--- /dev/null
+libseccomp (2.6.0-2) unstable; urgency=medium
+
+ * Upload to unstable.
+ * Disable valgrind unit tests, it's not stable enough.
+ * Cherry-pick upstream fixes:
+ - tests_remove_the_fuzzer_from_test_62-sim-arch_transactions.patch
+ - hash_fix_strict_aliasing_UB_in_MurMur_hash_implementation.patch
+ - api_fix_seccomp_export_bpf_mem_out-of-bounds_read.patch
+
+ -- Felix Geyer <fgeyer@debian.org> Thu, 20 Mar 2025 22:12:14 +0100
+
+libseccomp (2.6.0-1) experimental; urgency=medium
+
+ * New upstream release. (Closes: #1088935)
+ * Drop backported loongarch64 patches, applied upstream.
+ * Drop python_Fix_distutils_DeprecationWarning.patch, applied upstream.
+ * Update symbols file.
+ * Fix watch file.
+ * Refresh upstream signing keys.
+ * Run unit tests in parallel.
+
+ -- Felix Geyer <fgeyer@debian.org> Fri, 24 Jan 2025 22:10:51 +0100
+
+libseccomp (2.5.5-2) unstable; urgency=medium
+
+ * Revert: Dynamically skip autopkgtests when the test runner already applies
+ seccomp restrictions.
+ - Container based backends usually apply a seccomp filter so it's better
+ to declare the isolation-machine restriction.
+ * Backport support for syscalls up to kernel v6.12-rc5 and loongarch64.
+ (Closes: #1051323)
+ - syscalls_update_to_Linux_v6.0.patch
+ - tests_add_fstatfs_syscall_in_the_06-sim-actions.patch
+ - arch_Add_64-bit_LoongArch_support.patch
+ - tests_Add_64-bit_LoongArch_support.patch
+ - doc_update_README_and_manpage_for_64-bit_LoongArch.patch
+ - tests_Fix_wrong_syscall-error_in_test_29.patch
+ - tests_only_use_bogus_syscall_numbers_in_test_29.patch
+ - arch_unify_handling_of_syscall.tbl_in_arch-syscall-validate.patch
+ - arch_adapt_arch-syscall-validate_to_Linux_6.11.patch
+ - syscalls_Update_the_syscall_table_for_Linux_v6.12-rc5.patch
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 24 Nov 2024 21:54:16 +0100
+
+libseccomp (2.5.5-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Felix Geyer <fgeyer@debian.org> Thu, 04 Jan 2024 18:29:54 +0100
+
+libseccomp (2.5.4-2) unstable; urgency=medium
+
+ * Fix watch file. (Closes: #1050659)
+ * Dynamically skip autopkgtests when the test runner already applies seccomp
+ restrictions.
+ - Drop isolation-machine restriction.
+ * Fix FTBFS with setuptools. (Closes: #1054788, #1033641)
+ - Add python_Fix_distutils_DeprecationWarning.patch
+ - Add python_single_version_externally_managed.patch
+ - Explicitly build-depend on python3-setuptools
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 29 Oct 2023 15:13:08 +0100
+
+libseccomp (2.5.4-1) unstable; urgency=medium
+
+ * New upstream release.
+
+ -- Felix Geyer <fgeyer@debian.org> Thu, 21 Apr 2022 22:23:12 +0200
+
+libseccomp (2.5.3-2) unstable; urgency=medium
+
+ [ Alex Murray ]
+ * Fix python version check in debian/rules to properly handle python3.10
+ to resolve FTBFS (Closes: #999364)
+
+ -- Felix Geyer <fgeyer@debian.org> Thu, 18 Nov 2021 17:52:23 +0100
+
+libseccomp (2.5.3-1) experimental; urgency=medium
+
+ * New upstream release.
+ * Drop patches from 2.5.2-2, fixed upstream.
+
+ -- Felix Geyer <fgeyer@debian.org> Sat, 06 Nov 2021 16:46:51 +0100
+
+libseccomp (2.5.2-2) unstable; urgency=medium
+
+ * Revert mips and powerpc multiplexed syscall handling.
+ - Fixes test suite failures. (Closes: #994285)
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 03 Oct 2021 23:26:59 +0200
+
+libseccomp (2.5.2-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Update watch file.
+
+ -- Felix Geyer <fgeyer@debian.org> Tue, 07 Sep 2021 11:14:34 +0200
+
+libseccomp (2.5.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Drop all patches as they have been applied upstream.
+
+ -- Felix Geyer <fgeyer@debian.org> Mon, 21 Dec 2020 10:50:30 +0100
+
+libseccomp (2.5.0-3) unstable; urgency=medium
+
+ * Cherry-pick patch from the 2.5 branch to fix test error on mips:
+ - arch_ensure_we_dont_munge_pseudo_syscall_numbers.patch
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 08 Nov 2020 19:59:21 +0100
+
+libseccomp (2.5.0-2) unstable; urgency=medium
+
+ * Upload to unstable.
+ * Cherry-pick patches from the 2.5 branch to fix build and test errors:
+ - build_undefine_mips_to_prevent_build_problems.patch
+ - tests_use_openat_and_fstat_instead_of_open_and_stat_syscalls.patch
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 08 Nov 2020 15:49:41 +0100
+
+libseccomp (2.5.0-1) experimental; urgency=medium
+
+ * New upstream release.
