From 37465ef4275814957ec2da223bdf301ad50027c4 Mon Sep 17 00:00:00 2001 From: Karanbir Singh Date: Jun 27 2014 14:33:00 +0000 Subject: roll in CentOS x509 for kpatch, driver update and mod signing --- diff --git a/.gitignore b/.gitignore index e8e2a2b..981fd72 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ SOURCES/linux-3.10.0-123.1.2.el7.tar.xz -SOURCES/rheldup3.x509 -SOURCES/rhelkpatch1.x509 diff --git a/.kernel.metadata b/.kernel.metadata index 4230fd3..8367d6f 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,3 +1 @@ 124299b482b4ab8184edee1923d131114c116067 SOURCES/linux-3.10.0-123.1.2.el7.tar.xz -95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 -d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 diff --git a/SOURCES/centos-kpatch.cer b/SOURCES/centos-kpatch.cer new file mode 100644 index 0000000..27ec44d Binary files /dev/null and b/SOURCES/centos-kpatch.cer differ diff --git a/SOURCES/centos-ldup.cer b/SOURCES/centos-ldup.cer new file mode 100644 index 0000000..0962d71 Binary files /dev/null and b/SOURCES/centos-ldup.cer differ diff --git a/SOURCES/x509.genkey b/SOURCES/x509.genkey index b1bbe38..d98f8fe 100644 --- a/SOURCES/x509.genkey +++ b/SOURCES/x509.genkey @@ -5,9 +5,9 @@ prompt = no x509_extensions = myexts [ req_distinguished_name ] -O = Red Hat -CN = Red Hat Enterprise Linux kernel signing key -emailAddress = secalert@redhat.com +O = CentOS +CN = CentOS Linux kernel signing key +emailAddress = security@centos.org [ myexts ] basicConstraints=critical,CA:FALSE diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 70e9473..fe9eeac 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -339,8 +339,8 @@ Source10: sign-modules Source11: x509.genkey Source12: extra_certificates Source13: centos.cer -Source15: rheldup3.x509 -Source16: rhelkpatch1.x509 +Source15: centos-ldup.cer +Source16: centos-kpatch.cer Source18: check-kabi @@ -1475,6 +1475,7 @@ fi * Tue Jun 24 2014 Karanbir Singh [3.10.0-123.1.2.el7.centos] - Patch in CentOS SecureBoot certs - Add in debranding patches +- Add in CentOS driver update and kpatch certs * Wed Jun 4 2014 Phillip Lougher [3.10.0-123.1.2.el7] - [tty] n_tty: Fix n_tty_write crash when echoing in raw mode (Aristeu Rozanski) [1094241 1094242] {CVE-2014-0196}