Release version 1.5

New to this release is CI support for testing new kernel integrity
features not yet upstreamed and bugfixes, or functionality not enabled
by distros in a User Mode Linux (UML) environment.  Testing in a UML
environment also allows saving CI build artifacts, such as private
keys, needed for creating and loading public keys onto the trusted
kernel keyrings.  These public keys may be used for code - file data
and metadata - signature verification.

See the NEWS file for a short summary of changes and the git history
for details.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

NEWS

@@ -1,3 +1,32 @@
+2023-2-24  Mimi Zohar <zohar@linux.ibm.com>
+
+	version 1.5:
+
+	* CI changes:
+	  * New: UML kernel testing environment
+	  * Support for running specific test(s)
+	  * Update distros
+	  * Update software release versions
+	* New features:
+	  * Signing fs-verity signatures
+	  * Reading TPM 2.0 PCRs via sysfs interface
+	* New tests:
+	  * Missing IMA mmapped file measurements
+	  * Overlapping IMA policy rules
+	  * EVM portable signatures
+	  * fs-verity file measurements in the IMA measurement list
+	* Build and library changes:
+	  * OpenSSL 3.0 version related changes
+	  * New configuration options: --disable-engine, --enable-sigv1
+	  * Deprecate IMA signature v1 format
+	* Misc bug fixes and code cleanup:
+	  * memory leaks, bounds checking, use after free
+	  * Fix and update test output
+	  * Add missing sanity checks
+	* Documentation:
+	  * Store the sourceforge ima-evm-utils wiki for historical
+	    purposes.
+
 2021-10-22  Mimi Zohar <zohar@linux.ibm.com>
 
 	version 1.4:
@@ -64,7 +93,7 @@
 	    the TPM PCRs, verify the IMA template data digest against the
 	    template data.  (Based on LTP "--verify" option.)
 	  - Ignore file measurement violations while verifying the IMA
-	    measurment list. (Based on LTP "--validate" option.)
+	    measurement list. (Based on LTP "--validate" option.)
 	  - Verify the file data signature included in the measurement list
 	    based on the file hash also included in the measurement list
 	    (--verify-sig)
@@ -213,7 +242,7 @@
 2012-04-02  Dmitry Kasatkin  <dmitry.kasatkin@intel.com>
 
 	version 0.1.0
-	* Fully functional version for lastest 3.x kernels
+	* Fully functional version for latest 3.x kernels
 
 2011-08-24  Dmitry Kasatkin  <dmitry.kasatkin@intel.com>
 

configure.ac

@@ -1,7 +1,7 @@
 # autoconf script
 
 AC_PREREQ([2.65])
-AC_INIT(ima-evm-utils, 1.4, zohar@linux.ibm.com)
+AC_INIT(ima-evm-utils, 1.5, zohar@linux.ibm.com)
 AM_INIT_AUTOMAKE([foreign])
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_MACRO_DIR([m4])

packaging/ima-evm-utils.spec

@@ -1,5 +1,5 @@
 Name:		ima-evm-utils
-Version:	1.4
+Version:	1.5
 Release:	1%{?dist}
 Summary:	ima-evm-utils - IMA/EVM control utility
 Group:		System/Libraries

src/Makefile.am

@@ -4,7 +4,7 @@ libimaevm_la_SOURCES = libimaevm.c
 libimaevm_la_CPPFLAGS = $(AM_CPPFLAGS) $(LIBCRYPTO_CFLAGS)
 # current[:revision[:age]]
 # result: [current-age].age.revision
-libimaevm_la_LDFLAGS = -version-info 3:0:0
+libimaevm_la_LDFLAGS = -version-info 4:0:0
 libimaevm_la_LIBADD =  $(LIBCRYPTO_LIBS)
 
 if CONFIG_SIGV1