Description:
This update for fwupd fixes the following issues:
Changes in fwupd:
- Update to version 2.0.20:
+ This release adds the following features:
- Add support for changing AMD UMA carveout size
- Warn the user if they are using the blocked-firmware
functionality
+ This release fixes the following bugs:
- Disable the UEFI plugins on 32bit x86
- Do not hang when parsing an invalid USB descriptor
- Do not return an error if the fastboot property is not
provided
- Fix a CCGX DMC regression when installing on the HP G5 dock
- Fix a harmless heap OOB read in AMD kria SOM EEPROM parser
- Fix a potential fastboot string over-read
- Fix a regression causing MBIM QDU updates to fail
- Honor polkit auth for emulation tag modify device
- Speed up calculating the cab checksum by ~21%
- Verify the uncompressed size when decompressing CAB files
+ This release adds support for the following hardware:
- HP Engage One G2 Advanced Hub
- PixArt PJP274 (Framework Laptop)
- Several new Jabra GNP devices
- Allow fwupd.service to interact with cdrom (boo#1256507)
- Actually build and install manpages:
* These were originally removed because including them would
have required pulling a nasty set of ghc/pandocs build
dependencies directly into Ring 1
* fwupd upstream quickly reverted this change in 1.8.13, but
the conditional to block building/installing the manpages by
default was never removed from the specfile
* This restores the fwupd manpages, which have been sorely
missing in openSUSE for a couple years
- Update to version 2.0.19:
+ This release adds the following features:
- Add two commands to fwupdtool to calculate and find CRCs
- Allow systems to use the udev event source without using systemd
+ This release fixes the following bugs:
- Always show the correct new firmware version in 'fwupdmgr get-history'
- Fix an integer underflow when parsing a malicious PE file
- Fix a regression when enumerating the dell-dock status component
- Fix the fuzzer timeout when parsing a synaptics-rmi SBL container
- Fix updating the Intel GPU FWDATA section
- Respect 'fwupdmgr --force' when installing firmware
+ This release adds support for the following hardware:
- Lenovo Sapphire Folio Keyboard
- Update to version 2.0.18:
+ This release adds the following features:
- Add a MOTD message for devices needing reboot after staged updates
- Create the reboot-required file when a firmware update requires reboot
- Record the system state for each composite emulation
- Update USI docking station firmware without requiring a manual replug
+ This release fixes the following bugs:
- Add a MTD device problem if the Intel SPI BIOS lock is set
- Allow changing the child name when using PARENT_NAME_PREFIX
- Allow UpdateCapsule to work on systems that do not support SecureBoot
- Correctly parse the EFI_CAPSULE_RESULT_VARIABLE_HEADER
- Fall back to the SMBIOS version for BIOS MTD devices
- Fix a crash when trying to record an i2c emulation
- Fixed Huddly upgrade problems with major version changes
- Fix man page compatibility with apropos and whatis
- Fix parsing USB BOS descriptors
- Fix up the x86_64-specific capsule flags when deploying UEFI firmware
- Improve firmware stream searching speed by a huge amount
- Only convert the release uint32_t to device version format for UEFI devices
- Only handle SIGINT in fwupdtool when required
- Refactor the hypervisor and container detection to be usable from plugins
- Set PlatformArchitecture as the CPU architecture for RISC-V machines
- Use a sensible timeout when doing qc-s5gen2 HID requests
+ This release adds support for the following hardware:
- HP Portable USB-C 4K HDMI Hub
- Lenovo Legion Go 2 (as a HID device)
- Synaptics HapticsPad
- Do not try to load i2c_dev kernel module on s390x. S390x has no
native i2c devices and does not have the module (bsc#1253138).
