keylime-verifier-7.3.0-15.el9 RPM for s390x

From CentOS Stream 9 AppStream for s390x

The Keylime Verifier continuously verifies the integrity state
of the machine that the agent is running on.

Provides

• keylime-verifier
• config(keylime-verifier)
• keylime-verifier(s390-64)

Requires

• /bin/sh
• /bin/sh
• /bin/sh
• /usr/bin/python3
• config(keylime-verifier) = 7.3.0-15.el9
• keylime-base = 7.3.0-15.el9
• python3-keylime = 7.3.0-15.el9
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1

License

MIT

Changelog

* Wed Feb 05 2025 Sergio Correia <scorreia@redhat.com> - 7.3.0-15
  - Use TLS on revocation notification webhook
  - Include system installed CA certificates when verifying webhook
     server certificate
  - Include the CA certificates added via configuration file option
    'trusted_server_ca'
    Resolves: RHEL-78057
    Resolves: RHEL-78313
    Resolves: RHEL-78316
* Fri Jan 10 2025 Sergio Correia <scorreia@redhat.com> - 7.3.0-14
  - Backport keylime-policy tool
    Resolves: RHEL-75797
* Fri Jan 05 2024 Sergio Correia <scorreia@redhat.com> - 7.3.0-13
  - Backport fix for CVE-2023-3674
    Resolves: RHEL-21013
* Tue Oct 17 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-12
  - Set the generator and timestamp in create_policy.py
    Related: RHEL-11866
* Mon Oct 09 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-11
  - Suppress unnecessary error message
    Related: RHEL-11866
* Fri Oct 06 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-10
  - Restore allowlist generation script
    Resolves: RHEL-11866
    Resolves: RHEL-11867
* Wed Sep 06 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-9
  - Rebuild for properly tagging the resulting build
    Resolves: RHEL-1898
* Fri Sep 01 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-8
  - Add missing dependencies python3-jinja2 and util-linux
    Resolves: RHEL-1898
* Mon Aug 28 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-7
  - Automatically update agent API version
    Resolves: RHEL-1518
* Mon Aug 28 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-6
  - Fix registrar is subject to a DoS against SSL (CVE-2023-38200)
    Resolves: rhbz#2222694
* Fri Aug 25 2023 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 7.3.0-5
  - Fix challenge-protocol bypass during agent registration (CVE-2023-38201)
    Resolves: rhbz#2222695
* Tue Aug 22 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-4
  - Update spec file to use %verify(not md5 size mode mtime) for files updated in %post scriptlets
    Resolves: RHEL-475
* Tue Aug 15 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-3
  - Fix Keylime configuration upgrades issues introduced in last rebase
    Resolves: RHEL-475
  - Handle session close using a session manager
    Resolves: RHEL-1252
  - Add ignores for EV_PLATFORM_CONFIG_FLAGS
    Resolves: RHEL-947
* Tue Aug 08 2023 Patrik Koncity <pkoncity@redhat.com> - 7.3.0-2
  - Keylime SELinux policy provides more restricted ports.
  - New SELinux label for ports used by keylime.
  - Adding tabrmd interfaces allow unix stream socket communication and dbus communication.
  - Allow the keylime_server_t domain to get the attributes of all filesystems.
    Resolves: RHEL-595
    Resolves: RHEL-390
    Resolves: RHEL-948
* Wed Jul 19 2023 Sergio Correia <scorreia@redhat.com> - 7.3.0-1
  - Update to 7.3.0
    Resolves: RHEL-475

Files

/etc/keylime/verifier.conf
/etc/keylime/verifier.conf.d
/usr/bin/keylime_ca
/usr/bin/keylime_verifier
/usr/lib/systemd/system/keylime_verifier.service
/usr/share/licenses/keylime-verifier
/usr/share/licenses/keylime-verifier/LICENSE

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Feb 11 09:04:47 2025