+ - Build-depend on gperf.
+ - Update symbols file.
+ * Remove patches that have been applied upstream:
+ - cython3.patch
+ - riscv64_support.patch
+ * Cherry-pick patches from the 2.5 branch:
+ - all_only_request_the_userspace_notification_fd_once.patch
+ - system_change_our_notification_fd_handling.patch
+
+ -- Felix Geyer <fgeyer@debian.org> Sat, 24 Oct 2020 13:58:28 +0200
+
+libseccomp (2.4.4-1) unstable; urgency=medium
+
+ * Team upload.
+
+ [ Debian Janitor ]
+ * Set upstream metadata fields: Repository, Repository-Browse.
+ * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository.
+
+ [ Felix Geyer ]
+ * New upstream release.
+ * Download and verify orig gpg signature.
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 20 Sep 2020 19:03:41 +0200
+
+libseccomp (2.4.3-1) unstable; urgency=medium
+
+ * New upstream release.
+ * Drop patches that have been applied upstream:
+ - tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch
+ - api_define__SNR_ppoll_again.patch
+ * Cherry-pick support for the riscv64 architecture. (Closes: #952386)
+ - Add riscv64_support.patch
+
+ -- Felix Geyer <fgeyer@debian.org> Thu, 12 Mar 2020 23:35:13 +0100
+
+libseccomp (2.4.2-2) unstable; urgency=medium
+
+ [ Christian Ehrhardt ]
+ * d/rules: fix potential FTFBS after full python3 switch
+ * d/t/control: drop python2 test following the removal of the package
+
+ [ Felix Geyer ]
+ * Remove build-dependency on valgrind for mips64el as it's broken there.
+ * Backport patch to define __SNR_ppoll again.
+ - Add api_define__SNR_ppoll_again.patch
+ * Replace custom patch for cython3 with the upstream fix.
+
+ -- Felix Geyer <fgeyer@debian.org> Fri, 15 Nov 2019 18:12:53 +0100
+
+libseccomp (2.4.2-1) unstable; urgency=medium
+
+ [ Christian Ehrhardt ]
+ * New upstream release 2.4.2 for compatibility with newer kernels and
+ fixing FTBFS (LP: #1849785).
+ - drop d/p/python_install_dir.patch (now upstream)
+ - d/rules: adapt to python 3.8 lacking the m modifier on includes
+ see https://wiki.debian.org/Python/Python3.8
+ - d/p/tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch: fix
+ build time test on arm64
+
+ [ Felix Geyer ]
+ * Drop Python 2 bindings. (Closes: #936917)
+ - Add cython3.patch to use the Python 3 cython variant.
+
+ -- Felix Geyer <fgeyer@debian.org> Wed, 13 Nov 2019 00:00:49 +0100
+
+libseccomp (2.4.1-2) unstable; urgency=medium
+
+ * Remove build-dependency on valgrind for mipsel and x32 as it's broken
+ on those archs.
+ * Set Rules-Requires-Root: no.
+
+ -- Felix Geyer <fgeyer@debian.org> Fri, 19 Jul 2019 00:03:34 +0200
+
+libseccomp (2.4.1-1) unstable; urgency=medium
+
+ * New upstream release.
+ - Addresses CVE-2019-9893 (Closes: #924646)
+ * Drop all patches for parisc arch support, merged upstream.
+ * Build-depend on valgrind to run more unit tests.
+ * Run dh_auto_configure for every python 3 version to install the extension
+ in the correct path.
+ * Update the symbols file.
+ * Adapt autopkgtest to new upstream version:
+ - Build against pthread
+ - Build scmp_api_level tool
+ * Upgrade to debhelper compat level 12.
+ - Add d/not-installed file
+ * Fix install path of the python module.
+ - Add python_install_dir.patch
+ * Add autopkgtest for python packages.
+
+ -- Felix Geyer <fgeyer@debian.org> Wed, 17 Jul 2019 23:23:28 +0200
+
+libseccomp (2.3.3-4) unstable; urgency=medium
+
+ [ Ondřej Nový ]
+ * d/copyright: Change Format URL to correct one
+
+ [ Helmut Grohne ]
+ * Fix FTCBFS: (Closes: #903556)
+ + Multiarchify python Build-Depends.
+ + Annotate cython dependencies with :native for now.
+ + Drop noop dh_auto_build invocations.
+ + Pass a suitable PYTHONPATH for python2.
+ + Pass _PYTHON_SYSCONFIGDATA_NAME for python3.
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 10 Feb 2019 12:25:44 +0100
+
+libseccomp (2.3.3-3) unstable; urgency=medium
+
+ * Fix FTBFS: Adapt to renamed README file. (Closes: #902767)
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 01 Jul 2018 20:32:03 +0200
+
+libseccomp (2.3.3-2) unstable; urgency=medium
+
+ [ Helmut Grohne ]
+ * Support the nopython build profile. (Closes: #897057)
+
+ [ Felix Geyer ]
+ * Run upstream "live" tests in an autopkgtest.
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 13 May 2018 09:53:08 +0200
+
+libseccomp (2.3.3-1) unstable; urgency=medium
+
+ * New upstream release. (Closes: #895417)
+ - Adds pkey_mprotect syscall. (Closes: #893722)
+ * Refresh parisc patch.