- Update to version 2.0.17:
+ This release adds the following features:
- Add support for client-side phased update deployment
- Add support for post-quantum signatures
- Allow clearing the cache dirirectory
- Allow fwupdtpmevlog to dump the raw eventlog data
- Build a NVMe GUID derived from the serial number
- Make fwupdtool extract work with deeply nested images
- Parse VSS and FTW variable stores from EFI volumes
- Reintroduce the FreeBSD CI target
- Support very old versions of UDisks
+ This release fixes the following bugs:
- Add 'fwupdmgr hwids' by exposing another daemon property
- Add offline hashes for the Microsoft 20250902 dbx
- Add the Framework-specific KEK and db hashes
- Allow updating IFD BIOS region via parent MTD
- Avoid showing reinstall prompts for composite devices
- Clean up the fwupdtool lock file in all cases
- Correctly match the correct historical composite component
- Do not allow PK or KEK updates when system has a test key installed
- Do not allow reinstalling when using ONLY_VERSION_UPGRADE
- Do not require AC power to run the installed tests
- Do not scan EFI volumes when constructing MTD BIOS devices
- Ensure REGION is always set for MTD IFD children
- Ensure SCSI instance IDs are valid ASCII values
- Fix a critical warning when parsing invalid Jabra firmware
- Fix an Ilitek parsing crash found when fuzzing
- Fix an inotify race when refreshing metadata
- Fix a pending-activation problem with Dell docking stations
- Fix a potential hang when creating a chunk array with aligned sizes
- Fix MTD emulation recording for PCI-backed devices
- Fix the device order when the parent specifies install-parent-first
- Fix the FLMSTR layout when reading IFD partitions
- Fix the thunderbolt controller rushing to finalize before onlining retimers
- Fix writing Intel GPU OptionROM data and OptionROM code
- Flush stale events to make the Logitech Rallybar more reliable
- Ignore all the Intel GPU MTD devices
- Ignore errors when writing the last page of Dell dock firmware
- Make an error message more specific
- Modify the Dell dock needs-activation flag after updates are installed
- Only add one devlink device for each PCI card
- Parse the FMAP SBOM area as uSWID when required
- Relax the USI dock DMC child device checks for new firmware
- Revert back to the flashrom deprecated API as the new API is unusable
- Rewrite the fwupdmgr manpage to be more useful
- Use higher delay when update status for Logitech peripheral devices
+ This release adds support for the following hardware:
- ASUS CX9406 (touch controller)
- Framework Copilot keyboard
- Genesys GL352530 and GL352360
- Huddly C1
- Lexar and Maxio NVMe SSDs
- Primax Ryder mouse 2
- Add pkgconfig(libmnl) BuildRequires: new dependency.
- Fix file list
- Update to version 2.0.16:
+ This release adds the following features:
- Add a 'search' feature to fwupdtool and fwupdmgr
+ This release fixes the following bugs:
- Fix missing release locations when loading from artifact
- Fix remaining issues to make updates on FreeBSD work
- Update to version 2.0.15:
+ This release adds the following features:
- Allow child devices to use the parent name as a prefix
+ This release fixes the following bugs:
- Add newer commands and options for Fish completion
- Allow installing archives named as .CAB rather than .cab
- Erase Firehose modem devices correctly
- Fix Goodix enumeration issues
- Fix sending firmware reports without --force
- Fix the FreeBSD build
- Fix version number of BnR MTD devices
- Require additional requirements for the default PS5512 devboard
- Require a full system shutdown for all Micron NVMe updates
- Use a better name for Elan touchpad and Intel PCH SPI devices
+ This release adds support for the following hardware:
- Foxconn SDX61 Modem
- Jabra Evolve2 child devices
- NVIDIA ConnectX-6, ConnectX-7 and ConnectX-8 NICs
- Update to version 2.0.14:
+ This release adds the following features:
- Add support for ignoring the network connectivity requirement
- Allow building on RHEL-9 and RHEL-10
- Allow plugins to know the firmware version during update
- Allow UEFI capsule devices to opt-out of Capsule-on-Disk
- Allow unsetting HwID plugin context flags
- Allow upgrading from a zero "empty" UEFI dbx
+ This release fixes the following bugs:
- Add an automatic firehose counterpart to the QCDM modem device
- Disable signature time checks when verifying firmware
- Do not add a vendor ID of UNKNOWN when the signature has no vendor
- Do not discover ThunderBolt retimer devices when run in single-shot mode
- Do not use deprecated libflashrom API
- Enhance firmware metadata generation in firmware_packager
- Ensure Lexar NVMe drives use a proper version number
- Fix parsing and writing UF2 extension sections
- Fix Synaptics RMI initialization for new devices
- Fix updating DFOTA and MBIM modem devices
- Move some vendor name fixups to the quirk file
- Remove CapsuleOnDisk HwID match for Dell
- Return a sensible error when using build-cabinet wrong
- Set the firehose loader filename in a more permissive way
- Update the mapping for TPM vendor names
- Verify the checksum of the serialized data in tests
- Work around a libmbim bug when detaching
+ This release adds support for the following hardware:
- Egis MoC devices
- Framework QMK devices
- ILITEK touch controllers
- SteelSeries Arctis Nova 3P
- drop unneeded gpgme build dependency. GPG support is provided
with libjcat
- Update to version 2.0.13:
+ This release adds the following features:
- Add a daemon config option to ignore efivars free space
- Add support for glob-aware version comparison requirements
- Allow targeting specific regions in FMAP when using flashrom
- Detect static variables and magic numbers during code review
- Remove the unused hailuck and rts54hid plugins
+ This release fixes the following bugs:
- Align MTD erase up to the erasesize as necessary
- Allow parsing IGSC OptionROM when using fwupdtool
- Allow removing private flags from UEFI capsule devices in quirks
- Do not copy the vendor for Intel reference ME firmware
- Do not use an interactive console if stdout is redirected
- Fix the UEFI self-test when the capsule splash is disabled
- Get better device information when using PCI-backed MTD devices
- Get the Intel GPU SKU and SVN when using BMG hardware
- Make MBIM modem devices emulatable
- Make sure fwupdtool.exe is available in the Windows PATH
- Only show the 'Full Disk Encryption Detected' warning when required
- Set all QCDM modem devices to raw mode when updating
- Show all devices for fwupdtool get-devices --show-all --force
- Show correct dbx version if non-Microsoft entries are present
- Show KEK device attributes in fwupdmgr
- Use an alternate GUID when the Intel GPU is in recovery mode
- Use the kernel netlink hotplug socket when there is no Udev
- Various small changes to speed up startup by 60% and lower RSS by 40%
+ This release adds support for the following hardware:
- HP USB-C 100W G6 Dock
- Logitech Bulk Controller pheripherals
- More MediaTek scaler devices
- Fix %{_modulesloaddir}/fwupd-i2c.conf packaging
- Update to version 2.0.12:
+ This release adds the following features:
- Add a config option for enforcing immutable device enumeration
- Add device emulation support for Thunderbolt host controllers
- Do the efivarfs free space checks for dbx, db, KEK and PK devices
- Ensure the i2c_dev kernel driver is always loaded if a module
- Parse the SBOM data from fwupdx64.efi if provided
- Support loading multiple coSWID blobs from PE files
+ This release fixes the following bugs:
- Added HP Elitedesk G6 mini to not get dbx-updates
- Add two more uefi dbx checksum->version entries
- Be more useful when building modem device Instance IDs
- Convert asus-hid and legion-hid2 to hidraw to avoid possible input blips
- Do not create radio for Logitech RDFU-capable devices
- Fix a modem-manager regression where a PCI device had no vendor ID
- Fix a regression when updating DFOTA modem devices
- Fix self tests when building with -Defi_os_dir
- Fix self tests when the builder does not support DistroVersion
- Fix updating Thunderbolt host controllers with some version formats
- Handle HECI unsupported status (0x0b) for Dell hardware
- Make tar a dependency of the uefi-capsule tests
- Mark the KEK and db updates as affecting FDE like BitLocker
- Properly detect the Redfish reboot request for Dell servers
- Send the proper artifact firmware filename to the Redfish BMC
- Set the correct RMM device version for some Dell dock devices
- Use inhibits so that the rts54hub device is marked as non-updatable
- Use the virtual size to avoid padding when cutting PE sections
- Wait for the Logitech Scribe device to replug after updating
+ This release adds support for the following hardware:
- HP Portable USB-C Hub
- More Foxconn 5G modem products
- More Intel Arc Battlemage products
- Update to version 2.0.11:
+ This release adds the following features:
- Add a new check-reboot-needed command for scripts to use
- Read the SELinux state in the report failure metadata
+ This release fixes the following bugs:
- Add some notes in the README about security-relevant build flags
- Add support for the Dell dock ownership command
- Add the subsystem VIDPID when provided by ModemManager
- Allow changing the rts54hub block size from a quirk entry
- Allow Legion HID2 downgrades without --force, and clear config on upgrades
- Allow specifying multiple DEVICE-IDs for the get-updates command
- Cache the stream when parsing the processed cabinet to fix the report upload
- Do not allow DBX updates on the AiStone X5KK4NAG
- Do not use translated low-level error messages in the failure report
- Fall back to the activation date if the X.509 cert has no suitable subject
- Fix newer Synaptics VMM9 devices by adding a delay after disabling RC
- Ignore some sanity checks when parsing PK, KEK and db certificates
- Increase timeout requested by logitech RDFU devices
- Never include systemd.machine_id in the failure report
- Parse the correct VendorID from the ModemManager device ID
- Process all pending event sources when waiting for replug
- Use the UEFI PK report attributes for the other UEFI plugins
+ This release adds support for the following hardware:
- Lenovo Thunderbolt 5 Smart Dock
- Update to version 2.0.10:
+ This release adds the following features:
- Include the AGESA version as the summary of the AMD secure processor device
- Include the UEFI PK certificate key ID in the uploaded problem report
