ST-announce July 2024

st-announce@lists.system-transparency.org

1 participants
3 discussions

stboot-v0.4.3 release
by Rasmus Dahlberg 13 Jul '24

13 Jul '24

The ST team is happy to announce a new release of the stboot bootloader, tag v0.4.3, which succeeds the previous release at tag v0.3.6. The source code for this release is available from the git repository: git clone -b v0.4.3 https://git.glasklar.is/system-transparency/core/stboot.git Authoritative ST release signing keys are published at: https://www.system-transparency.org/keys The tag signature can be verified using the following command: git -c gpg.format=ssh \ -c gpg.ssh.… [View More]allowedSignersFile=allowed-ST-release-signers \ tag --verify v0.4.3 The expectations and intended use of the stboot bootloader is documented in the repository's RELEASES file. This RELEASES file also contains more information concerning the overall release process, see: https://git.glasklar.is/system-transparency/core/stboot/-/blob/v0.4.3/RELEA… Learn about what's new in a release from the repository's NEWS file. An excerpt from the latest NEWS-file entry is listed below for convenience. If you find any bugs, please report them on the System Transparency discuss list or open an issue on GitLab in the stboot repository: https://lists.system-transparency.org/mailman3/postorius/lists/st-discuss.l… https://git.glasklar.is/system-transparency/core/stboot/-/issues Cheers, The ST team NEWS for stboot v0.4.3 This release of stboot includes bug fixes and new features. The most notable feature is the ability to enter provisioning mode even if a host configuration has already been provisioned on the system. Bug fixes: * When running stboot as the init process, load kernel modules before trying to mount /sys/firmware/efi/efivars. This ensures EFI variables will work when the efivarfs driver is provided as a loadable kernel module (rather than being built into the kernel). For users that use u-root as the init process: be aware that the same issue which has now been fixed in stboot still remains open in u-root, see https://github.com/u-root/u-root/issues/2993. * Properly wait for the selected network interfaces to reach state UP before considering the network to be configured successfully. This ensures stboot will not spend any of its retries due to interfaces that are not up yet. New features and improvements: * If a provisioning OS package is included in the stboot image, it is now possible to enter provisioning mode if the provisioned host configuration is invalid or if the user presses Ctrl-C. See docs/stboot-system.md for details and security implications. * The OS package descriptor now supports "os_pkg_url" to be relative to the descriptor's (absolute) base URI. Refer to the OS package specification for the exact resolution rules. This release has been tested to work with: * Artifacts produced by stmgr v0.4.0 (pre-release version). https://git.glasklar.is/system-transparency/core/stmgr/-/tree/v0.4.0 * Systems provisioned with stprov v0.3.8 (pre-release version) https://git.glasklar.is/system-transparency/core/stprov/-/tree/v0.3.8 This release implements the specifications at https://git.glasklar.is/system-transparency/project/docs/-/tree/v0.3.0/cont… [View Less]

1 0

stprov-v0.3.9 release
by Rasmus Dahlberg 10 Jul '24

10 Jul '24

The ST team is happy to announce a new release of the stprov software, tag v0.3.9, which succeeds the previous release at tag v0.3.5. The source code for this release is available from the git repository: git clone -b v0.3.9 https://git.glasklar.is/system-transparency/core/stprov.git Authoritative ST release signing keys are published at https://www.system-transparency.org/keys/ and the tag signature can be verified using the command git -c gpg.format=ssh \ -c gpg.ssh.… [View More]

1 0

stmgr-v0.4.1 release
by Rasmus Dahlberg 10 Jul '24

10 Jul '24

The ST team is happy to announce a new release of the stmgr program, tag v0.4.1, which succeeds the previous release at tag v0.3.3. The source code for this release is available from the git repository: git clone -b v0.4.1 https://git.glasklar.is/system-transparency/core/stmgr.git Authoritative ST release signing keys are published at https://www.system-transparency.org/keys, and the tag signature can be verified using the command git -c gpg.format=ssh -c gpg.ssh.allowedSignersFile=… [View More]

1 0

2025

2024

2023

ST-announce July 2024