+ * Move libseccomp2 back to /usr/lib. (Closes: #894988)
+ * Make test failures cause the build to fail. (Closes: 877901)
+ * Build python bindings. (Closes: #810712)
+ * Switch to debhelper compat level 10.
+ * Move git repo to salsa.debian.org
+ * Add myself to Uploaders.
+
+ -- Felix Geyer <fgeyer@debian.org> Sun, 22 Apr 2018 23:55:03 +0200
+
+libseccomp (2.3.1-2.1) unstable; urgency=medium
+
+ [ Martin Pitt ]
+ * Non-maintainer upload with Kees' consent.
+
+ [ Laurent Bigonville ]
+ * Ensure strict enough generated dependencies (Closes: #844496)
+
+ -- Martin Pitt <mpitt@debian.org> Thu, 17 Nov 2016 10:16:44 +0100
+
+libseccomp (2.3.1-2) unstable; urgency=medium
+
+ * Add hppa (parisc) support (Closes: #820501)
+
+ -- Luca Bruno <lucab@debian.org> Sat, 28 May 2016 20:05:01 +0200
+
+libseccomp (2.3.1-1) unstable; urgency=medium
+
+ * New upstream release
+ * control: add Vcs-* fields
+
+ -- Luca Bruno <lucab@debian.org> Tue, 05 Apr 2016 22:16:55 +0200
+
+libseccomp (2.3.0-1) unstable; urgency=medium
+
+ * New upstream release
+ + drop all patches, applied upstream
+ * libseccomp2: update symbols file
+ * control: add myself to uploaders
+ * control: bump policy version
+
+ -- Luca Bruno <lucab@debian.org> Sun, 03 Apr 2016 00:31:09 +0200
+
+libseccomp (2.2.3-3) unstable; urgency=medium
+
+ [ Martin Pitt ]
+ * debian/patches/add-x86-32bit-socket-calls.patch: add the newly
+ connected direct socket calls. (Closes: #809556)
+ * debian/add-membarrier.patch: add membarrier syscall.
+ * Backport patches for ppc/ppc64 and s390x. (Closes: #800818)
+
+ -- Kees Cook <kees@debian.org> Tue, 01 Sep 2015 15:37:31 -0700
+
+libseccomp (2.2.3-2) unstable; urgency=medium
+
+ * debian/control: enable mips64, mips64el, and x32 architectures,
+ thanks to Helmut Grohne (Closes: 797383).
+
+ -- Kees Cook <kees@debian.org> Tue, 01 Sep 2015 15:37:31 -0700
+
+libseccomp (2.2.3-1) unstable; urgency=medium
+
+ * New upstream release (Closes: 793032).
+ * debian/control: update Homepage (Closes: 793033).
+
+ -- Kees Cook <kees@debian.org> Mon, 03 Aug 2015 15:06:08 -0700
+
+libseccomp (2.2.1-2) unstable; urgency=medium
+
+ * debian/{rules,*.install}: move to /lib, thanks to Michael Biebl
+ (Closes: 788923).
+
+ -- Kees Cook <kees@debian.org> Tue, 16 Jun 2015 12:45:08 -0700
+
+libseccomp (2.2.1-1) unstable; urgency=medium
+
+ * New upstream release (Closes: 785428).
+ - debian/patches dropped: incorporated upstream.
+ * debian/libseccomp2.symbols: include only documented symbols.
+ * debian/libseccomp-dev.install: include static library (Closes: 698508).
+ * debian/control:
+ - add newly supported arm64, mips, and mipsel.
+ - bump standards version, no changes needed.
+
+ -- Kees Cook <kees@debian.org> Sat, 16 May 2015 08:15:26 -0700
+
+libseccomp (2.1.1-1) unstable; urgency=low
+
+ * New upstream release (Closes: 733293).
+ * copyright: add a few missed people.
+ * rules: adjusted for new test target.
+ * libseccomp2.symbols: drop accidentally exported functions.
+ * control:
+ - bump standards, no changes needed.
+ - add armel target
+
+ -- Kees Cook <kees@debian.org> Sat, 12 Apr 2014 10:44:22 -0700
+
+libseccomp (2.1.0+dfsg-1) unstable; urgency=low
+
+ * Rebuild source package without accidental binaries (Closes: 725617).
+ - debian/watch: mangle upstream version check.
+ * debian/rules: make tests non-fatal while upstream fixes them
+ (Closes: 721292).
+
+ -- Kees Cook <kees@debian.org> Sun, 06 Oct 2013 15:05:51 -0700
+
+libseccomp (2.1.0-1) unstable; urgency=low
+
+ * New upstream release (Closes: 718398):
+ - dropped debian/patches/manpage-dashes.patch: taken upstream.
+ - dropped debian/patches/include-unistd.patch: not needed.
+ - debian/patches/testsuite-x86-write.patch: taken upstream.
+ - ABI bump: moved from libseccomp1 to libseccomp2.
+ * debian/control:
+ - added Arch: armhf, now supported upstream.
+ - added seccomp binary package for helper tools.
+ * Added debian/patches/manpage-typo.patch: spelling fix.
+ * Added debian/patches/build-ldflags.patch: fix LDFLAGS handling.
+
+ -- Kees Cook <kees@debian.org> Tue, 13 Aug 2013 00:02:01 -0700
+
+libseccomp (1.0.1-2) unstable; urgency=low
+
+ * debian/rules: enable testsuite at build time, thanks to
+ Stéphane Graber (Closes: 698803).
