[ubuntu/resolute-proposed] swtpm 0.10.1+ds-1ubuntu1 (Accepted)

Lena Voytek lena.voytek at canonical.com
Fri Dec 19 21:25:15 UTC 2025 

swtpm (0.10.1+ds-1ubuntu1) resolute; urgency=medium

  * Merge with Debian unstable (LP: #2126004).
    This is the first merge of swtpm histories between Debian and Ubuntu. As
    such, all superficial differences in the packaging have been removed in
    favor of matching Debian to reduce delta. Non-trivial changes from Debian
    include:
    - Addition of swtpm-libs binary package containing swtpm common libraries.
    - Addition of swtpm-dev binary package containing files for the CUSE
      interface.
    - d/copyright cleanup.
    - Additional patches:
      + increase-poll-timeout.patch: Double poll timeout to account for when
        swtpm creates a key.
      + automake-do-not-remove-checked-in-selinux-source-files.patch: Avoid
        cleaning up checked-in SELinux source files on distclean.
      + automake-remove-more-generated-files-on-distclean.patch: Remove
        additional unneeded files on distclean.
      + swtpm-install-sysusers.d-and-tmpfiles.d-configs.patch: Install
        sysusers.d and tmpfiles.d configs and remove swtpm-tools.postinst from
        configure.ac inclusions.
      + tests-Retry-NVWrite-command-after-0x922-return-code.patch: Retry
        NVWrite command in tests after 0x922 return code.
    - Add hardening=+all
    - Use --without-selinux in configuration.
    - Include binaries in self-tests.
    - Add command-line autopkgtest.
  * Remaining changes:
    - d/t/run-tests: Add autopkgtest to run upstream test suite.
    - d/swtpm-tools.postinst: Include upstream packaging fixes in postinst.
    - Use swtpm user for swtpm to avoid overloading tss user already used for
      physical tpm ACLs (LP #1949060).
      + d/rules: Set tss user in configure.
      + d/swtpm-tools.postinst: Swap from tss user to swtpm user.
      + d/control: Add adduser dependency to swtpm-tools for creating swtpm
        user.
    - d/p/openssl-not-certtool.patch: Use openssl at runtime, not certtool.
    - d/control: Add openssl runtime dependency to swtpm-tools.
    - Add apparmor profile to swtpm (LP #1950631).
      + d/usr.bin.swtpm: Create new apparmor profile.
      + d/swtpm.install: Copy apparmor profile to /etc/apparmor.d/.
      + d/rules: Deploy the swtpm apparmor profile.
      + d/control: Add dh-apparmor as a dependency.
    - d/clean: Clean man and gch files from source tree during build.
    - d/rules: Add dh_clean override from upstream.
    - d/p/fortify-source.patch: Add patch to force the buildsystem to build
      with -D_FORTIFY_SOURCE=3.
    - d/rules: Ignore make check tests when nocheck option set.
  * Dropped Changes:
    - d/p/no-autoconf-in-debian.patch
      [Included in swtpm-install-sysusers.d-and-tmpfiles.d-configs.patch]
    - d/swtpm-tools.install: swtpm_setup and swtpm-localca manpage inclusions.
      [Files removed upstream in 0.8]
  * d/NEWS: Add NEWS file to document changes from this initial Debian merge.

