diff --git a/.github/scripts/README.md b/.github/scripts/README.md index fd349d8cb..6f1d1820e 100644 --- a/.github/scripts/README.md +++ b/.github/scripts/README.md @@ -352,6 +352,8 @@ bash .github/scripts/nix.sh --variant fips --link dynamic sbom --target server Updates Nix expected-hash inputs by parsing **GitHub Actions** packaging logs (fixed-output derivation hash mismatches). +This works even if the workflow run is still in progress (it fetches per-job logs directly when needed). + This command is meant to be used after a CI packaging job fails with a message like: - `specified: sha256-...` diff --git a/.github/scripts/release.sh b/.github/scripts/release.sh index d52815512..2349b5068 100755 --- a/.github/scripts/release.sh +++ b/.github/scripts/release.sh @@ -62,4 +62,4 @@ git cliff -w "$PWD" -u -p CHANGELOG.md -t "$NEW_VERSION" ${SED_BINARY} "${SED_IN_PLACE[@]}" 's/(#\([0-9]\+\))/([#\1](https:\/\/github.com\/Cosmian\/kms\/pull\/\1))/g' CHANGELOG.md bash .github/scripts/build_ui.sh -bash .github/scripts/nix.sh update-hashes +bash .github/scripts/nix.sh sbom diff --git a/.github/scripts/update_hashes.sh b/.github/scripts/update_hashes.sh index 8cfad5f70..7bdc66438 100644 --- a/.github/scripts/update_hashes.sh +++ b/.github/scripts/update_hashes.sh @@ -114,10 +114,12 @@ else # Get all failed jobs from this run (id + name). # We rely on the job name (when available) to infer platform/linkage for server vendor hashes. FAILED_JOBS=$(gh api "repos/Cosmian/kms/actions/runs/$RUN_ID/jobs" \ - --jq '.jobs[] | select(.conclusion == "failure") | [.id, .name] | @tsv' 2>/dev/null || echo "") + --jq '.jobs[] + | select((.conclusion == "failure") or (.status == "in_progress")) + | [.id, .name] | @tsv' 2>/dev/null || echo "") if [ -z "$FAILED_JOBS" ]; then - echo "No failed jobs found in run $RUN_ID. Nothing to update." + echo "No failed or in-progress jobs found in run $RUN_ID. Nothing to update." exit 0 fi fi @@ -125,6 +127,31 @@ fi # Declare associative array to store hash updates declare -A FILE_TO_HASH +stream_job_logs() { + local run_id="$1" + local job_id="$2" + local tmp + tmp=$(mktemp -t gha-job-log.XXXXXX) + + # Prefer `gh run view` (nice formatting and smaller for failed steps), + # but it may refuse logs while the overall run is still in progress. + if gh run view "$run_id" --log-failed --job "$job_id" >"$tmp" 2>/dev/null; then + cat "$tmp" + rm -f "$tmp" + return 0 + fi + + if gh run view "$run_id" --log --job "$job_id" >"$tmp" 2>/dev/null; then + cat "$tmp" + rm -f "$tmp" + return 0 + fi + + # Fallback: fetch raw job logs directly (works even if run is still running). + rm -f "$tmp" + gh api "repos/Cosmian/kms/actions/jobs/$job_id/logs" 2>/dev/null || true +} + # Process each failed job while IFS=$'\t' read -r JOB_ID JOB_NAME; do [ -z "${JOB_ID:-}" ] && continue @@ -142,10 +169,6 @@ while IFS=$'\t' read -r JOB_ID JOB_NAME; do # If a specific job was requested and it didn't fail, fall back to the full job log. # Output format is typically: " | ". last_drv_name="" - log_cmd=(gh run view "$RUN_ID" --log-failed --job "$JOB_ID") - if ! "${log_cmd[@]}" >/dev/null 2>&1; then - log_cmd=(gh run view "$RUN_ID" --log --job "$JOB_ID") - fi while IFS= read -r raw_line; do line="$raw_line" @@ -221,7 +244,7 @@ while IFS=$'\t' read -r JOB_ID JOB_NAME; do last_drv_name="" fi fi - done < <("${log_cmd[@]}" 2>/dev/null || true) + done < <(stream_job_logs "$RUN_ID" "$JOB_ID") done <<<"$FAILED_JOBS" # Apply updates diff --git a/.github/scripts/windows_ui.ps1 b/.github/scripts/windows_ui.ps1 index 2ed74438f..4ac4f4386 100644 --- a/.github/scripts/windows_ui.ps1 +++ b/.github/scripts/windows_ui.ps1 @@ -57,7 +57,7 @@ function Build-UI { { "name": "cosmian_kms_client_wasm", "type": "module", - "version": "5.15.0", + "version": "5.16.0", "main": "cosmian_kms_client_wasm.js", "types": "cosmian_kms_client_wasm.d.ts" } diff --git a/CHANGELOG.md b/CHANGELOG.md index 32f3d97d1..6d2d33c37 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -27,7 +27,7 @@ All notable changes to this project will be documented in this file. ### 🐛 Bug Fixes -- Fix SQL Locate request for OpenTelemetry metrics collector: +- Fix SQL Locate request for OpenTelemetry metrics collector (#694): - Refactored SQL Locate query building in locate_query.rs to use bound, typed parameters (LocateQuery + LocateParam) instead of interpolating values into SQL (safer + fixes type/cast handling across SQLite/Postgres/MySQL). - Updated the SQL backends to consume the new LocateQuery API: crate/server_database/src/stores/sql/{mysql,pgsql,sqlite}.rs. - Improved DB test error context in json_access_test.rs to make failures easier to diagnose. @@ -35,8 +35,10 @@ All notable changes to this project will be documented in this file. - mod.rs: add OTEL resource attributes (service name/version + optional environment). - otel_metrics.rs: ensure active_keys_count time series exists even when 0. - cron.rs: fall back to default username if hsm_admin is empty. +- Fix regression on KMIP 1.0 (Fresh and InitialDate attributes) (#689) - Fix Linux packaging smoke tests when the host has `/etc/cosmian/kms.toml` present by running with an explicit temp config. - Make OpenTelemetry export tests resilient under FIPS Nix shells by running `curl` in a clean environment (avoid inherited OpenSSL/LD overrides). +- *(ui)* Azure BYOK export (#697) ### ⚙️ Build @@ -44,10 +46,15 @@ All notable changes to this project will be documented in this file. - SBOM generation improvements: - `.github/scripts/nix.sh sbom` strictly validates `--target/--variant/--link`, defaults to generating all combinations, and supports generating a specific server subset. - SBOM tooling runs in an isolated workdir to avoid stray repo-root artifacts, keeps only final `sbom.csv` + `vulns.csv` reports per output directory, and deduplicates CVE rows in-place (via `nix/scripts/dedup_cves.py`, with optional filtering helper `nix/scripts/filter_vulns.py`). +- *(deps)* Bump jsonwebtoken in the cargo group across 1 directory (#702) +- *(deps)* Bump bytes in the cargo group across 1 directory (#703) +- *(deps)* Bump time in the cargo group across 1 directory (#706) +- *(deps)* Bump actix-files in the cargo group across 1 directory (#707) ### 📚 Documentation - Update SBOM documentation to match the generator output layout and behavior. +- Update OpenSSL versions (#713) ## [5.15.0] - 2026-01-21 diff --git a/Cargo.lock b/Cargo.lock index 52b108258..df6b27380 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1101,7 +1101,7 @@ dependencies = [ [[package]] name = "cosmian_kmip" -version = "5.15.0" +version = "5.16.0" dependencies = [ "base64 0.22.1", "bitflags", @@ -1128,7 +1128,7 @@ dependencies = [ [[package]] name = "cosmian_kms_access" -version = "5.15.0" +version = "5.16.0" dependencies = [ "cosmian_kmip", "serde", @@ -1136,7 +1136,7 @@ dependencies = [ [[package]] name = "cosmian_kms_base_hsm" -version = "5.15.0" +version = "5.16.0" dependencies = [ "async-trait", "cosmian_kms_interfaces", @@ -1153,7 +1153,7 @@ dependencies = [ [[package]] name = "cosmian_kms_cli" -version = "5.15.0" +version = "5.16.0" dependencies = [ "assert_cmd", "base64 0.22.1", @@ -1191,7 +1191,7 @@ dependencies = [ [[package]] name = "cosmian_kms_client" -version = "5.15.0" +version = "5.16.0" dependencies = [ "cosmian_crypto_core", "cosmian_http_client", @@ -1207,7 +1207,7 @@ dependencies = [ [[package]] name = "cosmian_kms_client_utils" -version = "5.15.0" +version = "5.16.0" dependencies = [ "base64 0.22.1", "clap", @@ -1226,7 +1226,7 @@ dependencies = [ [[package]] name = "cosmian_kms_client_wasm" -version = "5.15.0" +version = "5.16.0" dependencies = [ "base64 0.22.1", "console_error_panic_hook", @@ -1245,7 +1245,7 @@ dependencies = [ [[package]] name = "cosmian_kms_crypto" -version = "5.15.0" +version = "5.16.0" dependencies = [ "aes-gcm-siv", "aes-kw", @@ -1275,7 +1275,7 @@ dependencies = [ [[package]] name = "cosmian_kms_interfaces" -version = "5.15.0" +version = "5.16.0" dependencies = [ "async-trait", "cosmian_kmip", @@ -1288,7 +1288,7 @@ dependencies = [ [[package]] name = "cosmian_kms_server" -version = "5.15.0" +version = "5.16.0" dependencies = [ "actix-cors", "actix-files", @@ -1343,7 +1343,7 @@ dependencies = [ [[package]] name = "cosmian_kms_server_database" -version = "5.15.0" +version = "5.16.0" dependencies = [ "async-trait", "cosmian_findex", @@ -1516,7 +1516,7 @@ checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5" [[package]] name = "crypt2pay_pkcs11_loader" -version = "5.15.0" +version = "5.16.0" dependencies = [ "cosmian_kms_base_hsm", ] @@ -2824,7 +2824,7 @@ dependencies = [ [[package]] name = "kmip-derive" -version = "5.15.0" +version = "5.16.0" dependencies = [ "quote", "syn", @@ -3901,7 +3901,7 @@ dependencies = [ [[package]] name = "proteccio_pkcs11_loader" -version = "5.15.0" +version = "5.16.0" dependencies = [ "cosmian_kms_base_hsm", ] @@ -4552,7 +4552,7 @@ checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03" [[package]] name = "smartcardhsm_pkcs11_loader" -version = "5.15.0" +version = "5.16.0" dependencies = [ "cosmian_kms_base_hsm", "libloading", @@ -4581,7 +4581,7 @@ dependencies = [ [[package]] name = "softhsm2_pkcs11_loader" -version = "5.15.0" +version = "5.16.0" dependencies = [ "cosmian_kms_base_hsm", "libloading", @@ -4747,7 +4747,7 @@ checksum = "8f50febec83f5ee1df3015341d8bd429f2d1cc62bcba7ea2076759d315084683" [[package]] name = "test_kms_server" -version = "5.15.0" +version = "5.16.0" dependencies = [ "actix-server", "cosmian_kms_client", @@ -5383,7 +5383,7 @@ checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be" [[package]] name = "utimaco_pkcs11_loader" -version = "5.15.0" +version = "5.16.0" dependencies = [ "cosmian_kms_base_hsm", ] diff --git a/Cargo.toml b/Cargo.toml index 769da2b45..5b568478a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -85,7 +85,7 @@ map_err_ignore = "deny" redundant_clone = "deny" [workspace.package] -version = "5.15.0" +version = "5.16.0" edition = "2024" rust-version = "1.87.0" authors = [ diff --git a/README.md b/README.md index ada16b798..c027b57ca 100644 --- a/README.md +++ b/README.md @@ -40,7 +40,7 @@ The **Cosmian KMS** has extensive online [documentation](https://docs.cosmian.co ## 🚀 Quick start -Pre-built binaries [are available](https://package.cosmian.com/kms/5.15.0/) for Linux, MacOS, and Windows, as well as Docker images. To run the server binary, OpenSSL must be available in your path (see "building the KMS" below for details); other binaries do not have this requirement. +Pre-built binaries [are available](https://package.cosmian.com/kms/5.16.0/) for Linux, MacOS, and