+ * Added debian/patches/include-unistd.patch: detect location of
+ asm/unistd.h correctly.
+ * Added debian/patches/testsuite-x86-write.patch: skip the "write"
+ syscall correctly on x86.
+ * debian/control: bump standards to 3.9.4, no changes needed.
+
+ -- Kees Cook <kees@debian.org> Wed, 23 Jan 2013 13:11:53 -0800
+
+libseccomp (1.0.1-1) unstable; urgency=low
+
+ * New upstream release.
+ * debian/control: only build on amd64 and i386 (Closes: 687368).
+
+ -- Kees Cook <kees@debian.org> Fri, 07 Dec 2012 11:38:03 -0800
+
+libseccomp (1.0.0-1) unstable; urgency=low
+
+ * New upstream release.
+ - bump ABI.
+ - drop build verbosity patch, use upstream V=1 instead.
+ * libseccomp-dev.manpages: fix build location (Closes: 682152, 682471).
+ * debian/patches/pkgconfig-macro.patch: use literals for macro.
+
+ -- Kees Cook <kees@debian.org> Fri, 03 Aug 2012 16:59:41 -0700
+
+libseccomp (0.1.0-1) unstable; urgency=low
+
+ * New upstream release.
+ - drop patches taken upstream:
+ - libexecdir.patch
+ - pass-flags.patch
+
+ -- Kees Cook <kees@debian.org> Fri, 08 Jun 2012 12:32:22 -0700
+
+libseccomp (0.0.0~20120605-1) unstable; urgency=low
+
+ * Initial release (Closes: #676257).
+
+ -- Kees Cook <kees@debian.org> Tue, 05 Jun 2012 11:28:07 -0700
--- /dev/null
+Source: libseccomp
+Section: libs
+Priority: optional
+Maintainer: Kees Cook <kees@debian.org>
+Uploaders: Luca Bruno <lucab@debian.org>, Felix Geyer <fgeyer@debian.org>
+Build-Depends: debhelper-compat (= 12),
+ linux-libc-dev,
+ dh-python <!nopython>,
+ python3-all-dev:any <!nopython>,
+ libpython3-all-dev <!nopython>,
+ cython3:native <!nopython>,
+ python3-setuptools <!nopython>,
+ gperf
+Rules-Requires-Root: no
+Standards-Version: 3.9.7
+Homepage: https://github.com/seccomp/libseccomp
+Vcs-Git: https://salsa.debian.org/debian/libseccomp.git
+Vcs-Browser: https://salsa.debian.org/debian/libseccomp
+
+Package: libseccomp-dev
+Section: libdevel
+Architecture: linux-any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends: libseccomp2 (= ${binary:Version}), ${misc:Depends}
+Suggests: seccomp
+Description: high level interface to Linux seccomp filter (development files)
+ This library provides a high level interface to constructing, analyzing
+ and installing seccomp filters via a BPF passed to the Linux Kernel's
+ prctl() syscall.
+ .
+ This package contains the development files.
+
+Package: libseccomp2
+Architecture: linux-any
+Multi-Arch: same
+Pre-Depends: ${misc:Pre-Depends}
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Description: high level interface to Linux seccomp filter
+ This library provides a high level interface to constructing, analyzing
+ and installing seccomp filters via a BPF passed to the Linux Kernel's
+ prctl() syscall.
+
+Package: seccomp
+Section: utils
+Architecture: linux-any
+Depends: ${shlibs:Depends}, ${misc:Depends}
+Suggests: libseccomp-dev
+Description: helper tools for high level interface to Linux seccomp filter
+ Provides helper tools for interacting with libseccomp. Currently, only
+ a single tool exists, providing a way to easily enumerate syscalls across
+ the supported architectures.
+
+Package: python3-seccomp
+Build-Profiles: <!nopython>
+Architecture: linux-any
+Multi-Arch: same
+Section: python
+Depends: ${shlibs:Depends}, ${misc:Depends}, ${python3:Depends}
+Description: high level interface to Linux seccomp filter (Python 3 bindings)
+ This library provides a high level interface to constructing, analyzing
+ and installing seccomp filters via a BPF passed to the Linux Kernel's
+ prctl() syscall.
--- /dev/null
+Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: libseccomp
+Source: https://sourceforge.net/projects/libseccomp/
+
+Files: *
+Copyright: 2012 Paul Moore <pmoore@redhat.com>
+ 2012 Ashley Lai <adlai@us.ibm.com>
+ 2012 Corey Bryant <coreyb@linux.vnet.ibm.com>
+ 2012 Eduardo Otubo <otubo@linux.vnet.ibm.com>
+ 2012 Eric Paris <eparis@redhat.com>
+License: LGPL-2.1
+
+Files: tests/22-sim-basic_chains_array.tests
+Copyright: 2013 Vitaly Shukela <vi0oss@gmail.com>
+License: LGPL-2.1
+
+Files: src/hash.*
+Copyright: 2006 Bob Jenkins <bob_jenkins@burtleburtle.net>
+License: LGPL-2.1
+
+Files: debian/*
+Copyright: 2012 Kees Cook <kees@debian.org>
+License: LGPL-2.1
+
+License: LGPL-2.1
+ This library is free software; you can redistribute it and/or modify it
+ under the terms of version 2.1 of the GNU Lesser General Public License as
+ published by the Free Software Foundation.
