LVFS Releases¶
1.1.6 (2020-01-28)¶
This release adds the following features:
- Add a atom feed to public device page
- Add a claim for systems supporting Intel BiosGuard and BootGuard
- Add a
dell-biosversion format - Add a page to list consultants that can work on the LVFS
- Add a plugin to add component claims for specific shard GUIDs
- Add a release tag to store the vendor-specific firmware identifier
- Allow adding component claims based on the hash of a shard
- Allow syncing with other firmware databases
- Move the formal documentation to Sphinx
This release fixes the following bugs:
- Add many more database indexes to improve performance
- Add some missing vendor checks when proxying to the user ACL
- Allow vendor managers to see a read-only view of the restrictions page
- Always use the vendor-id restrictions of the ODM, not the OEM
- Fix support for multiple
LVFS::VersionFormattags - Include a vendor ID by default for testing accounts
- Make more queries compatible with PostgreSQL
- Never include firmware in private in any embargo remote
- Only show vendors with LVFS users on the vendorlist
- Reduce the memory consumption when running cron and doing yara queries
- Update the firmware report count at upload time
- Use SHA256 when storing the upload checksum
- Use the correct filename for a PKCS-7 payload signature
- Use UEFIExtract rather than chipsec to extract shards
1.1.5 (2019-11-15)¶
This release adds the following features:
- Add support for matching firmware requirements on device parents
- Allow researchers to run YARA queries on the public firmware
- Allow the blocklist plugin to add persistent claims
- Use PSPTool to parse the AMD PSP section
This release fixes the following bugs:
- Add the Dell PFS as a component shard
- Allow the owner of the firmware to always change update details
- Convert to Blueprints to improve page loading time
- Do not hardcode the list of version formats in various places
- Do not share the shard name between GUIDs
- Only auto-demote stable-to-testing, not testing-to-embargo or stable-to-embargo
- Show the version format versions with no trailing zeros
1.1.4 (2019-09-26)¶
This release adds the following features:
- Add component issues such as CVEs in a structured way
- Add more OEM notification emails for ODM actions
- Add support for name variant suffixes
- Add vendor namespaces to enforce ODM relationships
- Allow searching for CVEs when logged in
- Allow the OEM to better control what the ODM is able to do
This release fixes the following bugs:
- Allow vendors to optionally disable the inf parsing
- Blacklist generic GUIDs like ‘main-system-firmware’
- Check the source and release URLs are valid if provided
- Do not show deleted firmware on the recent list on the dashboard
- Don’t auto-demote firmware because of old reports
- Enforce the VersionFormat if the version is an integer
- Fix a crash if uploading a file with a missing metadata_license tag
- Provide a way to un-disable users as a vendor manager
- Regenerate embargo remotes ever 5 minutes
- Use a sane error message on upload when a component drops a GUID
1.1.3 (2019-08-06)¶
This release adds the following features:
- Show a nag message for admin or manager account without 2FA
- Do not use AppStream-glib to parse the metainfo file
- Automatically demote firmware with more than 5 failures and a success rate of %lt;70%
- Allow firmware or vendors to enable DoNotTrack functionality
- Show the user capabilities in the headerbar
- Protect all forms against CSRF
This release fixes the following bugs:
- Retry all existing tests if the category or protocol is changed
- Do not allow forward slashes in AppStream ID values
- Use a proper AppStream ID for the CHIPSEC shards
- Show flashed messages on the landing page
- Better support firmware requires without conditions or versions
- Do not allow AppStream markup in non description elements
1.1.2 (2019-05-28)¶
This release adds the following features:
- Add a new plugin to check portable executable files
- Save the shards in an on-disk cache which allows re-running tests
- Add a failure for any firmware that is signed with a 3-year expired certificate
- Add shard certificates to the database and show them in the component view
This release fixes the following bugs:
- Make it easier to enter multiline text as plugin settings
1.1.1 (2019-05-21)¶
This release adds the following features:
- Allow managers to edit their own list of embargoed countries
- Record the size and entropy of the component shards when parsing
- Analyze Intel ME firmware when it is uploaded
This release fixes the following bugs:
- Do not expect device checksums for ME or EC firmware
1.1.0 (2019-05-14)¶
This release adds the following features:
- Run CHIPSEC on all UEFI firmware files
- Show details of UEFI firmware volumes for capsule updates
- Show differences between public revisions of firmware
- Provide some extra information about detected firmware shards
This release fixes the following bugs:
- Only decompress the firmware once when running tests
- Make the component detail page a bit less monolithic
- Never leave tests in the running state if a plugin crashes
1.0.0 (2019-05-02)¶
This release adds the following features:
- Allow the admin to change the AppStream ID or name of components
This release fixes the following bugs:
- Do not allow the telemetry card title to overflow
- Ensure the
firmware-flashedvalue is a valid lowercase GUID - Make the component requirements page easier to use
- Do not add duplicate
<hardware>values - Remove the hard-to-use breadcrumb and use a single back button