Windows, as well as Docker images. To run the server binary, OpenSSL must be available in your path (see "building the KMS" below for details); other binaries do not have this requirement. Using Docker to quick-start a Cosmian KMS server on `http://localhost:9998` that stores its data inside the container, run the following command: @@ -513,58 +513,58 @@ The Baseline Server profile (defined in KMIP Profiles v2.1 Section 4.1) requires | Message | Support | | ---------------- | ------: | -| Request Message | ✅ | -| Response Message | ✅ | +| Request Message | ✅ | +| Response Message | ✅ | #### Operations by KMIP Version The following table shows operation support across all KMIP versions. -| Operation | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | -| ---------------------- | :---: | :---: | :---: | :---: | :---: | :---: | :---: | -| Activate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Add Attribute | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Archive | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Cancel | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Certify | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Check | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Create | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Create Key Pair | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Create Split Key | N/A | N/A | ❌ | ❌ | ❌ | ❌ | ❌ | -| Decrypt | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Delete Attribute | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| DeriveKey | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Destroy | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Discover Versions | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Encrypt | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Export | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | -| Get | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Get Attribute List | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Get Attributes | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Get Usage Allocation | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Hash | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Import | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | -| Join Split Key | N/A | N/A | ❌ | ❌ | ❌ | ❌ | ❌ | -| Locate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| MAC | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| MAC Verify | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Notify | N/A | N/A | N/A | N/A | N/A | ❌ | ❌ | -| Obtain Lease | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Poll | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Put | N/A | N/A | N/A | N/A | N/A | ❌ | ❌ | -| Query | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| RNG Retrieve | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| RNG Seed | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Re-certify | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Re-key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Re-key Key Pair | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Recover | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Register | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Revoke | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Set Attribute (Modify) | N/A | N/A | N/A | N/A | N/A | ✅ | ✅ | -| Sign | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Signature Verify | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Validate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Operation | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | +| --------- | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | +| Activate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Add Attribute | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Archive | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Cancel | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Certify | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Check | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Create | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Create Key Pair | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Create Split Key | N/A | N/A | ❌ | ❌ | ❌ | ❌ | ❌ | +| Decrypt | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Delete Attribute | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| DeriveKey | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Destroy | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Discover Versions | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Encrypt | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Export | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | +| Get | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Get Attribute List | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Get Attributes | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Get Usage Allocation | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Hash | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Import | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | +| Join Split Key | N/A | N/A | ❌ | ❌ | ❌ | ❌ | ❌ | +| Locate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| MAC | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| MAC Verify | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Notify | N/A | N/A | N/A | N/A | N/A | ❌ | ❌ | +| Obtain Lease | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Poll | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Put | N/A | N/A | N/A | N/A | N/A | ❌ | ❌ | +| Query | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| RNG Retrieve | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| RNG Seed | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Re-certify | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Re-key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Re-key Key Pair | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Recover | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Register | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Revoke | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Set Attribute (Modify) | N/A | N/A | N/A | N/A | N/A | ✅ | ✅ | +| Sign | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Signature Verify | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Validate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | #### Methodology @@ -579,17 +579,17 @@ If you spot a mismatch or want to extend coverage, please open an issue or PR. The following table shows managed object support across all KMIP versions. -| Managed Object | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | -| -------------- | :---: | :---: | :---: | :---: | :---: | :---: | :---: | -| Certificate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Symmetric Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Split Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Template | 🚫 | 🚫 | 🚫 | 🚫 | 🚫 | N/A | N/A | -| Secret Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Opaque Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| PGP Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Managed Object | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | +| -------------- | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | +| Certificate | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Symmetric Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Split Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Template | 🚫 | 🚫 | 🚫 | 🚫 | 🚫 | N/A | N/A | +| Secret Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Opaque Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| PGP Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | Notes: @@ -601,32 +601,32 @@ Notes: The following table shows base object support across all KMIP versions. -| Base Object | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | -| ---------------------------------------- | :---: | :---: | :---: | :---: | :---: | :---: | :---: | -| Attribute | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Credential | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Key Block | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Key Value | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Key Wrapping Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Key Wrapping Specification | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Transparent Key Structures | ✅ | ✅ | ✅ | ✅ | ✅ | N/A | N/A | -| Template-Attribute Structures | N/A | ✅ | ✅ | ✅ | ✅ | N/A | N/A | -| Server Information | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Extension Information | N/A | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Data Length | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Signature Data | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| MAC Data | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | -| Nonce | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Correlation Value | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| Init Indicator | N/A | N/A | N/A | ✅ | ✅ | ✅ | ✅ | -| Final Indicator | N/A | N/A | N/A | ✅ | ✅ | ✅ | ✅ | -| RNG Parameters | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | -| Profile Information | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | -| Validation Information | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | -| Capability Information | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | -| Authenticated Encryption Additional Data | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | -| Authenticated Encryption Tag | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | +| Base Object | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | +| ----------- | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | +| Attribute | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Credential | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Key Block | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Key Value | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Key Wrapping Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Key Wrapping Specification | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Transparent Key Structures | ✅ | ✅ | ✅ | ✅ | ✅ | N/A | N/A | +| Template-Attribute Structures | N/A | ✅ | ✅ | ✅ | ✅ | N/A | N/A | +| Server Information | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Extension Information | N/A | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| Data | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Data Length | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Signature Data | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| MAC Data | N/A | N/A | ✅ | ✅ | ✅ | ✅ | ✅ | +| Nonce | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Correlation Value | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| Init Indicator | N/A | N/A | N/A | ✅ | ✅ | ✅ | ✅ | +| Final Indicator | N/A | N/A | N/A | ✅ | ✅ | ✅ | ✅ | +| RNG Parameters | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | +| Profile Information | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | +| Validation Information | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | +| Capability Information | N/A | N/A | N/A | ❌ | ❌ | ❌ | ❌ | +| Authenticated Encryption Additional Data | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | +| Authenticated Encryption Tag | N/A | N/A | N/A | N/A | ✅ | ✅ | ✅ | Notes: @@ -638,95 +638,95 @@ Notes: The following table shows transparent key structure support across all KMIP versions. -| Structure | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | -| ----------------- | :---: | :---: | :---: | :---: | :---: | :---: | :---: | -| Symmetric Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| DSA Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| DSA Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| RSA Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| RSA Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| DH Private Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| DH Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | -| EC Private Key | N/A | N/A | N/A | ✅ | ✅ | ✅ | ✅ | -| EC Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | -| ECDSA Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | N/A | N/A | -| ECDSA Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | N/A | N/A | -| ECDH Private Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | -| ECDH Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | -| ECMQV Private Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | -| ECMQV Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | +| Structure | 1.0 | 1.1 | 1.2 | 1.3 | 1.4 | 2.0 | 2.1 | +| --------- | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | :-----: | +| Symmetric Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| DSA Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| DSA Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| RSA Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| RSA Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| DH Private Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| DH Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | ❌ | +| EC Private Key | N/A | N/A | N/A | ✅ | ✅ | ✅ | ✅ | +| EC Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | +| ECDSA Private Key | ✅ | ✅ | ✅ | ✅ | ✅ | N/A | N/A | +| ECDSA Public Key | ✅ | ✅ | ✅ | ✅ | ✅ | N/A | N/A | +| ECDH Private Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | +| ECDH Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | +| ECMQV Private Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | +| ECMQV Public Key | ❌ | ❌ | ❌ | ❌ | ❌ | N/A | N/A | Note: EC/ECDSA support is present; DH/DSA/ECMQV are not implemented. #### Attributes -| Attribute | Current | -| -------------------------------- | ------: | -| Activation Date | ✅ | -| Alternative Name | ✅ | -| Always Sensitive | ✅ | -| Application Specific Information | ✅ | -| Archive Date | ✅ | -| Attribute Index | ✅ | -| Certificate Attributes | ✅ | -| Certificate Length | ✅ | -| Certificate Type | ✅ | -| Comment | ✅ | -| Compromise Date | ✅ | -| Compromise Occurrence Date | ✅ | -| Contact Information | ✅ | -| Critical | ✅ | -| Cryptographic Algorithm | ✅ | -| Cryptographic Domain Parameters | ✅ | -| Cryptographic Length | ✅ | -| Cryptographic Parameters | ✅ | -| Cryptographic Usage Mask | ✅ | -| Deactivation Date | ✅ | -| Description | ✅ | -| Destroy Date | ✅ | -| Digest | ✅ | -| Digital Signature Algorithm | ✅ | -| Extractable | ✅ | -| Fresh | ✅ | -| Initial Date | ✅ | -| Key Format Type | ✅ | -| Key Value Location | ✅ | -| Key Value Present | ✅ | -| Last Change Date | ✅ | -| Lease Time | ✅ | -| Link | ✅ | -| Name | ✅ | -| Never Extractable | ✅ | -| Nist Key Type | ✅ | -| Object Group | ✅ | -| Object Group Member | ✅ | -| Object Type | ✅ | -| Opaque Data Type | ✅ | -| Original Creation Date | ✅ | -| PKCS#12 Friendly Name | ✅ | -| Process Start Date | ✅ | -| Protect Stop Date | ✅ | -| Protection Level | ✅ | -| Protection Period | ✅ | -| Protection Storage Masks | ✅ | -| Quantum Safe | ✅ | -| Random Number Generator | ✅ | -| Revocation Reason | ✅ | -| Rotate Date | ✅ | -| Rotate Generation | ✅ | -| Rotate Interval | ✅ | -| Rotate Latest | ✅ | -| Rotate Name | ✅ | -| Rotate Offset | ✅ | -| Sensitive | ✅ | -| Short Unique Identifier | ✅ | -| State | ✅ | -| Unique Identifier | ✅ | -| Usage Limits | ✅ | -| Vendor Attribute | ✅ | -| X.509 Certificate Identifier | ✅ | -| X.509 Certificate Issuer | ✅ | -| X.509 Certificate Subject | ✅ | +| Attribute | Current | +| --------- | ------: | +| Activation Date | ✅ | +| Alternative Name | ✅ | +| Always Sensitive | ✅ | +| Application Specific Information | ✅ | +| Archive Date | ✅ | +| Attribute Index | ✅ | +| Certificate Attributes | ✅ | +| Certificate Length | ✅ | +| Certificate Type | ✅ | +| Comment | ✅ | +| Compromise Date | ✅ | +| Compromise Occurrence Date | ✅ | +| Contact Information | ✅ | +| Critical | ✅ | +| Cryptographic Algorithm | ✅ | +| Cryptographic Domain Parameters | ✅ | +| Cryptographic Length | ✅ | +| Cryptographic Parameters | ✅ | +| Cryptographic Usage Mask | ✅ | +| Deactivation Date | ✅ | +| Description | ✅ | +| Destroy Date | ✅ | +| Digest | ✅ | +| Digital Signature Algorithm | ✅ | +| Extractable | ✅ | +| Fresh | ✅ | +| Initial Date | ✅ | +| Key Format Type | ✅ | +| Key Value Location | ✅ | +| Key Value Present | ✅ | +| Last Change Date | ✅ | +| Lease Time | ✅ | +| Link | ✅ | +| Name | ✅ | +| Never Extractable | ✅ | +| Nist Key Type | ✅ | +| Object Group | ✅ | +| Object Group Member | ✅ | +| Object Type | ✅ | +| Opaque Data Type | ✅ | +| Original Creation Date | ✅ | +| PKCS#12 Friendly Name | ✅ | +| Process Start Date | ✅ | +| Protect Stop Date | ✅ | +| Protection Level | ✅ | +| Protection Period | ✅ | +| Protection Storage Masks | ✅ | +| Quantum Safe | ✅ | +| Random Number Generator | ✅ | +| Revocation Reason | ✅ | +| Rotate Date | ✅ | +| Rotate Generation | ✅ | +| Rotate Interval | ✅ | +| Rotate Latest | ✅ | +| Rotate Name | ✅ | +| Rotate Offset | ✅ | +| Sensitive | ✅ | +| Short Unique Identifier | ✅ | +| State | ✅ | +| Unique Identifier | ✅ | +| Usage Limits | ✅ | +| Vendor Attribute | ✅ | +| X.509 Certificate Identifier | ✅ | +| X.509 Certificate Issuer | ✅ | +| X.509 Certificate Subject | ✅ | Notes: diff --git a/crate/access/Cargo.toml b/crate/access/Cargo.toml index 795e01032..c91a7d3cb 100644 --- a/crate/access/Cargo.toml +++ b/crate/access/Cargo.toml @@ -21,5 +21,5 @@ doctest = false [features] [dependencies] -cosmian_kmip = { path = "../kmip", version = "5.15.0", default-features = true } +cosmian_kmip = { path = "../kmip", version = "5.16.0", default-features = true } serde = { workspace = true } diff --git a/crate/cli/Cargo.toml b/crate/cli/Cargo.toml index 9a8c87499..bec8c686b 100644 --- a/crate/cli/Cargo.toml +++ b/crate/cli/Cargo.toml @@ -43,9 +43,9 @@ clap = { workspace = true, features = [ "cargo", ] } cosmian_config_utils = { workspace = true } -cosmian_kmip = { path = "../kmip", version = "5.15.0" } # only to be reexported, not used directly -cosmian_kms_client = { path = "../kms_client", version = "5.15.0" } -cosmian_kms_crypto = { path = "../crypto", version = "5.15.0" } +cosmian_kmip = { path = "../kmip", version = "5.16.0" } # only to be reexported, not used directly +cosmian_kms_client = { path = "../kms_client", version = "5.16.0" } +cosmian_kms_crypto = { path = "../crypto", version = "5.16.0" } cosmian_logger = { workspace = true } cosmian_crypto_core = { workspace = true, default-features = false } der = { workspace = true, features = ["pem"] } diff --git a/crate/client_utils/Cargo.toml b/crate/client_utils/Cargo.toml index 8a8151146..a30180dc6 100644 --- a/crate/client_utils/Cargo.toml +++ b/crate/client_utils/Cargo.toml @@ -26,8 +26,8 @@ non-fips = ["cosmian_kmip/non-fips"] base64 = { workspace = true } clap = { workspace = true, features = ["std", "derive"] } cosmian_config_utils = { workspace = true } -cosmian_kmip = { path = "../kmip", version = "5.15.0" } -cosmian_kms_access = { path = "../access", version = "5.15.0" } +cosmian_kmip = { path = "../kmip", version = "5.16.0" } +cosmian_kms_access = { path = "../access", version = "5.16.0" } cosmian_logger = { workspace = true } pem = { workspace = true } serde = { workspace = true } diff --git a/crate/crypto/Cargo.toml b/crate/crypto/Cargo.toml index 2f34aca75..af3ac2d1e 100644 --- a/crate/crypto/Cargo.toml +++ b/crate/crypto/Cargo.toml @@ -39,7 +39,7 @@ argon2 = { version = "0.5", optional = true } base64 = { workspace = true } cosmian_cover_crypt = { version = "16.0.0", optional = true } cosmian_crypto_core = { workspace = true, features = ["aes", "sha3"] } -cosmian_kmip = { path = "../kmip", version = "5.15.0" } +cosmian_kmip = { path = "../kmip", version = "5.16.0" } cosmian_logger = { workspace = true } hex = { workspace = true } num-bigint-dig = { workspace = true, features = [ diff --git a/crate/hsm/base_hsm/Cargo.toml b/crate/hsm/base_hsm/Cargo.toml index 4b19ae3cc..96993eeff 100644 --- a/crate/hsm/base_hsm/Cargo.toml +++ b/crate/hsm/base_hsm/Cargo.toml @@ -18,7 +18,7 @@ doctest = false [dependencies] async-trait = { workspace = true } -cosmian_kms_interfaces = { path = "../../interfaces", version = "5.15.0" } +cosmian_kms_interfaces = { path = "../../interfaces", version = "5.16.0" } cosmian_logger = { workspace = true } futures = { workspace = true } libloading = { workspace = true } diff --git a/crate/hsm/crypt2pay/Cargo.toml b/crate/hsm/crypt2pay/Cargo.toml index 77917b4e1..8c6db6541 100644 --- a/crate/hsm/crypt2pay/Cargo.toml +++ b/crate/hsm/crypt2pay/Cargo.toml @@ -17,7 +17,7 @@ workspace = true doctest = false [dependencies] -cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.15.0" } +cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.16.0" } [dev-dependencies] diff --git a/crate/hsm/proteccio/Cargo.toml b/crate/hsm/proteccio/Cargo.toml index f7817657c..3bce66bf5 100644 --- a/crate/hsm/proteccio/Cargo.toml +++ b/crate/hsm/proteccio/Cargo.toml @@ -17,7 +17,7 @@ workspace = true doctest = false [dependencies] -cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.15.0" } +cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.16.0" } [dev-dependencies] diff --git