+ .
+ This library is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
+ for more details.
+ .
+ You should have received a copy of the GNU Lesser General Public License
+ along with this library; if not, see <http://www.gnu.org/licenses>.
+ .
+ On Debian systems, the complete text of the GNU Lesser General
+ Public License can be found in "/usr/share/common-licenses/LGPL-2.1".
--- /dev/null
+[DEFAULT]
+upstream-tag = upstream/%(version)s
+debian-tag = debian/%(version)s
+pristine-tar = True
+upstream-branch = upstream
+debian-branch = debian/sid
+
+[buildpackage]
+submodules = True
--- /dev/null
+usr/include/*
+usr/lib/*/lib*.so
+usr/lib/*/lib*.a
+usr/lib/*/pkgconfig/*
--- /dev/null
+debian/tmp/usr/share/man/man3/*
--- /dev/null
+usr/lib/*/lib*.so.*
--- /dev/null
+libseccomp.so.2 libseccomp2 #MINVER#
+* Build-Depends-Package: libseccomp-dev
+ seccomp_api_get@Base 2.4.1
+ seccomp_api_set@Base 2.4.1
+ seccomp_attr_get@Base 0.0.0~20120605
+ seccomp_attr_set@Base 0.0.0~20120605
+ seccomp_export_bpf@Base 0.0.0~20120605
+ seccomp_export_bpf_mem@Base 2.6.0
+ seccomp_export_pfc@Base 0.0.0~20120605
+ seccomp_init@Base 0.0.0~20120605
+ seccomp_load@Base 0.0.0~20120605
+ seccomp_release@Base 0.0.0~20120605
+ seccomp_reset@Base 0.0.0~20120605
+ seccomp_rule_add@Base 0.0.0~20120605
+ seccomp_rule_add_exact@Base 0.0.0~20120605
+ seccomp_syscall_priority@Base 0.0.0~20120605
+ seccomp_syscall_resolve_name@Base 1.0.1
+ seccomp_merge@Base 1.0.1
+ seccomp_notify_alloc@Base 2.5.0
+ seccomp_notify_fd@Base 2.5.0
+ seccomp_notify_free@Base 2.5.0
+ seccomp_notify_id_valid@Base 2.5.0
+ seccomp_notify_receive@Base 2.5.0
+ seccomp_notify_respond@Base 2.5.0
+ seccomp_precompute@Base 2.6.0
+ seccomp_arch_add@Base 1.0.1
+ seccomp_arch_exist@Base 1.0.1
+ seccomp_arch_remove@Base 1.0.1
+ seccomp_arch_native@Base 2.1.0
+ seccomp_rule_add_array@Base 2.1.0
+ seccomp_rule_add_exact_array@Base 2.1.0
+ seccomp_syscall_resolve_name_arch@Base 2.1.0
+ seccomp_syscall_resolve_num_arch@Base 2.1.0
+ seccomp_transaction_commit@Base 2.6.0
+ seccomp_transaction_reject@Base 2.6.0
+ seccomp_transaction_start@Base 2.6.0
+ seccomp_arch_resolve_name@Base 2.2.1
+ seccomp_syscall_resolve_name_rewrite@Base 2.2.1
+ seccomp_version@Base 2.3.0
--- /dev/null
+usr/lib/python*/*-packages/install_files.txt
+usr/lib/python*/*-packages/seccomp-*.egg-info
+usr/lib/*/libseccomp.la
--- /dev/null
+From e8dbc6b555fb936bdfb8ab86f9a45fda96a8b7a2 Mon Sep 17 00:00:00 2001
+From: Alyssa Ross <hi@alyssa.is>
+Date: Thu, 13 Feb 2025 12:05:17 +0100
+Subject: [PATCH] api: fix seccomp_export_bpf_mem out-of-bounds read
+
+*len is the length of the destination buffer, but program->blks is
+probably not anywhere near that long. It's already been checked above
+that BPF_PGM_SIZE(program) is less than or equal to *len, so that's
+the correct value to use here to avoid either reading or writing too
+much.
+
+I noticed this because tests/11-basic-basic_errors started failing on
+musl after e797591 ("all: add seccomp_precompute() functionality").
