provider as it is unmaintained.
- Update to 1.0.0-rc1: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.1...1.0.0-rc1 - Drop upstream patch: * harden_parsec.service.patch
- Update to 0.8.1: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.8.0...0.8.1
- Fix /run/parsec permission to 755. This is enough for all users to access the service - boo#1193484 - CVE-2021-36781
- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): * harden_parsec.service.patch Modified: * parsec.service * Upstream submission: https://github.com/parallaxsecond/parsec/issues/569
- Allow access to /run/parsec to all users - Requires rust 1.53+ (now also available in 15.3/15-SP3 via Update) which allow to enable same features accross distros
- Update to 0.8.0: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.7.2...0.8.0 - Drop upstream patch: * parsec-fix-old-rust.patch - Disable 'trusted-service-provider' as it currently fails to build - Disable 'jwt-svid-authenticator' (SPIFFE-based authenticator) on Leap, as it cannot be compiled with rust 1.43.1
- Fix build with old rust used in Leap 15.3/SLE15-SP3. * parsec-fix-old-rust.patch
- Requires 'tpm2-0-tss' as it holds the udev rule to make /dev/tpm* owned by tss user - Requires 'libtss2-tcti-device0' as it is required to start parsec with TPM support
- Enable all authenticators which adds 'direct-authenticator' - Add CryptoAuthLib template (disabled) in config.toml
- Make 'parsec' user part of 'tss' group to access /dev/tpm* devices
- Update to 0.7.2: * Changelog: https://github.com/parallaxsecond/parsec/compare/0.6.0...0.7.2
- Recommends 'opensc' as it is used to initialize HSM keys (PKCS#11 backend) - Add PKCS#11 template (disabled) in config.toml - Disable Tpm backend by default in config.toml
- Enable 'all-providers' which adds 'pkcs11-provider' compared to previous config - Drop unneeded patch: * pkcs11-libloading-issue.patch
- Update to 0.6.0 - Update config.toml - Add patch: * pkcs11-libloading-issue.patch
- Initiale version 0.5.0