a/crate/hsm/smartcardhsm/Cargo.toml b/crate/hsm/smartcardhsm/Cargo.toml index 824e242e1..948c2d1e6 100644 --- a/crate/hsm/smartcardhsm/Cargo.toml +++ b/crate/hsm/smartcardhsm/Cargo.toml @@ -17,7 +17,7 @@ workspace = true doctest = false [dependencies] -cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.15.0" } +cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.16.0" } [dev-dependencies] libloading = { workspace = true } diff --git a/crate/hsm/softhsm2/Cargo.toml b/crate/hsm/softhsm2/Cargo.toml index 9150f05d2..c06d8092b 100644 --- a/crate/hsm/softhsm2/Cargo.toml +++ b/crate/hsm/softhsm2/Cargo.toml @@ -17,7 +17,7 @@ workspace = true doctest = false [dependencies] -cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.15.0" } +cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.16.0" } [dev-dependencies] libloading = { workspace = true } diff --git a/crate/hsm/utimaco/Cargo.toml b/crate/hsm/utimaco/Cargo.toml index 4bd992151..41222c965 100644 --- a/crate/hsm/utimaco/Cargo.toml +++ b/crate/hsm/utimaco/Cargo.toml @@ -17,7 +17,7 @@ workspace = true doctest = false [dependencies] -cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.15.0" } +cosmian_kms_base_hsm = { path = "../base_hsm", version = "5.16.0" } [dev-dependencies] diff --git a/crate/interfaces/Cargo.toml b/crate/interfaces/Cargo.toml index 2f424d933..992f62d27 100644 --- a/crate/interfaces/Cargo.toml +++ b/crate/interfaces/Cargo.toml @@ -18,7 +18,7 @@ doctest = false [dependencies] async-trait = { workspace = true } -cosmian_kmip = { path = "../kmip", version = "5.15.0" } +cosmian_kmip = { path = "../kmip", version = "5.16.0" } cosmian_logger = { workspace = true } num-bigint-dig = { workspace = true, features = [ "std", diff --git a/crate/kmip/Cargo.toml b/crate/kmip/Cargo.toml index ec613671e..2f8d6fcf0 100644 --- a/crate/kmip/Cargo.toml +++ b/crate/kmip/Cargo.toml @@ -30,7 +30,7 @@ base64 = { workspace = true } bitflags = { workspace = true } cosmian_logger = { workspace = true } hex = { workspace = true, features = ["std"] } -kmip-derive = { path = "../kmip-derive", version = "5.15.0" } +kmip-derive = { path = "../kmip-derive", version = "5.16.0" } leb128 = { workspace = true } num-bigint-dig = { workspace = true, features = [ "std", diff --git a/crate/kms_client/Cargo.toml b/crate/kms_client/Cargo.toml index c3941746a..b9c7e501f 100644 --- a/crate/kms_client/Cargo.toml +++ b/crate/kms_client/Cargo.toml @@ -24,7 +24,7 @@ non-fips = ["cosmian_kms_client_utils/non-fips"] [dependencies] cosmian_crypto_core = { workspace = true } cosmian_http_client = "0.7" -cosmian_kms_client_utils = { path = "../client_utils", version = "5.15.0" } +cosmian_kms_client_utils = { path = "../client_utils", version = "5.16.0" } cosmian_logger = { workspace = true } der = { workspace = true } pem = { workspace = true } diff --git a/crate/server/Cargo.toml b/crate/server/Cargo.toml index 2963797af..99bb75f6c 100644 --- a/crate/server/Cargo.toml +++ b/crate/server/Cargo.toml @@ -70,11 +70,11 @@ clap = { workspace = true, features = [ "derive", "cargo", ] } -cosmian_kms_access = { path = "../access", version = "5.15.0" } -cosmian_kms_base_hsm = { path = "../hsm/base_hsm", version = "5.15.0" } -cosmian_kms_server_database = { path = "../server_database", version = "5.15.0" } +cosmian_kms_access = { path = "../access", version = "5.16.0" } +cosmian_kms_base_hsm = { path = "../hsm/base_hsm", version = "5.16.0" } +cosmian_kms_server_database = { path = "../server_database", version = "5.16.0" } cosmian_logger = { workspace = true, features = ["full"] } -crypt2pay_pkcs11_loader = { path = "../hsm/crypt2pay", version = "5.15.0" } +crypt2pay_pkcs11_loader = { path = "../hsm/crypt2pay", version = "5.16.0" } dotenvy = "0.15" futures = { workspace = true } hex = { workspace = true, features = ["serde"] } @@ -90,7 +90,7 @@ opentelemetry = { workspace = true } opentelemetry-otlp = { workspace = true } opentelemetry_sdk = { workspace = true } pem = { workspace = true } -proteccio_pkcs11_loader = { path = "../hsm/proteccio", version = "5.15.0" } +proteccio_pkcs11_loader = { path = "../hsm/proteccio", version = "5.16.0" } reqwest = { workspace = true, features = [ # Remove "default" which includes rustls "json", @@ -99,8 +99,8 @@ reqwest = { workspace = true, features = [ ] } serde = { workspace = true } serde_json = { workspace = true } -softhsm2_pkcs11_loader = { path = "../hsm/softhsm2", version = "5.15.0" } -smartcardhsm_pkcs11_loader = { path = "../hsm/smartcardhsm", version = "5.15.0" } +softhsm2_pkcs11_loader = { path = "../hsm/softhsm2", version = "5.16.0" } +smartcardhsm_pkcs11_loader = { path = "../hsm/smartcardhsm", version = "5.16.0" } strum = { workspace = true, features = ["std", "derive", "strum_macros"] } thiserror = { workspace = true } time = { workspace = true, features = ["local-offset", "formatting"] } @@ -108,15 +108,15 @@ tokio = { workspace = true, features = ["full"] } toml = "0.8" tracing = { workspace = true } url = { workspace = true } -utimaco_pkcs11_loader = { path = "../hsm/utimaco", version = "5.15.0" } +utimaco_pkcs11_loader = { path = "../hsm/utimaco", version = "5.16.0" } uuid = { workspace = true, features = ["v4"] } x509-parser = { workspace = true } zeroize = { workspace = true } [dev-dependencies] actix-http = "3.10" -cosmian_kms_client_utils = { path = "../client_utils", version = "5.15.0" } -cosmian_kms_interfaces = { path = "../interfaces", version = "5.15.0" } +cosmian_kms_client_utils = { path = "../client_utils", version = "5.16.0" } +cosmian_kms_interfaces = { path = "../interfaces", version = "5.16.0" } native-tls = { workspace = true } pem = { workspace = true } diff --git a/crate/server_database/Cargo.toml b/crate/server_database/Cargo.toml index f1a782a83..bf35a78bd 100644 --- a/crate/server_database/Cargo.toml +++ b/crate/server_database/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "cosmian_kms_server_database" -version = "5.15.0" +version = "5.16.0" authors.workspace = true categories.workspace = true edition.workspace = true @@ -30,9 +30,9 @@ interop = ["cosmian_kmip/interop"] [dependencies] async-trait = { workspace = true } -cosmian_kmip = { path = "../kmip", version = "5.15.0" } -cosmian_kms_crypto = { path = "../crypto", version = "5.15.0" } -cosmian_kms_interfaces = { path = "../interfaces", version = "5.15.0" } +cosmian_kmip = { path = "../kmip", version = "5.16.0" } +cosmian_kms_crypto = { path = "../crypto", version = "5.16.0" } +cosmian_kms_interfaces = { path = "../interfaces", version = "5.16.0" } cosmian_findex = { version = "8.0.2", optional = true } cosmian_logger = { workspace = true } cosmian_sse_memories = { version = "8.0.2", optional = true } diff --git a/crate/test_kms_server/Cargo.toml b/crate/test_kms_server/Cargo.toml index 73273a00c..5756d6084 100644 --- a/crate/test_kms_server/Cargo.toml +++ b/crate/test_kms_server/Cargo.toml @@ -27,10 +27,10 @@ harness = false [dependencies] actix-server = { workspace = true } -cosmian_kms_client = { path = "../kms_client", version = "5.15.0" } +cosmian_kms_client = { path = "../kms_client", version = "5.16.0" } cosmian_kms_server = { path = "../server", features = [ "insecure", -], version = "5.15.0" } +], version = "5.16.0" } cosmian_logger = { workspace = true } serde_json = { workspace = true } time = { workspace = true } diff --git a/crate/wasm/Cargo.toml b/crate/wasm/Cargo.toml index 5eef16fc1..b70bb03e0 100644 --- a/crate/wasm/Cargo.toml +++ b/crate/wasm/Cargo.toml @@ -26,7 +26,7 @@ default = ["getrandom/js"] [dependencies] base64 = { workspace = true } -cosmian_kms_client_utils = { path = "../client_utils", version = "5.15.0" } +cosmian_kms_client_utils = { path = "../client_utils", version = "5.16.0" } getrandom = { version = "0.2", features = ["js"], optional = true } js-sys = "0.3.77" pem = { workspace = true } diff --git a/documentation/docs/fips.md b/documentation/docs/fips.md index fff8f3224..b3c777db9 100644 --- a/documentation/docs/fips.md +++ b/documentation/docs/fips.md @@ -16,7 +16,7 @@ The OpenSSL FIPS provider is certified under when used on Red Hat Enterprise Linux 9 (RHEL 9) Cosmian -produces [pre-built Ubuntu 22.04 FIPS mode binaries](https://package.cosmian.com/kms/5.15.0/ubuntu-22.04/) +produces [pre-built Debian based Linux packages](https://package.cosmian.com/kms/5.16.0/deb/) and docker containers of the KMS (on gcr.io). By default, the Cosmian KMS is built with FIPS compliance enabled. diff --git a/documentation/docs/index.md b/documentation/docs/index.md index d3c0523ed..ccaeb46df 100644 --- a/documentation/docs/index.md +++ b/documentation/docs/index.md @@ -66,9 +66,9 @@ See the complete [supported algorithms list](./algorithms.md). The **Cosmian KMS** is available as: -- Linux packages: [Debian](https://package.cosmian.com/kms/5.15.0/debian/) or [RPM](https://package.cosmian.com/kms/5.15.0/rpm/) -- Windows installer: [Windows](https://package.cosmian.com/kms/5.15.0/windows/) -- macOS installer: [macOS](https://package.cosmian.com/kms/5.15.0/dmg/) +- Linux packages: [Debian](https://package.cosmian.com/kms/5.16.0/debian/) or [RPM](https://package.cosmian.com/kms/5.16.0/rpm/) +- Windows installer: [Windows](https://package.cosmian.com/kms/5.16.0/windows/) +- macOS installer: [macOS](https://package.cosmian.com/kms/5.16.0/dmg/) - Docker: [Standard image](https://github.com/Cosmian/kms/pkgs/container/kms) and [FIPS image](https://github.com/Cosmian/kms/pkgs/container/kms) ## User Interface @@ -84,5 +84,5 @@ The [Cosmian CLI](../cosmian_cli/index.md) provides a powerful command-line inte The **[Cosmian CLI](../cosmian_cli/index.md)** is packaged as: -- [Debian](https://package.cosmian.com/kms/5.15.0/ubuntu-22.04/) or [RPM](https://package.cosmian.com/kms/5.15.0/rockylinux9/) package +- [Debian](https://package.cosmian.com/kms/5.16.0/ubuntu-22.04/) or [RPM](https://package.cosmian.com/kms/5.16.0/rockylinux9/) package - [Pre-built binaries](https://package.cosmian.com/cli/) for Linux, Windows, and macOS diff --git a/documentation/docs/installation/installation_getting_started.md b/documentation/docs/installation/installation_getting_started.md index a66552402..3c275ccd4 100644 --- a/documentation/docs/installation/installation_getting_started.md +++ b/documentation/docs/installation/installation_getting_started.md @@ -58,16 +58,16 @@ For high availability and scalability, refer to the [High Availability Guide](./ ```sh sudo apt update && sudo apt install -y wget # Standard build (non-FIPS, static OpenSSL) - wget https://package.cosmian.com/kms/5.15.0/deb/amd64/non-fips/static/cosmian-kms-server-non-fips-static-openssl_5.15.0_amd64.deb - sudo apt install ./cosmian-kms-server-non-fips-static-openssl_5.15.0_amd64.deb + wget https://package.cosmian.com/kms/5.16.0/deb/amd64/non-fips/static/cosmian-kms-server-non-fips-static-openssl_5.16.0_amd64.deb + sudo apt install ./cosmian-kms-server-non-fips-static-openssl_5.16.0_amd64.deb sudo cosmian_kms --version ``` Or install the FIPS build: ```sh - wget https://package.cosmian.com/kms/5.15.0/deb/amd64/fips/static/cosmian-kms-server-fips-static-openssl_5.15.0_amd64.deb - sudo apt install ./cosmian-kms-server-fips-static-openssl_5.15.0_amd64.deb + wget https://package.cosmian.com/kms/5.16.0/deb/amd64/fips/static/cosmian-kms-server-fips-static-openssl_5.16.0_amd64.deb + sudo apt install ./cosmian-kms-server-fips-static-openssl_5.16.0_amd64.deb sudo cosmian_kms --version ``` @@ -87,8 +87,8 @@ For high availability and scalability, refer to the [High Availability Guide](./ ```sh sudo dnf update && sudo dnf install -y wget - wget https://package.cosmian.com/kms/5.15.0/rpm/amd64/non-fips/static/cosmian-kms-server-non-fips-static-openssl_5.15.0_x86_64.rpm - sudo dnf install ./cosmian-kms-server-non-fips-static-openssl_5.15.0_x86_64.rpm + wget https://package.cosmian.com/kms/5.16.0/rpm/amd64/non-fips/static/cosmian-kms-server-non-fips-static-openssl_5.16.0_x86_64.rpm + sudo dnf install ./cosmian-kms-server-non-fips-static-openssl_5.16.0_x86_64.rpm sudo cosmian_kms --version ``` @@ -108,12 +108,12 @@ For high availability and scalability, refer to the [High Availability Guide](./ - Apple Silicon (ARM64): ```sh - open "https://package.cosmian.com/kms/5.15.0/dmg/arm64/non-fips/static/cosmian-kms-server-non-fips-static-openssl-5.15.0_arm64.dmg" + open "https://package.cosmian.com/kms/5.16.0/dmg/arm64/non-fips/static/cosmian-kms-server-non-fips-static-openssl-5.16.0_arm64.dmg" ``` Then drag-and-drop the app to Applications or follow the DMG instructions. - Note: The 5.15.0 DMG is provided for Apple Silicon (ARM64). + Note: The 5.16.0 DMG is provided for Apple Silicon (ARM64). After installation, run: @@ -134,18 +134,18 @@ Available dynamic packages for Debian-based distributions: ```sh # Non-FIPS dynamic (OpenSSL linked dynamically) - wget https://package.cosmian.com/kms/5.15.0/deb/amd64/non-fips/dynamic/cosmian-kms-server-non-fips-dynamic-openssl_5.15.0_amd64.deb + wget https://package.cosmian.com/kms/5.16.0/deb/amd64/non-fips/dynamic/cosmian-kms-server-non-fips-dynamic-openssl_5.16.0_amd64.deb # FIPS dynamic - wget https://package.cosmian.com/kms/5.15.0/deb/amd64/fips/dynamic/cosmian-kms-server-fips-dynamic-openssl_5.15.0_amd64.deb + wget https://package.cosmian.com/kms/5.16.0/deb/amd64/fips/dynamic/cosmian-kms-server-fips-dynamic-openssl_5.16.0_amd64.deb ``` Available dynamic packages for Rocky Linux: ```sh # Non-FIPS dynamic - wget https://package.cosmian.com/kms/5.15.0/rpm/amd64/non-fips/dynamic/cosmian-kms-server-non-fips-dynamic-openssl_5.15.0_x86_64.rpm + wget https://package.cosmian.com/kms/5.16.0/rpm/amd64/non-fips/dynamic/cosmian-kms-server-non-fips-dynamic-openssl_5.16.0_x86_64.rpm # FIPS dynamic - wget https://package.cosmian.com/kms/5.15.0/rpm/amd64/fips/dynamic/cosmian-kms-server-fips-dynamic-openssl_5.15.0_x86_64.rpm + wget https://package.cosmian.com/kms/5.16.0/rpm/amd64/fips/dynamic/cosmian-kms-server-fips-dynamic-openssl_5.16.0_x86_64.rpm ``` To use custom OpenSSL with dynamic builds, install or place the desired OpenSSL @@ -156,7 +156,7 @@ shared libraries here: `/usr/local/cosmian/lib/ossl-modules`. On Windows, download the NSIS installer: ```sh - https://package.cosmian.com/kms/5.15.0/windows/x86_64/non-fips/static-openssl/cosmian-kms-server-non-fips-static-openssl_5.15.0_x86_64.exe + https://package.cosmian.com/kms/5.16.0/windows/x86_64/non-fips/static-openssl/cosmian-kms-server-non-fips-static-openssl_5.16.0_x86_64.exe ``` Run the installer to install Cosmian KMS Server. The installer will: diff --git a/documentation/docs/installation/marketplace_guide.md b/documentation/docs/installation/marketplace_guide.md index 81291923f..28f33a27d 100644 --- a/documentation/docs/installation/marketplace_guide.md +++ b/documentation/docs/installation/marketplace_guide.md @@ -146,7 +146,7 @@ journalctl -u cosmian_vm_agent ```console $ curl --insecure https://${COSMIAN_VM_IP_ADDR}/version -"5.15.0" +"5.16.0" ``` !!! info "Why `--allow-insecure-tls` and `--insecure` flags?" diff --git a/nix/expected-hashes/server.vendor.dynamic.darwin.sha256 b/nix/expected-hashes/server.vendor.dynamic.darwin.sha256 index ee18c7d46..0305183ad 100644 --- a/nix/expected-hashes/server.vendor.dynamic.darwin.sha256 +++ b/nix/expected-hashes/server.vendor.dynamic.darwin.sha256 @@ -1 +1 @@ -sha256-VOviS9AGurZ+lTQBq4Qp8GobQAlEd0ngaVnK3q/jStU= +sha256-+DYJfXhD2Giyl2o1uxR25ROA53OAJJNna9qqVKAVZI4= diff --git a/nix/expected-hashes/server.vendor.dynamic.linux.sha256 b/nix/expected-hashes/server.vendor.dynamic.linux.sha256 index ee18c7d46..0305183ad 100644 --- a/nix/expected-hashes/server.vendor.dynamic.linux.sha256 +++ b/nix/expected-hashes/server.vendor.dynamic.linux.sha256 @@ -1 +1 @@ -sha256-VOviS9AGurZ+lTQBq4Qp8GobQAlEd0ngaVnK3q/jStU= +sha256-+DYJfXhD2Giyl2o1uxR25ROA53OAJJNna9qqVKAVZI4= diff --git a/nix/expected-hashes/server.vendor.static.darwin.sha256 b/nix/expected-hashes/server.vendor.static.darwin.sha256 index 35544054d..0cedc69a8 100644 --- a/nix/expected-hashes/server.vendor.static.darwin.sha256 +++ b/nix/expected-hashes/server.vendor.static.darwin.sha256 @@ -1 +1 @@ -sha256-joXkoZXq7sd9ZsrsFl+u3OoWgrxeo6P5ZnnRCIhIc+Y= +sha256-V5+NHKyip12NH/r/YEf93D7WheAjLmcCnRwvDCay1Xo= diff --git a/nix/expected-hashes/server.vendor.static.linux.sha256 b/nix/expected-hashes/server.vendor.static.linux.sha256 index 35544054d..0cedc69a8 100644 --- a/nix/expected-hashes/server.vendor.static.linux.sha256 +++ b/nix/expected-hashes/server.vendor.static.linux.sha256 @@ -1 +1 @@ -sha256-joXkoZXq7sd9ZsrsFl+u3OoWgrxeo6P5ZnnRCIhIc+Y= +sha256-V5+NHKyip12NH/r/YEf93D7WheAjLmcCnRwvDCay1Xo= diff --git a/nix/expected-hashes/ui.npm.sha256 b/nix/expected-hashes/ui.npm.sha256 index 6c719cf8a..71b1b6f13 100644 --- a/nix/expected-hashes/ui.npm.sha256 +++ b/nix/expected-hashes/ui.npm.sha256 @@ -1 +1 @@ -sha256-Rt1T63aVW+FUnt0U2vJ4Rm6VEKR+ydJjZcdI/1FP/fk= +sha256-IPpS9UIY6okvQnBzY4baucZdjYI/+1T1AEKvCuznxbw= diff --git a/nix/expected-hashes/ui.vendor.fips.sha256 b/nix/expected-hashes/ui.vendor.fips.sha256 index 60ba50e8b..346dd6ec2 100644 --- a/nix/expected-hashes/ui.vendor.fips.sha256 +++ b/nix/expected-hashes/ui.vendor.fips.sha256 @@ -1 +1 @@ -sha256-ivbjRXYSny5G7dJWLpD4whpQS5WU8E/3G31GPzM18fE= +sha256-JkEdNhGqWv+725oQpBn7j4tpF7KHsOcPD+7mR2c7A3c= diff --git a/nix/expected-hashes/ui.vendor.non-fips.sha256 b/nix/expected-hashes/ui.vendor.non-fips.sha256 index 3cc1420cb..1c0e930e7 100644 --- a/nix/expected-hashes/ui.vendor.non-fips.sha256 +++ b/nix/expected-hashes/ui.vendor.non-fips.sha256 @@ -1 +1 @@ -sha256-by3J2vhfl2iZg/Cvmdcxuf7GLZvbOi6TobAxhQAffog= +sha256-Mrj/N3GNtZtH+SqKqJdYh4hTgmBKN7tEp3OZGMwTHGI= diff --git a/sbom/openssl/bom.cdx.json b/sbom/openssl/bom.cdx.json index 13554147e..648d8512b 100644 --- a/sbom/openssl/bom.cdx.json +++ b/sbom/openssl/bom.cdx.json @@ -2,9 +2,9 @@ "bomFormat": "CycloneDX", "specVersion": "1.4", "version": 1, - "serialNumber": "urn:uuid:f497ef10-ffa6-434c-aada-c01bed2b02e6", + "serialNumber": "urn:uuid:cda70178-7926-47f0-b9f4-0cf47d59261a", "metadata": { - "timestamp": "2026-02-12T07:12:46.108143+01:00", + "timestamp": "2026-02-15T14:15:23.106209+01:00", "properties": [ { "name": "sbom_type", @@ -20,7 +20,7 @@ ], "component": { "type": "library", - "bom-ref": "/nix/store/crzlbjvcnf843yy99icdf6dgbzfhrn8w-openssl-3.1.2.drv", + "bom-ref": "/nix/store/fha0ddf9ccafwypn871r17w0216wmkr1-openssl-3.1.2.drv", "name": "openssl", "version": "3.1.2", "purl": "pkg:nix/openssl@3.1.2", @@ -28,11 +28,11 @@ "properties": [ { "name": "nix:output_path", - "value": "/nix/store/jp0by8s94570i76bxgx30j941kx7c3jv-openssl-3.1.2" + "value": "/nix/store/6w5ixffqmjdbgz79v9f6ahqhc790x0ks-openssl-3.1.2" }, { "name": "nix:drv_path", - "value": "/nix/store/crzlbjvcnf843yy99icdf6dgbzfhrn8w-openssl-3.1.2.drv" + "value": "/nix/store/fha0ddf9ccafwypn871r17w0216wmkr1-openssl-3.1.2.drv" } ] } @@ -110,7 +110,7 @@ "ref": "/nix/store/f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv" }, { - "ref": "/nix/store/crzlbjvcnf843yy99icdf6dgbzfhrn8w-openssl-3.1.2.drv", + "ref": "/nix/store/fha0ddf9ccafwypn871r17w0216wmkr1-openssl-3.1.2.drv", "dependsOn": [ "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv" ] diff --git a/sbom/openssl/bom.spdx.json b/sbom/openssl/bom.spdx.json index d90a1a330..c05cc5a59 100644 --- a/sbom/openssl/bom.spdx.json +++ b/sbom/openssl/bom.spdx.json @@ -2,10 +2,10 @@ "spdxVersion": "SPDX-2.3", "dataLicense": "CC0-1.0", "SPDXID": "SPDXRef-DOCUMENT", - "name": "SPDXRef-nix-store-crzlbjvcnf843yy99icdf6dgbzfhrn8w-openssl-3.1.2.drv", - "documentNamespace": "sbomnix://ba64a1be-6ce1-4d1d-b02c-ce429be62673", + "name": "SPDXRef-nix-store-fha0ddf9ccafwypn871r17w0216wmkr1-openssl-3.1.2.drv", + "documentNamespace": "sbomnix://24994676-efc3-42a6-96d5-b4eda44a28da", "creationInfo": { - "created": "2026-02-12T07:12:46.772063+01:00", + "created": "2026-02-15T14:15:24.025486+01:00", "creators": [ "Tool: sbomnix-1.7.3" ] @@ -77,7 +77,7 @@ }, { "name": "openssl", - "SPDXID": "SPDXRef-nix-store-crzlbjvcnf843yy99icdf6dgbzfhrn8w-openssl-3.1.2.drv", + "SPDXID": "SPDXRef-nix-store-fha0ddf9ccafwypn871r17w0216wmkr1-openssl-3.1.2.drv", "versionInfo": "3.1.2", "downloadLocation": "NOASSERTION", "licenseConcluded": "NOASSERTION", @@ -109,7 +109,7 @@ "relatedSpdxElement": "SPDXRef-nix-store-f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv" }, { - "spdxElementId": "SPDXRef-nix-store-crzlbjvcnf843yy99icdf6dgbzfhrn8w-openssl-3.1.2.drv", + "spdxElementId": "SPDXRef-nix-store-fha0ddf9ccafwypn871r17w0216wmkr1-openssl-3.1.2.drv", "relationshipType": "DEPENDS_ON", "relatedSpdxElement": "SPDXRef-nix-store-9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv" } diff --git a/sbom/openssl/meta.json b/sbom/openssl/meta.json index adf43a9c2..5f6865a9e 100644 --- a/sbom/openssl/meta.json +++ b/sbom/openssl/meta.json @@ -3,8 +3,8 @@ "build": { "variant": "fips", "derivation": "openssl312", - "output_path": "/nix/store/jp0by8s94570i76bxgx30j941kx7c3jv-openssl-3.1.2", - "timestamp": "2026-02-12T06:13:04Z", + "output_path": "/nix/store/6w5ixffqmjdbgz79v9f6ahqhc790x0ks-openssl-3.1.2", + "timestamp": "2026-02-15T13:16:25Z", "generator": { "tool": "sbomnix", "version": "1.7.3" diff --git a/sbom/openssl/vulns.csv b/sbom/openssl/vulns.csv index 75f87c97f..2d091c752 100644 --- a/sbom/openssl/vulns.csv +++ b/sbom/openssl/vulns.csv @@ -1,12 +1,13 @@ "vuln_id","url","package","version_local","severity","grype","osv","vulnix","sum","sortcol" +"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770854400" "RHSA-2026:0794","https://osv.dev/RHSA-2026:0794","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.1.2","","0","1","0","1","2026A1770768000" "USN-7980-1","https://osv.dev/USN-7980-1","openssl","3.1.2","","0","1","0","1","2026A1770681600" "USN-6409-1","https://osv.dev/USN-6409-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-1","https://osv.dev/USN-6541-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" @@ -19,7 +20,6 @@ "USN-7634-1","https://osv.dev/USN-7634-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-7760-1","https://osv.dev/USN-7760-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-8005-1","https://osv.dev/USN-8005-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" -"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770595200" "CGA-4r5h-8hvp-w6xm","https://osv.dev/CGA-4r5h-8hvp-w6xm","openssl","3.1.2","","0","1","0","1","2026A1770249600" "CGA-9vjv-2q8r-rw73","https://osv.dev/CGA-9vjv-2q8r-rw73","openssl","3.1.2","","0","1","0","1","2026A1770249600" "RLSA-2021:1024","https://osv.dev/RLSA-2021:1024","openssl","3.1.2","","0","1","0","1","2026A1770249600" diff --git a/sbom/server/fips/dynamic/bom.cdx.json b/sbom/server/fips/dynamic/bom.cdx.json index 9bd55eda6..706d52f14 100644 --- a/sbom/server/fips/dynamic/bom.cdx.json +++ b/sbom/server/fips/dynamic/bom.cdx.json @@ -2,9 +2,9 @@ "bomFormat": "CycloneDX", "specVersion": "1.4", "version": 1, - "serialNumber": "urn:uuid:24c6d7a6-cdca-4a09-9799-24d8acd908c4", + "serialNumber": "urn:uuid:6c339dee-cc13-4849-9c91-8808c3692a99", "metadata": { - "timestamp": "2026-02-12T07:13:22.927788+01:00", + "timestamp": "2026-02-15T14:34:42.385921+01:00", "properties": [ { "name": "sbom_type", @@ -20,19 +20,19 @@ ], "component": { "type": "library", - "bom-ref": "/nix/store/jhxpdvqsh5v3jwfkfc27307jjj3nrhi3-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", + "bom-ref": "/nix/store/hcc1i493434q9wriv6cycgli74yy1j6h-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", "name": "cosmian-kms-server-dynamic-rebuild-1", - "version": "5.15.0", - "purl": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.15.0", - "cpe": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.15.0:*:*:*:*:*:*:*", + "version": "5.16.0", + "purl": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.16.0", + "cpe": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.16.0:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", - "value": "/nix/store/4khk99768xj54lmgycv5nyiwzp2cgc7j-cosmian-kms-server-dynamic-rebuild-1-5.15.0" + "value": "/nix/store/sw1q49nbj2dp484qq8gji8aq59z3z20h-cosmian-kms-server-dynamic-rebuild-1-5.16.0" }, { "name": "nix:drv_path", - "value": "/nix/store/jhxpdvqsh5v3jwfkfc27307jjj3nrhi3-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv" + "value": "/nix/store/hcc1i493434q9wriv6cycgli74yy1j6h-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv" } ] } @@ -94,7 +94,7 @@ }, { "type": "library", - "bom-ref": "/nix/store/85lvwfgnpdbkppfalflqcd067jxbhl0c-openssl-3.1.2.drv", + "bom-ref": "/nix/store/ziagfxa8arz406r32rqn0dllbk9aia1v-openssl-3.1.2.drv", "name": "openssl", "version": "3.1.2", "purl": "pkg:nix/openssl@3.1.2", @@ -102,11 +102,11 @@ "properties": [ { "name": "nix:output_path", - "value": "/nix/store/gadgj85i4b9c8i9vgg1b1xh8a6bw71az-openssl-3.1.2" + "value": "/nix/store/q4cy8l5brp85ggx69wd4aakvjs0d007s-openssl-3.1.2" }, { "name": "nix:drv_path", - "value": "/nix/store/85lvwfgnpdbkppfalflqcd067jxbhl0c-openssl-3.1.2.drv" + "value": "/nix/store/ziagfxa8arz406r32rqn0dllbk9aia1v-openssl-3.1.2.drv" } ] }, @@ -131,10 +131,10 @@ ], "dependencies": [ { - "ref": "/nix/store/jhxpdvqsh5v3jwfkfc27307jjj3nrhi3-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", + "ref": "/nix/store/hcc1i493434q9wriv6cycgli74yy1j6h-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", "dependsOn": [ "/nix/store/74hh5shwd63bla2yyhq17c2irx1y528w-openssl-3.6.0.drv", - "/nix/store/85lvwfgnpdbkppfalflqcd067jxbhl0c-openssl-3.1.2.drv" + "/nix/store/ziagfxa8arz406r32rqn0dllbk9aia1v-openssl-3.1.2.drv" ] }, { @@ -153,7 +153,7 @@ "ref": "/nix/store/f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv" }, { - "ref": "/nix/store/85lvwfgnpdbkppfalflqcd067jxbhl0c-openssl-3.1.2.drv", + "ref": "/nix/store/ziagfxa8arz406r32rqn0dllbk9aia1v-openssl-3.1.2.drv", "dependsOn": [ "/nix/store/9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv" ] diff --git a/sbom/server/fips/dynamic/bom.spdx.json b/sbom/server/fips/dynamic/bom.spdx.json index 6e5ec61e8..daa02d148 100644 --- a/sbom/server/fips/dynamic/bom.spdx.json +++ b/sbom/server/fips/dynamic/bom.spdx.json @@ -2,10 +2,10 @@ "spdxVersion": "SPDX-2.3", "dataLicense": "CC0-1.0", "SPDXID": "SPDXRef-DOCUMENT", - "name": "SPDXRef-nix-store-jhxpdvqsh5v3jwfkfc27307jjj3nrhi3-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", - "documentNamespace": "sbomnix://c5d2c0ff-e1bf-44e6-b10d-7537b0936cb8", + "name": "SPDXRef-nix-store-hcc1i493434q9wriv6cycgli74yy1j6h-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", + "documentNamespace": "sbomnix://6e0a5878-a45a-4af4-a034-345e54938ecc", "creationInfo": { - "created": "2026-02-12T07:13:23.707837+01:00", + "created": "2026-02-15T14:34:43.175042+01:00", "creators": [ "Tool: sbomnix-1.7.3" ] @@ -14,8 +14,8 @@ "packages": [ { "name": "cosmian-kms-server-dynamic-rebuild-1", - "SPDXID": "SPDXRef-nix-store-jhxpdvqsh5v3jwfkfc27307jjj3nrhi3-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", - "versionInfo": "5.15.0", + "SPDXID": "SPDXRef-nix-store-hcc1i493434q9wriv6cycgli74yy1j6h-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", + "versionInfo": "5.16.0", "downloadLocation": "NOASSERTION", "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION", @@ -24,12 +24,12 @@ { "referenceCategory": "SECURITY", "referenceType": "cpe23Type", - "referenceLocator": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.15.0:*:*:*:*:*:*:*" + "referenceLocator": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.16.0:*:*:*:*:*:*:*" }, { "referenceCategory": "PACKAGE-MANAGER", "referenceType": "purl", - "referenceLocator": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.15.0" + "referenceLocator": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.16.0" } ] }, @@ -98,7 +98,7 @@ }, { "name": "openssl", - "SPDXID": "SPDXRef-nix-store-85lvwfgnpdbkppfalflqcd067jxbhl0c-openssl-3.1.2.drv", + "SPDXID": "SPDXRef-nix-store-ziagfxa8arz406r32rqn0dllbk9aia1v-openssl-3.1.2.drv", "versionInfo": "3.1.2", "downloadLocation": "NOASSERTION", "licenseConcluded": "NOASSERTION", @@ -141,14 +141,14 @@ ], "relationships": [ { - "spdxElementId": "SPDXRef-nix-store-jhxpdvqsh5v3jwfkfc27307jjj3nrhi3-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", + "spdxElementId": "SPDXRef-nix-store-hcc1i493434q9wriv6cycgli74yy1j6h-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", "relationshipType": "DEPENDS_ON", "relatedSpdxElement": "SPDXRef-nix-store-74hh5shwd63bla2yyhq17c2irx1y528w-openssl-3.6.0.drv" }, { - "spdxElementId": "SPDXRef-nix-store-jhxpdvqsh5v3jwfkfc27307jjj3nrhi3-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", + "spdxElementId": "SPDXRef-nix-store-hcc1i493434q9wriv6cycgli74yy1j6h-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", "relationshipType": "DEPENDS_ON", - "relatedSpdxElement": "SPDXRef-nix-store-85lvwfgnpdbkppfalflqcd067jxbhl0c-openssl-3.1.2.drv" + "relatedSpdxElement": "SPDXRef-nix-store-ziagfxa8arz406r32rqn0dllbk9aia1v-openssl-3.1.2.drv" }, { "spdxElementId": "SPDXRef-nix-store-9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv", @@ -161,7 +161,7 @@ "relatedSpdxElement": "SPDXRef-nix-store-f4gxp7xg2w1y7i9cr1844a2jfb8d3yrk-libunistring-1.0.drv" }, { - "spdxElementId": "SPDXRef-nix-store-85lvwfgnpdbkppfalflqcd067jxbhl0c-openssl-3.1.2.drv", + "spdxElementId": "SPDXRef-nix-store-ziagfxa8arz406r32rqn0dllbk9aia1v-openssl-3.1.2.drv", "relationshipType": "DEPENDS_ON", "relatedSpdxElement": "SPDXRef-nix-store-9lj1q8k38i7k8z4isnhb5j1h4n2hhjzm-glibc-2.34-210.drv" }, diff --git a/sbom/server/fips/dynamic/graph.png b/sbom/server/fips/dynamic/graph.png index 0d9ebaf40..a45538510 100644 Binary files a/sbom/server/fips/dynamic/graph.png and b/sbom/server/fips/dynamic/graph.png differ diff --git a/sbom/server/fips/dynamic/meta.json b/sbom/server/fips/dynamic/meta.json index 8887afc83..0019255e5 100644 --- a/sbom/server/fips/dynamic/meta.json +++ b/sbom/server/fips/dynamic/meta.json @@ -3,8 +3,8 @@ "build": { "variant": "fips", "derivation": "kms-server-fips-dynamic-openssl", - "output_path": "/nix/store/4khk99768xj54lmgycv5nyiwzp2cgc7j-cosmian-kms-server-dynamic-rebuild-1-5.15.0", - "timestamp": "2026-02-12T06:13:44Z", + "output_path": "/nix/store/sw1q49nbj2dp484qq8gji8aq59z3z20h-cosmian-kms-server-dynamic-rebuild-1-5.16.0", + "timestamp": "2026-02-15T13:35:04Z", "generator": { "tool": "sbomnix", "version": "1.7.3" diff --git a/sbom/server/fips/dynamic/vulns.csv b/sbom/server/fips/dynamic/vulns.csv index a2e265516..49d3c3fe6 100644 --- a/sbom/server/fips/dynamic/vulns.csv +++ b/sbom/server/fips/dynamic/vulns.csv @@ -1,20 +1,21 @@ "vuln_id","url","package","version_local","severity","grype","osv","vulnix","sum","sortcol" +"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.1.2","","0","1","0","1","2026A1770940800" +"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770854400" "RHSA-2026:0794","https://osv.dev/RHSA-2026:0794","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770768000" "RHSA-2026:0794","https://osv.dev/RHSA-2026:0794","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.1.2","","0","1","0","1","2026A1770768000" -"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.1.2","","0","1","0","1","2026A1770768000" "USN-7980-1","https://osv.dev/USN-7980-1","openssl","3.1.2","","0","1","0","1","2026A1770681600" "USN-6409-1","https://osv.dev/USN-6409-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-1","https://osv.dev/USN-6541-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" @@ -27,7 +28,6 @@ "USN-7634-1","https://osv.dev/USN-7634-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-7760-1","https://osv.dev/USN-7760-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-8005-1","https://osv.dev/USN-8005-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" -"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770595200" "CGA-4r5h-8hvp-w6xm","https://osv.dev/CGA-4r5h-8hvp-w6xm","openssl","3.6.0","","0","1","0","1","2026A1770249600" "CGA-9vjv-2q8r-rw73","https://osv.dev/CGA-9vjv-2q8r-rw73","openssl","3.6.0","","0","1","0","1","2026A1770249600" "RLSA-2021:1024","https://osv.dev/RLSA-2021:1024","openssl","3.6.0","","0","1","0","1","2026A1770249600" diff --git a/sbom/server/fips/static/bom.cdx.json b/sbom/server/fips/static/bom.cdx.json index 2627efd96..efc7c9fda 100644 --- a/sbom/server/fips/static/bom.cdx.json +++ b/sbom/server/fips/static/bom.cdx.json @@ -2,9 +2,9 @@ "bomFormat": "CycloneDX", "specVersion": "1.4", "version": 1, - "serialNumber": "urn:uuid:3f36cae9-2bc7-4d5d-9028-42a143f9e3f7", + "serialNumber": "urn:uuid:0f38f511-2736-48ea-b216-934856b7c836", "metadata": { - "timestamp": "2026-02-12T07:13:05.364117+01:00", + "timestamp": "2026-02-15T14:27:49.089890+01:00", "properties": [ { "name": "sbom_type", @@ -20,19 +20,19 @@ ], "component": { "type": "library", - "bom-ref": "/nix/store/kmdyrbk80v0m53dsfwsh63kvh3brwrf5-cosmian-kms-server-rebuild-1-5.15.0.drv", + "bom-ref": "/nix/store/j53j7xim0qkxmz93gnrlm8zr9ah16cbf-cosmian-kms-server-rebuild-1-5.16.0.drv", "name": "cosmian-kms-server-rebuild-1", - "version": "5.15.0", - "purl": "pkg:nix/cosmian-kms-server-rebuild-1@5.15.0", - "cpe": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.15.0:*:*:*:*:*:*:*", + "version": "5.16.0", + "purl": "pkg:nix/cosmian-kms-server-rebuild-1@5.16.0", + "cpe": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.16.0:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", - "value": "/nix/store/566hm45mljdcnwg6zl3pwyz6fbj2717b-cosmian-kms-server-rebuild-1-5.15.0" + "value": "/nix/store/4xxw6f5v4zcvg609d6f5vzjycxw9ghwg-cosmian-kms-server-rebuild-1-5.16.0" }, { "name": "nix:drv_path", - "value": "/nix/store/kmdyrbk80v0m53dsfwsh63kvh3brwrf5-cosmian-kms-server-rebuild-1-5.15.0.drv" + "value": "/nix/store/j53j7xim0qkxmz93gnrlm8zr9ah16cbf-cosmian-kms-server-rebuild-1-5.16.0.drv" } ] } @@ -113,7 +113,7 @@ ], "dependencies": [ { - "ref": "/nix/store/kmdyrbk80v0m53dsfwsh63kvh3brwrf5-cosmian-kms-server-rebuild-1-5.15.0.drv", + "ref": "/nix/store/j53j7xim0qkxmz93gnrlm8zr9ah16cbf-cosmian-kms-server-rebuild-1-5.16.0.drv", "dependsOn": [ "/nix/store/gclfapdylmsmw25fg4rb8kji5gfqwdp2-openssl-3.6.0.drv" ] diff --git a/sbom/server/fips/static/bom.spdx.json b/sbom/server/fips/static/bom.spdx.json index 6cd8ded51..3f8997050 100644 --- a/sbom/server/fips/static/bom.spdx.json +++ b/sbom/server/fips/static/bom.spdx.json @@ -2,10 +2,10 @@ "spdxVersion": "SPDX-2.3", "dataLicense": "CC0-1.0", "SPDXID": "SPDXRef-DOCUMENT", - "name": "SPDXRef-nix-store-kmdyrbk80v0m53dsfwsh63kvh3brwrf5-cosmian-kms-server-rebuild-1-5.15.0.drv", - "documentNamespace": "sbomnix://c107e0f9-7be0-4357-9669-bb6442111394", + "name": "SPDXRef-nix-store-j53j7xim0qkxmz93gnrlm8zr9ah16cbf-cosmian-kms-server-rebuild-1-5.16.0.drv", + "documentNamespace": "sbomnix://47115c10-f50d-4479-981c-e1159eaa997b", "creationInfo": { - "created": "2026-02-12T07:13:06.115063+01:00", + "created": "2026-02-15T14:27:49.892014+01:00", "creators": [ "Tool: sbomnix-1.7.3" ] @@ -14,8 +14,8 @@ "packages": [ { "name": "cosmian-kms-server-rebuild-1", - "SPDXID": "SPDXRef-nix-store-kmdyrbk80v0m53dsfwsh63kvh3brwrf5-cosmian-kms-server-rebuild-1-5.15.0.drv", - "versionInfo": "5.15.0", + "SPDXID": "SPDXRef-nix-store-j53j7xim0qkxmz93gnrlm8zr9ah16cbf-cosmian-kms-server-rebuild-1-5.16.0.drv", + "versionInfo": "5.16.0", "downloadLocation": "NOASSERTION", "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION", @@ -24,12 +24,12 @@ { "referenceCategory": "SECURITY", "referenceType": "cpe23Type", - "referenceLocator": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.15.0:*:*:*:*:*:*:*" + "referenceLocator": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.16.0:*:*:*:*:*:*:*" }, { "referenceCategory": "PACKAGE-MANAGER", "referenceType": "purl", - "referenceLocator": "pkg:nix/cosmian-kms-server-rebuild-1@5.15.0" + "referenceLocator": "pkg:nix/cosmian-kms-server-rebuild-1@5.16.0" } ] }, @@ -120,7 +120,7 @@ ], "relationships": [ { - "spdxElementId": "SPDXRef-nix-store-kmdyrbk80v0m53dsfwsh63kvh3brwrf5-cosmian-kms-server-rebuild-1-5.15.0.drv", + "spdxElementId": "SPDXRef-nix-store-j53j7xim0qkxmz93gnrlm8zr9ah16cbf-cosmian-kms-server-rebuild-1-5.16.0.drv", "relationshipType": "DEPENDS_ON", "relatedSpdxElement": "SPDXRef-nix-store-gclfapdylmsmw25fg4rb8kji5gfqwdp2-openssl-3.6.0.drv" }, diff --git a/sbom/server/fips/static/graph.png b/sbom/server/fips/static/graph.png index 563e02c67..fcfa8eb3f 100644 Binary files a/sbom/server/fips/static/graph.png and b/sbom/server/fips/static/graph.png differ diff --git a/sbom/server/fips/static/meta.json b/sbom/server/fips/static/meta.json index 6fb772a5a..d08a0eb45 100644 --- a/sbom/server/fips/static/meta.json +++ b/sbom/server/fips/static/meta.json @@ -3,8 +3,8 @@ "build": { "variant": "fips", "derivation": "kms-server-fips-static-openssl", - "output_path": "/nix/store/566hm45mljdcnwg6zl3pwyz6fbj2717b-cosmian-kms-server-rebuild-1-5.15.0", - "timestamp": "2026-02-12T06:13:21Z", + "output_path": "/nix/store/4xxw6f5v4zcvg609d6f5vzjycxw9ghwg-cosmian-kms-server-rebuild-1-5.16.0", + "timestamp": "2026-02-15T13:28:06Z", "generator": { "tool": "sbomnix", "version": "1.7.3" diff --git a/sbom/server/fips/static/vulns.csv b/sbom/server/fips/static/vulns.csv index 75c021a34..78b6ff681 100644 --- a/sbom/server/fips/static/vulns.csv +++ b/sbom/server/fips/static/vulns.csv @@ -1,12 +1,13 @@ "vuln_id","url","package","version_local","severity","grype","osv","vulnix","sum","sortcol" +"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770854400" "RHSA-2026:0794","https://osv.dev/RHSA-2026:0794","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770768000" "USN-6409-1","https://osv.dev/USN-6409-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-1","https://osv.dev/USN-6541-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-2","https://osv.dev/USN-6541-2","glibc","2.34-210","","0","1","0","1","2026A1770681600" @@ -18,7 +19,6 @@ "USN-7634-1","https://osv.dev/USN-7634-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-7760-1","https://osv.dev/USN-7760-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-8005-1","https://osv.dev/USN-8005-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" -"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770595200" "CGA-4r5h-8hvp-w6xm","https://osv.dev/CGA-4r5h-8hvp-w6xm","openssl","3.6.0","","0","1","0","1","2026A1770249600" "CGA-9vjv-2q8r-rw73","https://osv.dev/CGA-9vjv-2q8r-rw73","openssl","3.6.0","","0","1","0","1","2026A1770249600" "RLSA-2021:1024","https://osv.dev/RLSA-2021:1024","openssl","3.6.0","","0","1","0","1","2026A1770249600" diff --git a/sbom/server/non-fips/dynamic/bom.cdx.json b/sbom/server/non-fips/dynamic/bom.cdx.json index 88ec22d2c..fa09fc533 100644 --- a/sbom/server/non-fips/dynamic/bom.cdx.json +++ b/sbom/server/non-fips/dynamic/bom.cdx.json @@ -2,9 +2,9 @@ "bomFormat": "CycloneDX", "specVersion": "1.4", "version": 1, - "serialNumber": "urn:uuid:afa986f7-fffc-45fc-9d64-df129ed42113", + "serialNumber": "urn:uuid:55774ff9-29c0-471a-917c-0e02303d7d89", "metadata": { - "timestamp": "2026-02-12T07:14:05.036850+01:00", + "timestamp": "2026-02-15T14:52:45.729571+01:00", "properties": [ { "name": "sbom_type", @@ -20,19 +20,19 @@ ], "component": { "type": "library", - "bom-ref": "/nix/store/58narzc5nka19lfx3zhy128bqaq2c8fp-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", + "bom-ref": "/nix/store/f85xm0zama9gc9f81w8077b9jj3rbril-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", "name": "cosmian-kms-server-dynamic-rebuild-1", - "version": "5.15.0", - "purl": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.15.0", - "cpe": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.15.0:*:*:*:*:*:*:*", + "version": "5.16.0", + "purl": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.16.0", + "cpe": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.16.0:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", - "value": "/nix/store/8mi7a76vbmibc3d868i1yp74mrr8ifc8-cosmian-kms-server-dynamic-rebuild-1-5.15.0" + "value": "/nix/store/cgbpirvj57n0504anycgkzvkk1m1ks8m-cosmian-kms-server-dynamic-rebuild-1-5.16.0" }, { "name": "nix:drv_path", - "value": "/nix/store/58narzc5nka19lfx3zhy128bqaq2c8fp-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv" + "value": "/nix/store/f85xm0zama9gc9f81w8077b9jj3rbril-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv" } ] } @@ -113,7 +113,7 @@ ], "dependencies": [ { - "ref": "/nix/store/58narzc5nka19lfx3zhy128bqaq2c8fp-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", + "ref": "/nix/store/f85xm0zama9gc9f81w8077b9jj3rbril-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", "dependsOn": [ "/nix/store/74hh5shwd63bla2yyhq17c2irx1y528w-openssl-3.6.0.drv" ] diff --git a/sbom/server/non-fips/dynamic/bom.spdx.json b/sbom/server/non-fips/dynamic/bom.spdx.json index 688bed5e5..c391e66ba 100644 --- a/sbom/server/non-fips/dynamic/bom.spdx.json +++ b/sbom/server/non-fips/dynamic/bom.spdx.json @@ -2,10 +2,10 @@ "spdxVersion": "SPDX-2.3", "dataLicense": "CC0-1.0", "SPDXID": "SPDXRef-DOCUMENT", - "name": "SPDXRef-nix-store-58narzc5nka19lfx3zhy128bqaq2c8fp-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", - "documentNamespace": "sbomnix://a1132d42-93fc-432c-a4f3-dec2cc42cec4", + "name": "SPDXRef-nix-store-f85xm0zama9gc9f81w8077b9jj3rbril-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", + "documentNamespace": "sbomnix://81653b1e-d020-402a-b0d1-8b49c5e78163", "creationInfo": { - "created": "2026-02-12T07:14:05.786635+01:00", + "created": "2026-02-15T14:52:46.505939+01:00", "creators": [ "Tool: sbomnix-1.7.3" ] @@ -14,8 +14,8 @@ "packages": [ { "name": "cosmian-kms-server-dynamic-rebuild-1", - "SPDXID": "SPDXRef-nix-store-58narzc5nka19lfx3zhy128bqaq2c8fp-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", - "versionInfo": "5.15.0", + "SPDXID": "SPDXRef-nix-store-f85xm0zama9gc9f81w8077b9jj3rbril-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", + "versionInfo": "5.16.0", "downloadLocation": "NOASSERTION", "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION", @@ -24,12 +24,12 @@ { "referenceCategory": "SECURITY", "referenceType": "cpe23Type", - "referenceLocator": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.15.0:*:*:*:*:*:*:*" + "referenceLocator": "cpe:2.3:a:cosmian-kms-server-dynamic-rebuild-1:cosmian-kms-server-dynamic-rebuild-1:5.16.0:*:*:*:*:*:*:*" }, { "referenceCategory": "PACKAGE-MANAGER", "referenceType": "purl", - "referenceLocator": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.15.0" + "referenceLocator": "pkg:nix/cosmian-kms-server-dynamic-rebuild-1@5.16.0" } ] }, @@ -120,7 +120,7 @@ ], "relationships": [ { - "spdxElementId": "SPDXRef-nix-store-58narzc5nka19lfx3zhy128bqaq2c8fp-cosmian-kms-server-dynamic-rebuild-1-5.15.0.drv", + "spdxElementId": "SPDXRef-nix-store-f85xm0zama9gc9f81w8077b9jj3rbril-cosmian-kms-server-dynamic-rebuild-1-5.16.0.drv", "relationshipType": "DEPENDS_ON", "relatedSpdxElement": "SPDXRef-nix-store-74hh5shwd63bla2yyhq17c2irx1y528w-openssl-3.6.0.drv" }, diff --git a/sbom/server/non-fips/dynamic/graph.png b/sbom/server/non-fips/dynamic/graph.png index 9ff463ae6..59bc8c7f2 100644 Binary files a/sbom/server/non-fips/dynamic/graph.png and b/sbom/server/non-fips/dynamic/graph.png differ diff --git a/sbom/server/non-fips/dynamic/meta.json b/sbom/server/non-fips/dynamic/meta.json index f3d30188c..4d049a136 100644 --- a/sbom/server/non-fips/dynamic/meta.json +++ b/sbom/server/non-fips/dynamic/meta.json @@ -3,8 +3,8 @@ "build": { "variant": "non-fips", "derivation": "kms-server-non-fips-dynamic-openssl", - "output_path": "/nix/store/8mi7a76vbmibc3d868i1yp74mrr8ifc8-cosmian-kms-server-dynamic-rebuild-1-5.15.0", - "timestamp": "2026-02-12T06:14:23Z", + "output_path": "/nix/store/cgbpirvj57n0504anycgkzvkk1m1ks8m-cosmian-kms-server-dynamic-rebuild-1-5.16.0", + "timestamp": "2026-02-15T13:53:03Z", "generator": { "tool": "sbomnix", "version": "1.7.3" diff --git a/sbom/server/non-fips/dynamic/vulns.csv b/sbom/server/non-fips/dynamic/vulns.csv index 75c021a34..78b6ff681 100644 --- a/sbom/server/non-fips/dynamic/vulns.csv +++ b/sbom/server/non-fips/dynamic/vulns.csv @@ -1,12 +1,13 @@ "vuln_id","url","package","version_local","severity","grype","osv","vulnix","sum","sortcol" +"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770854400" "RHSA-2026:0794","https://osv.dev/RHSA-2026:0794","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770768000" "USN-6409-1","https://osv.dev/USN-6409-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-1","https://osv.dev/USN-6541-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-2","https://osv.dev/USN-6541-2","glibc","2.34-210","","0","1","0","1","2026A1770681600" @@ -18,7 +19,6 @@ "USN-7634-1","https://osv.dev/USN-7634-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-7760-1","https://osv.dev/USN-7760-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-8005-1","https://osv.dev/USN-8005-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" -"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770595200" "CGA-4r5h-8hvp-w6xm","https://osv.dev/CGA-4r5h-8hvp-w6xm","openssl","3.6.0","","0","1","0","1","2026A1770249600" "CGA-9vjv-2q8r-rw73","https://osv.dev/CGA-9vjv-2q8r-rw73","openssl","3.6.0","","0","1","0","1","2026A1770249600" "RLSA-2021:1024","https://osv.dev/RLSA-2021:1024","openssl","3.6.0","","0","1","0","1","2026A1770249600" diff --git a/sbom/server/non-fips/static/bom.cdx.json b/sbom/server/non-fips/static/bom.cdx.json index 223b45476..6e8322feb 100644 --- a/sbom/server/non-fips/static/bom.cdx.json +++ b/sbom/server/non-fips/static/bom.cdx.json @@ -2,9 +2,9 @@ "bomFormat": "CycloneDX", "specVersion": "1.4", "version": 1, - "serialNumber": "urn:uuid:d29ed88a-a46d-48b8-beed-4c6253c3a6ce", + "serialNumber": "urn:uuid:b08800e9-7564-47f3-8841-8bcacda39e30", "metadata": { - "timestamp": "2026-02-12T07:13:45.582310+01:00", + "timestamp": "2026-02-15T14:46:19.913752+01:00", "properties": [ { "name": "sbom_type", @@ -20,19 +20,19 @@ ], "component": { "type": "library", - "bom-ref": "/nix/store/1v6ax8ln7k23p3l5yvkgnvd8bbsxk3kd-cosmian-kms-server-rebuild-1-5.15.0.drv", + "bom-ref": "/nix/store/s6sbjgh5dq4zql852jrp2k0c5rnl90jj-cosmian-kms-server-rebuild-1-5.16.0.drv", "name": "cosmian-kms-server-rebuild-1", - "version": "5.15.0", - "purl": "pkg:nix/cosmian-kms-server-rebuild-1@5.15.0", - "cpe": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.15.0:*:*:*:*:*:*:*", + "version": "5.16.0", + "purl": "pkg:nix/cosmian-kms-server-rebuild-1@5.16.0", + "cpe": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.16.0:*:*:*:*:*:*:*", "properties": [ { "name": "nix:output_path", - "value": "/nix/store/8402d5q3sdzdhqahpicyad4g8iin63si-cosmian-kms-server-rebuild-1-5.15.0" + "value": "/nix/store/i6p0g1sab5lvclvvp1a1vi8ji4z371z6-cosmian-kms-server-rebuild-1-5.16.0" }, { "name": "nix:drv_path", - "value": "/nix/store/1v6ax8ln7k23p3l5yvkgnvd8bbsxk3kd-cosmian-kms-server-rebuild-1-5.15.0.drv" + "value": "/nix/store/s6sbjgh5dq4zql852jrp2k0c5rnl90jj-cosmian-kms-server-rebuild-1-5.16.0.drv" } ] } @@ -113,7 +113,7 @@ ], "dependencies": [ { - "ref": "/nix/store/1v6ax8ln7k23p3l5yvkgnvd8bbsxk3kd-cosmian-kms-server-rebuild-1-5.15.0.drv", + "ref": "/nix/store/s6sbjgh5dq4zql852jrp2k0c5rnl90jj-cosmian-kms-server-rebuild-1-5.16.0.drv", "dependsOn": [ "/nix/store/gclfapdylmsmw25fg4rb8kji5gfqwdp2-openssl-3.6.0.drv" ] diff --git a/sbom/server/non-fips/static/bom.spdx.json b/sbom/server/non-fips/static/bom.spdx.json index 01a1b0d35..f794bbb93 100644 --- a/sbom/server/non-fips/static/bom.spdx.json +++ b/sbom/server/non-fips/static/bom.spdx.json @@ -2,10 +2,10 @@ "spdxVersion": "SPDX-2.3", "dataLicense": "CC0-1.0", "SPDXID": "SPDXRef-DOCUMENT", - "name": "SPDXRef-nix-store-1v6ax8ln7k23p3l5yvkgnvd8bbsxk3kd-cosmian-kms-server-rebuild-1-5.15.0.drv", - "documentNamespace": "sbomnix://3c17643f-59d9-4655-97b6-2070d4bac08b", + "name": "SPDXRef-nix-store-s6sbjgh5dq4zql852jrp2k0c5rnl90jj-cosmian-kms-server-rebuild-1-5.16.0.drv", + "documentNamespace": "sbomnix://0253040a-2874-4472-82d4-fd92c782683b", "creationInfo": { - "created": "2026-02-12T07:13:46.330095+01:00", + "created": "2026-02-15T14:46:20.698788+01:00", "creators": [ "Tool: sbomnix-1.7.3" ] @@ -14,8 +14,8 @@ "packages": [ { "name": "cosmian-kms-server-rebuild-1", - "SPDXID": "SPDXRef-nix-store-1v6ax8ln7k23p3l5yvkgnvd8bbsxk3kd-cosmian-kms-server-rebuild-1-5.15.0.drv", - "versionInfo": "5.15.0", + "SPDXID": "SPDXRef-nix-store-s6sbjgh5dq4zql852jrp2k0c5rnl90jj-cosmian-kms-server-rebuild-1-5.16.0.drv", + "versionInfo": "5.16.0", "downloadLocation": "NOASSERTION", "licenseConcluded": "NOASSERTION", "licenseDeclared": "NOASSERTION", @@ -24,12 +24,12 @@ { "referenceCategory": "SECURITY", "referenceType": "cpe23Type", - "referenceLocator": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.15.0:*:*:*:*:*:*:*" + "referenceLocator": "cpe:2.3:a:cosmian-kms-server-rebuild-1:cosmian-kms-server-rebuild-1:5.16.0:*:*:*:*:*:*:*" }, { "referenceCategory": "PACKAGE-MANAGER", "referenceType": "purl", - "referenceLocator": "pkg:nix/cosmian-kms-server-rebuild-1@5.15.0" + "referenceLocator": "pkg:nix/cosmian-kms-server-rebuild-1@5.16.0" } ] }, @@ -120,7 +120,7 @@ ], "relationships": [ { - "spdxElementId": "SPDXRef-nix-store-1v6ax8ln7k23p3l5yvkgnvd8bbsxk3kd-cosmian-kms-server-rebuild-1-5.15.0.drv", + "spdxElementId": "SPDXRef-nix-store-s6sbjgh5dq4zql852jrp2k0c5rnl90jj-cosmian-kms-server-rebuild-1-5.16.0.drv", "relationshipType": "DEPENDS_ON", "relatedSpdxElement": "SPDXRef-nix-store-gclfapdylmsmw25fg4rb8kji5gfqwdp2-openssl-3.6.0.drv" }, diff --git a/sbom/server/non-fips/static/graph.png b/sbom/server/non-fips/static/graph.png index 563e02c67..fcfa8eb3f 100644 Binary files a/sbom/server/non-fips/static/graph.png and b/sbom/server/non-fips/static/graph.png differ diff --git a/sbom/server/non-fips/static/meta.json b/sbom/server/non-fips/static/meta.json index 0c4e09d39..cce24970a 100644 --- a/sbom/server/non-fips/static/meta.json +++ b/sbom/server/non-fips/static/meta.json @@ -3,8 +3,8 @@ "build": { "variant": "non-fips", "derivation": "kms-server-non-fips-static-openssl", - "output_path": "/nix/store/8402d5q3sdzdhqahpicyad4g8iin63si-cosmian-kms-server-rebuild-1-5.15.0", - "timestamp": "2026-02-12T06:14:03Z", + "output_path": "/nix/store/i6p0g1sab5lvclvvp1a1vi8ji4z371z6-cosmian-kms-server-rebuild-1-5.16.0", + "timestamp": "2026-02-15T13:46:35Z", "generator": { "tool": "sbomnix", "version": "1.7.3" diff --git a/sbom/server/non-fips/static/vulns.csv b/sbom/server/non-fips/static/vulns.csv index 75c021a34..78b6ff681 100644 --- a/sbom/server/non-fips/static/vulns.csv +++ b/sbom/server/non-fips/static/vulns.csv @@ -1,12 +1,13 @@ "vuln_id","url","package","version_local","severity","grype","osv","vulnix","sum","sortcol" +"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770940800" +"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770854400" "RHSA-2026:0794","https://osv.dev/RHSA-2026:0794","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1472","https://osv.dev/RHSA-2026:1472","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1473","https://osv.dev/RHSA-2026:1473","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1496","https://osv.dev/RHSA-2026:1496","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1503","https://osv.dev/RHSA-2026:1503","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1519","https://osv.dev/RHSA-2026:1519","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1594","https://osv.dev/RHSA-2026:1594","openssl","3.6.0","","0","1","0","1","2026A1770768000" -"RHSA-2026:1733","https://osv.dev/RHSA-2026:1733","openssl","3.6.0","","0","1","0","1","2026A1770768000" "USN-6409-1","https://osv.dev/USN-6409-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-1","https://osv.dev/USN-6541-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-6541-2","https://osv.dev/USN-6541-2","glibc","2.34-210","","0","1","0","1","2026A1770681600" @@ -18,7 +19,6 @@ "USN-7634-1","https://osv.dev/USN-7634-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-7760-1","https://osv.dev/USN-7760-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" "USN-8005-1","https://osv.dev/USN-8005-1","glibc","2.34-210","","0","1","0","1","2026A1770681600" -"RHSA-2026:1334","https://osv.dev/RHSA-2026:1334","glibc","2.34-210","","0","1","0","1","2026A1770595200" "CGA-4r5h-8hvp-w6xm","https://osv.dev/CGA-4r5h-8hvp-w6xm","openssl","3.6.0","","0","1","0","1","2026A1770249600" "CGA-9vjv-2q8r-rw73","https://osv.dev/CGA-9vjv-2q8r-rw73","openssl","3.6.0","","0","1","0","1","2026A1770249600" "RLSA-2021:1024","https://osv.dev/RLSA-2021:1024","openssl","3.6.0","","0","1","0","1","2026A1770249600" diff --git a/ui/package-lock.json b/ui/package-lock.json index 8beb4d577..2716ea1e4 100644 --- a/ui/package-lock.json +++ b/ui/package-lock.json @@ -1,12 +1,12 @@ { "name": "ui", - "version": "5.15.0", + "version": "5.16.0", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "ui", - "version": "5.15.0", + "version": "5.16.0", "dependencies": { "@ant-design/icons": "^6.0.0", "@tailwindcss/vite": "^4.1.4", diff --git a/ui/package.json b/ui/package.json index 08cc49b6b..06eab5d74 100644 --- a/ui/package.json +++ b/ui/package.json @@ -1,7 +1,7 @@ { "name": "ui", "private": true, - "version": "5.15.0", + "version": "5.16.0", "type": "module", "scripts": { "dev": "vite",