+
+Signed-off-by: Alyssa Ross <hi@alyssa.is>
+Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ src/api.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/api.c b/src/api.c
+index adccef32..65a277a4 100644
+--- a/src/api.c
++++ b/src/api.c
+@@ -786,7 +786,7 @@ API int seccomp_export_bpf_mem(const scmp_filter_ctx ctx, void *buf,
+ if (BPF_PGM_SIZE(program) > *len)
+ rc = _rc_filter(-ERANGE);
+ else
+- memcpy(buf, program->blks, *len);
++ memcpy(buf, program->blks, BPF_PGM_SIZE(program));
+ }
+ *len = BPF_PGM_SIZE(program);
+
--- /dev/null
+From 614530bc8b3c9f49aa59d7eaef4863b746504c23 Mon Sep 17 00:00:00 2001
+From: Romain Geissler <romain.geissler@amadeus.com>
+Date: Tue, 18 Feb 2025 22:29:05 +0000
+Subject: [PATCH] hash: fix strict aliasing UB in MurMur hash implementation
+
+This was spotted when trying to upgrade the libseccomp fedora package to
+version 2.6.0 in fedora rawhide. It comes with gcc 15 and LTO enabled by
+default. When running the test 61-sim-transactions we get plenty of such
+errors in valgrind:
+
+==265507== Use of uninitialised value of size 8
+==265507== at 0x4096AD: _hsh_add (gen_bpf.c:599)
+==265507== by 0x40A557: UnknownInlinedFun (gen_bpf.c:2016)
+==265507== by 0x40A557: gen_bpf_generate (gen_bpf.c:2341)
+==265507== by 0x400CDE: UnknownInlinedFun (db.c:2685)
+==265507== by 0x400CDE: UnknownInlinedFun (db.c:2682)
+==265507== by 0x400CDE: UnknownInlinedFun (api.c:756)
+==265507== by 0x400CDE: UnknownInlinedFun (util.c:162)
+==265507== by 0x400CDE: UnknownInlinedFun (util.c:153)
+==265507== by 0x400CDE: main (61-sim-transactions.c:128)
+==265507== Uninitialised value was created by a stack allocation
+==265507== at 0x409590: _hsh_add (gen_bpf.c:573)
+
+Investigating this a bit, it seems that because of LTO the MurMur hash
+implementation is being inlined in _hsh_add. The two buffers data and
+blocks to point at the same underlying data, but via incompatible type,
+which is a strict aliasing violation. Instead, remove the getblock32
+function and inline the copy with memcpy.
+
+This is reproducible on a "fedora:rawhide" container (gcc 15) and using:
+export CFLAGS='-O2 -flto=auto -ffat-lto-objects -g'
+
+Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
+Reviewed-by: Sam James <sam@gentoo.org>
+Acked-by: Tom Hromatka <tom.hromatka@oracle.com>
+[PM: subject line tweak]
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+---
+ src/hash.c | 12 +++---------
+ 1 file changed, 3 insertions(+), 9 deletions(-)
+
+diff --git a/src/hash.c b/src/hash.c
+index 4435900f..01ff9399 100644
+--- a/src/hash.c
++++ b/src/hash.c
+@@ -12,15 +12,11 @@
+ */
+
+ #include <stdlib.h>
++#include <string.h>
+ #include <inttypes.h>
+
+ #include "hash.h"
+
+-static inline uint32_t getblock32(const uint32_t *p, int i)
+-{
+- return p[i];
+-}
+-
+ static inline uint32_t rotl32(uint32_t x, int8_t r)
+ {
+ return (x << r) | (x >> (32 - r));
+@@ -41,7 +37,6 @@ static inline uint32_t fmix32(uint32_t h)
+ uint32_t hash(const void *key, size_t length)
+ {
+ const uint8_t *data = (const uint8_t *)key;
+- const uint32_t *blocks;
+ const uint8_t *tail;
+ const int nblocks = length / 4;
+ const uint32_t c1 = 0xcc9e2d51;
+@@ -54,9 +49,8 @@ uint32_t hash(const void *key, size_t length)
+ uint32_t h1 = 0;
+
+ /* body */
+- blocks = (const uint32_t *)(data + nblocks * 4);
+ for(i = -nblocks; i; i++) {
+- k1 = getblock32(blocks, i);
++ memcpy(&k1, data + (nblocks + i) * sizeof(uint32_t), sizeof(uint32_t));
+
+ k1 *= c1;
+ k1 = rotl32(k1, 15);
+@@ -68,7 +62,7 @@ uint32_t hash(const void *key, size_t length)
+ }
+
+ /* tail */
+- tail = (const uint8_t *)(data + nblocks * 4);
++ tail = data + nblocks * sizeof(uint32_t);
+ switch(length & 3) {
+ case 3:
+ k2 ^= tail[2] << 16;
--- /dev/null
+Fix building with setuptools instead of distutils.
+
+--- libseccomp-2.5.4.orig/src/python/Makefile.am
++++ libseccomp-2.5.4/src/python/Makefile.am
+@@ -40,7 +40,8 @@ build: ../libseccomp.la libseccomp.pxd s
+
+ install-exec-local: build
+ ${PY_INSTALL} --install-lib=${DESTDIR}/${pyexecdir} \
+- --record=${DESTDIR}/${pyexecdir}/install_files.txt
++ --record=${DESTDIR}/${pyexecdir}/install_files.txt \
++ --single-version-externally-managed
+
+ uninstall-local:
+ cat ${DESTDIR}/${pyexecdir}/install_files.txt | xargs ${RM} -f
--- /dev/null
+python_single_version_externally_managed.patch
+tests_remove_the_fuzzer_from_test_62-sim-arch_transactions.patch
+api_fix_seccomp_export_bpf_mem_out-of-bounds_read.patch
+hash_fix_strict_aliasing_UB_in_MurMur_hash_implementation.patch
--- /dev/null
+From 2f0f3b0e9121720108431c5d054164016f476230 Mon Sep 17 00:00:00 2001
+From: Paul Moore <paul@paul-moore.com>
+Date: Sat, 25 Jan 2025 11:12:55 -0500
+Subject: [PATCH] tests: remove the fuzzer from test 62-sim-arch_transactions
+
+We can't reliably run the bpf-sim-fuzz tests on tests which manipulate
+the filters arch/ABIs unless the filter is safe to run on all arch/ABIs,
+which is more or less impossible. Remove the bpf-sim-fuzz test section
+in test #62 to work around this, just as we do with the other similar
+tests.
