This update for tboot fixes the following issues:
Security issues fixed:
- CVE-2017-16837: Fix tbootfailed to validate a number of immutable
function pointers, which could allow an attacker to bypass the chain of
trust and execute arbitrary code (boo#1068390).
- Make tboot package compatible with OpenSSL 1.1.0 for SLE-15 support
(boo#1067229).
Bug fixes:
- Update to new upstream version. See release notes for details (1.9.6;
1.9.5, FATE#321510; 1.9.4, FATE#320665; 1.8.3, FATE#318542):
- Fix some gcc7 warnings that lead to errors. (boo#1041264)
- Fix wrong pvops kernel config matching (boo#981948)
- Fix a excessive stack usage pattern that could lead to resets/crashes
(boo#967441)
- fixes a boot issue on Skylake (boo#964408)
- Trim filler words from description; use modern macros over shell vars.
- Add reproducible.patch to call gzip -n to make build fully reproducible.