- Provide a way for the client to restrict the GUID list to an emulated device
+ This release fixes the following bugs:
- Do not allow dbx updates on the HP Elitebook 845 Gen10
- Do not warn about BIOS bugs we can easily work around
- Fix a regression in fwupdmgr emulation-save when recording some devices
- Fix a regression preventing installation of KEKs
- Fix a small memory leak when getting security attributes
- Never write a UX capsule when using Capsule-On-Disk
- Use the 'OnBattery' property from upower to tell if plugged in
+ This release adds support for the following hardware:
- Lenovo Legion Touchpad
- Logitech MX Mechanical
- Poly Studio V72 and V12
- Update to version 2.0.9:
+ This release adds the following features:
- Add some documentation about updating the KEK and db
- Allow installing multiple db certificate updates at the same time
- Show what certificate signed the EFI authenticated variable
- Use readline to look up inputs from user, and make it optional
+ This release fixes the following bugs:
- Add several devices with broken firmware to the UEFI dbx blocklist
- Constructing the authenticated URI properly when using FirmwareBaseURI
- Do not enumerate non-updatable OptionROM devices
- Do not export Redfish backup partitions as devices
- Fix a crash when installing some Wacom firmware types
- Fix a crash when parsing uevents that are not KEY=VALUE
- Fix parsing the DFU descriptor when not using libusb
- Fix PK and KEK enumeration failure on some systems
- Fix SMBIOS parsing for ROM size >= 16MiB
- Include a resolution for more of the HSI failures
- Include more output when using fwupdtool get-devices --json
- Never allow updating updatable-hidden devices with fwupdtool
- Properly handle redfish location redirect when installing firmware
- Recognize a very old dbx hash to allow upgrades
- Require a reboot after updating Intel CVS devices
- Rework the MEI code so that a device can use more than one interface
- Rewrite the ModemManger plugin to be simpler and more supportable
- Simplify parsing USB descriptors
+ This release adds support for the following hardware:
- Intel Arc Battlemage GPUs
- Add explicit pkgconfig(libusb-1.0) B?uildREquires: pulled in by
gusb already, but having it explicit allows to add specific
version constrains.
- Add pkgconfig(readline) BuildRequires: new dependency.
- Update to version 2.0.8:
+ This release adds the following features:
- Add the updated UEFI db as a new HSI attribute
- Add two new plugins that can update the UEFI Signature Database and KEK
+ This release fixes the following bugs:
- Add /sys/firmware/efi/efivars to ReadWritePaths
- Avoid any DPAUX IO if the BnR DPCD does not match
- Be more careful falling back to older emulation versions
- Detect the Firehose protocol features if not automatically sent
- Do not match SMC Redfish method on non-Supermicro hardware
- Do not show prompts or messages in --json mode
- Fix a critical warning when enumerating DTH135K0C
- Make the EFI LOADOPT either a path or ShimHive when setting metadata
- Match lowercase directory names when checking for ESP
- Only allow UEFI capsule updates on UEFI-capable architectures
- Set the version format when using fwupdtool install offline
- Support segment value 0 in the ccgx-dmc image parser
- Update to version 2.0.7:
+ This release adds the following features:
- Allow calling 'fwupdtool security' with a fwupd version parameter
- A new plugin to update B&R DisplayPort receivers
- A new plugin to update Intel CVS cameras
- A new plugin to verify UEFI memory protection attributes
- A new quirk to signify that no additional ESP space is required
- Build additional Redfish instance IDs for Dell server hardware
- Implement the HPE proprietary Redfish firmware push method
- Support cabinet archives greater in size than 2GB
- Support for showing the SBOM release URL
- Support for UEFI capsule installation in the bootloader
+ This release fixes the following bugs:
- Always close USB file descriptors after starting the daemon
- Do not add a Redfish release date if set to 00:00:00Z
- Fix a critical warning when rescanning a device with no GUIDs
- Fix a small memory leak when emumerating Logitech Rallysystem devices
- Fix a tiny Redfish memory leak when writing firmware
- Fix building against pygobject 3.52
- Fix Logitech BulkController setup for new device firmware versions
- Fix scaler-only Wacom USB update deployment
- Fix updating the RMM component in the dell-kestrel dock
- Fix writing new EFI variables to workaround a kernel regression
- Make PCI NAME and SSVID_SSPID based modem-manager IDs visible
- Parse firmware before putting the device into bootloader mode
- Prepend the capsule header when using Capsule-on-Disk
- Put a memory limit on decoding LZMA streams when parsing firmware
- Retry claiming the fastboot interface for up to 2500ms
- Trigger dpaux rescan on drm changes correctly
- Use the metadata version format to set the version_lowest when required
+ This release adds support for the following hardware:
- Another HP wireless dongle
- Lenovo ThinkPad Thunderbolt 4 Smart Dock Gen2
- Lenovo USB-C Dual Display Travel Dock
- More EDL 5G modem devices
- Align meson call with current upstream supported parameters.