+
+Signed-off-by: Paul Moore <paul@paul-moore.com>
+Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
+(cherry picked from commit 7db46d72f13c172b290818f624c2966bd0db5677)
+---
+ tests/62-sim-arch_transactions.tests | 5 -----
+ 1 file changed, 5 deletions(-)
+
+diff --git a/tests/62-sim-arch_transactions.tests b/tests/62-sim-arch_transactions.tests
+index 4b23213e..aac6db24 100644
+--- a/tests/62-sim-arch_transactions.tests
++++ b/tests/62-sim-arch_transactions.tests
+@@ -14,11 +14,6 @@ test type: bpf-sim
+ 62-sim-arch_transactions +x86_64 open N N N N N N KILL
+ 62-sim-arch_transactions +x86_64 close N N N N N N ALLOW
+
+-test type: bpf-sim-fuzz
+-
+-# Testname StressCount
+-62-sim-arch_transactions 5
+-
+ test type: bpf-valgrind
+
+ # Testname
--- /dev/null
+usr/lib/python2.*/dist-packages/seccomp.so
--- /dev/null
+usr/lib/python3.*/site-packages/seccomp.cpython-*.so
--- /dev/null
+#!/usr/bin/make -f
+# -*- makefile -*-
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+
+# Enable verbose build details.
+export V=1
+
+include /usr/share/dpkg/architecture.mk
+include /usr/share/dpkg/buildopts.mk
+
+export LIBSECCOMP_TSTCFG_JOBS=$(DEB_BUILD_OPTION_PARALLEL)
+
+%:
+ifeq ($(filter nopython,$(DEB_BUILD_PROFILES)),)
+ dh $@ --with python3
+else
+ dh $@
+endif
+
+ifeq ($(filter nopython,$(DEB_BUILD_PROFILES)),)
+
+override_dh_auto_install:
+ dh_auto_install
+ for pyver in `py3versions -s`; do \
+ set -e; \
+ if python3 -c "pyver=tuple(map(int, '$$pyver'[6:].split('.'))); exit(0 if pyver >= (3,8) else 1)"; then \
+ export _PYTHON_SYSCONFIGDATA_NAME='_sysconfigdata__${DEB_HOST_ARCH_OS}_${DEB_HOST_MULTIARCH}'; \
+ else \
+ export _PYTHON_SYSCONFIGDATA_NAME='_sysconfigdata_m_${DEB_HOST_ARCH_OS}_${DEB_HOST_MULTIARCH}'; \
+ fi; \
+ dh_auto_configure -- --enable-python PYTHON=$$pyver; \
+ dh_auto_install --sourcedirectory=src/python -- PYTHON=$$pyver; \
+ done
+endif
+
+override_dh_auto_clean:
+ dh_auto_clean
+ rm -f regression.out
--- /dev/null
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
+
+variables:
+ SALSA_CI_ENABLE_BUILD_PACKAGE_PROFILES: 1
+ # job doesn't seem to be stable
+ SALSA_CI_DISABLE_CROSSBUILD_ARM64: 1
+
+test-build-profiles:
+ extends: .test-build-package-profiles
+ parallel:
+ matrix:
+ - BUILD_PROFILES: nocheck
+ - BUILD_PROFILES: nopython
--- /dev/null
+debian/tmp/usr/share/man/man1/*
--- /dev/null
+3.0 (quilt)
--- /dev/null
+SRCDIR="$(pwd)"
+
+mkdir "$AUTOPKGTEST_TMP/tests" "$AUTOPKGTEST_TMP/tools"
+cp -a tests/. "$AUTOPKGTEST_TMP/tests/"
+
+cd "$AUTOPKGTEST_TMP/tests"
+
+# build tools needed for tests
+for tool in scmp_api_level scmp_arch_detect scmp_sys_resolver; do
+ echo "Building $tool ..."
+ gcc -O2 -g "$SRCDIR/tools/$tool.c" "$SRCDIR/tools/util.c" -lseccomp -o ../tools/$tool
+done
+
+LIBSECCOMP_TSTCFG_JOBS="$(echo "$DEB_BUILD_OPTIONS" | sed -n -e "s/^.*parallel=\([0-9]\+\).*$/\1/p")"
+export LIBSECCOMP_TSTCFG_JOBS
--- /dev/null
+Tests: testsuite-live
+Depends: libseccomp-dev, build-essential
+Restrictions: isolation-machine
+
+Tests: testsuite-live-python3
+Depends: libseccomp-dev, build-essential, python3-seccomp
+Restrictions: isolation-machine, allow-stderr
--- /dev/null
+#!/bin/sh
+
+set -eu
+
+. debian/tests/common
+
+# manually build necessary files against the installed libseccomp
+
+# build live tests
+for filename in *-live-*.tests; do
+ testname=$(echo "$filename" | cut -f 1 -d '.')
+ echo "Building $testname ..."
+ gcc -O2 -g "${testname}.c" util.c -pthread -lseccomp -o "$testname"
+done
+
+echo "Running test suite ..."
+./regression -T live
--- /dev/null
+#!/bin/sh
+
+set -eu
+
+. debian/tests/common
+
+# make sure "python" points to python3 as this is not configurable
+# in the regression script
+mkdir python3env
+ln -s /usr/bin/python3 python3env/python
+
+echo "Running test suite ..."