Date: Thu, 18 Dec 2025 09:15:50 -0500
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/swtpm/0.10.1+ds-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 18 Dec 2025 09:15:50 -0500
Source: swtpm
Built-For-Profiles: noudeb
Architecture: source
Version: 0.10.1+ds-1ubuntu1
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lena Voytek <lena.voytek at canonical.com>
Launchpad-Bugs-Fixed: 2126004
Changes:
 swtpm (0.10.1+ds-1ubuntu1) resolute; urgency=medium
 .
   * Merge with Debian unstable (LP: #2126004).
     This is the first merge of swtpm histories between Debian and Ubuntu. As
     such, all superficial differences in the packaging have been removed in
     favor of matching Debian to reduce delta. Non-trivial changes from Debian
     include:
     - Addition of swtpm-libs binary package containing swtpm common libraries.
     - Addition of swtpm-dev binary package containing files for the CUSE
       interface.
     - d/copyright cleanup.
     - Additional patches:
       + increase-poll-timeout.patch: Double poll timeout to account for when
         swtpm creates a key.
       + automake-do-not-remove-checked-in-selinux-source-files.patch: Avoid
         cleaning up checked-in SELinux source files on distclean.
       + automake-remove-more-generated-files-on-distclean.patch: Remove
         additional unneeded files on distclean.
       + swtpm-install-sysusers.d-and-tmpfiles.d-configs.patch: Install
         sysusers.d and tmpfiles.d configs and remove swtpm-tools.postinst from
         configure.ac inclusions.
       + tests-Retry-NVWrite-command-after-0x922-return-code.patch: Retry
         NVWrite command in tests after 0x922 return code.
     - Add hardening=+all
     - Use --without-selinux in configuration.
     - Include binaries in self-tests.
     - Add command-line autopkgtest.
   * Remaining changes:
     - d/t/run-tests: Add autopkgtest to run upstream test suite.
     - d/swtpm-tools.postinst: Include upstream packaging fixes in postinst.
     - Use swtpm user for swtpm to avoid overloading tss user already used for
       physical tpm ACLs (LP #1949060).
       + d/rules: Set tss user in configure.
       + d/swtpm-tools.postinst: Swap from tss user to swtpm user.
       + d/control: Add adduser dependency to swtpm-tools for creating swtpm
         user.
     - d/p/openssl-not-certtool.patch: Use openssl at runtime, not certtool.
     - d/control: Add openssl runtime dependency to swtpm-tools.
     - Add apparmor profile to swtpm (LP #1950631).
       + d/usr.bin.swtpm: Create new apparmor profile.
       + d/swtpm.install: Copy apparmor profile to /etc/apparmor.d/.
       + d/rules: Deploy the swtpm apparmor profile.
       + d/control: Add dh-apparmor as a dependency.
     - d/clean: Clean man and gch files from source tree during build.
     - d/rules: Add dh_clean override from upstream.
     - d/p/fortify-source.patch: Add patch to force the buildsystem to build
       with -D_FORTIFY_SOURCE=3.
     - d/rules: Ignore make check tests when nocheck option set.
   * Dropped Changes:
     - d/p/no-autoconf-in-debian.patch
       [Included in swtpm-install-sysusers.d-and-tmpfiles.d-configs.patch]
     - d/swtpm-tools.install: swtpm_setup and swtpm-localca manpage inclusions.
       [Files removed upstream in 0.8]
   * d/NEWS: Add NEWS file to document changes from this initial Debian merge.
Checksums-Sha1:
 f3c6fe71a97f15316ffe896666ed14d10e0d3a37 2569 swtpm_0.10.1+ds-1ubuntu1.dsc
 01e3c387804b6643abc85a4fde8732c869f6198a 309776 swtpm_0.10.1+ds.orig.tar.xz
 d3b74069b4b38e9a5cd59207d76f3c4e88f92fc1 17748 swtpm_0.10.1+ds-1ubuntu1.debian.tar.xz
 fcb27c894689cbee811894913358f3d824ef1f2a 9336 swtpm_0.10.1+ds-1ubuntu1_source.buildinfo
Checksums-Sha256:
 381b88c36b97b6e867e87160a4407a2dfd017e278376c04843681f6dccc433b2 2569 swtpm_0.10.1+ds-1ubuntu1.dsc
 bbecbe844fa84b1db0c26ade347374e5073e10c59df226066e04ce0ee09f105f 309776 swtpm_0.10.1+ds.orig.tar.xz
 49ffcacfc179a0d639e5fe2ff6b2fbaff9340f0cc710d5a18cd93c33ed4df70c 17748 swtpm_0.10.1+ds-1ubuntu1.debian.tar.xz
 72d8a15c22b59f7f50a627a1d214002bbf1c96d2afda2e83c1ae2c06ad7dec07 9336 swtpm_0.10.1+ds-1ubuntu1_source.buildinfo
Files:
 371fbe8d22f35847fa848beaa352c0f6 2569 misc optional swtpm_0.10.1+ds-1ubuntu1.dsc
 4e970efb7da8a190436823e0b6661e32 309776 misc optional swtpm_0.10.1+ds.orig.tar.xz
 b893e49ec57aca994a1e224a38035386 17748 misc optional swtpm_0.10.1+ds-1ubuntu1.debian.tar.xz
 12c2a19c81435fe25ac6adb2cb8c1d03 9336 misc optional swtpm_0.10.1+ds-1ubuntu1_source.buildinfo
Original-Maintainer: Luca Boccassi <bluca at debian.org>
Vcs-Git: https://git.launchpad.net/~lvoytek/ubuntu/+source/swtpm
Vcs-Git-Commit: 7900ab78385de94c0983187f568e836a1e1c33bb
Vcs-Git-Ref: refs/heads/merge-lp2126004-resolute

More information about the Resolute-changes mailing list