+PATH="$(pwd)/python3env:$PATH" ./regression -T live -m python
--- /dev/null
+Bug-Database: https://github.com/seccomp/libseccomp/issues
+Bug-Submit: https://github.com/seccomp/libseccomp/issues/new
+Repository: https://github.com/seccomp/libseccomp.git
+Repository-Browse: https://github.com/seccomp/libseccomp
--- /dev/null
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBE6TSxkBEACy+4BPGoI7vphGh/q5WET0lmU7LcDwuNs/satPRH/vPoSYLxYU
+FmZ64A2zA4/imlohR+9VMfEVgOX6f23vZWheC2Z12bCtK0/cGLfoGMddFi7mg6aV
+hJeAegYkC6hDAYI+Mc/mt0fYvDB+bSPUCUdnB/NegbWegJMJur2pc0/nQqeeoRdp
+sazOyBEs4ipP1p05DZA/MifGNRASMHJg2bYG2FyC48Vx/xl0B+oactTwPODJlkQS
+n6+yYTcvYh7wIbbainEi0jBnyRj6bi6jODPTjArW2YRzEmPEkqbBsfA/HYEpH4DR
+IyZIJzqkP/+P+F+BVBjPVz4r6CWvCjnTMTlROfaUqIvfmpdKKtBDVN0Cjn6GVYae
+t9yoJM5bcJK+KEp5aNmW3U7vDMG2XEttw4vdfIFc9ZEWnu2kyiltQw9cUk3ucsIH
+79M4o24oVu2+J/z4QNGbRHdbxbO6c9R+IxAfiF/FAz5OhQfRHrDayfQV457cE/Ga
+ZhE1AeT7EdnXFF3G1RhTTE2lomQ1TfBSK6CyIyabU7I0R2Gh0aITpAE0fP4heZNZ
+zA8vPggdtRzgKgu4tC2is2Dg3NQnPc+k4mnU07LwmJuxCluN7pNhhlhtJkNWnA+a
+C2sV8zIicH7SAwmGoeMkp1kluxcdp/jGKsdRIfIDnVax4/t6VPL2+lKQzwARAQAB
+tCBQYXVsIE1vb3JlIDxwYXVsQHBhdWwtbW9vcmUuY29tPokCOgQTAQIAJQIbAwYL
+CQgHAwIGFQgCCQoLBBYCAwECHgECF4AFAk6TS8ACGQEACgkQVeRaWujKfIrtrg/2
+Kr2XYWu6jYDX2PSWeLQ/5P/VgGzjZI+AKaj5JyEID/5J31yvSKICjK3FWl+lHRo/
+LQzQx8f6gQ9FEBeDTndpa1t23XQGmBgEDAev6FHX3jmheFTkJJ+dEYpcgX7R+jTj
+mrRYjAFu1Jo2fIblBTvECwlKLxDvSzAvp5giHYj8TDWcYPlZcDqfq9Aq5p7UjkRY
+vAAUlkwSxPE28zcWPwgQuikcyVw/ObPpNWon+0TfruzindsyKnMss7mEpxUMhRHA
+WM8KACBUmScP2TC95xKzm+KtlT6E/pdPXItPXiFg5sg8Vf5Rco8j16+bDzviiAC2
+1Mp69wtnV8Mdsl1jiL65wotclG+SMcgUmyqD3rgBW3jSedDFFu6CHQyGFuthVj25
+eNUSXjhVOMCWQSxOgv4uN1jgk89paHJuBqHwKfk55ezQJFB1UlkJqH7LNJ2uVd0G
+o5PTE2mBbkBQ4bvSyfhlOUYbcjNUlZOZSHsaQPVXDUXCW90LjH4azg8jek7Yinyg
+vZBpxQurRj7honmoqqyBfvOweA8wDdjIYURFrA4kwYwN8d+xdIDv5Pu58U/ruus+
+y59MebQDhMr1BaM26QhgPZ6Ur/vHvTkW6bFo+Q0Rg9/abO67O00OZX/+oakt1BZ3
+Tb30L6nGu7ZosTXos+s9Leter/wcOk49JNd5q4WnZbQeUGF1bCBNb29yZSA8cG1v
+b3JlQHJlZGhhdC5jb20+iQI2BDABCAAgFiEEcQCq365ubpQNLgrWVeRaWujKfIoF
+AmGcAXsCHSAACgkQVeRaWujKfIrrkQ/+KJC70BuhVTvKsbgpvKm97ANaySDzYaSZ
+vWxY+Wq7nf2CxV3Ru+/33bgnR5jzfO6Dao8RYuvE9bEZrnvb7Pjh+/9WkM+4jItQ
+0mbRfc/ol3VKTtHE5CcCemH7IoA4BErvkaKtePFUzCCeIufrbJlxjdBirN8ck3qh
++cq5LZJNXRYthh6UsEOYiR0S0Hb5CYrGCKAKngZrsjmoQr1m1pPEM5ZdoLHn5vD9
+1gKVPcqVEsJsL09Pmc7q+3zYuGA5kD89b3rHJS5iamr7m14fXbsVJb0e5F3ybBb1
+eSIr+CMG4HByruajAxPFLokA0Gpz5UcttqjLd2VOz07mMq3HJ3qS+Gm5LbXkBOy6
+myMqa5YQ6WWbDlV8Yikr5Jzyod9lsELp4s4ury3h3X5bsBp2F87ew9ptVIcygm+I
+BNoD3SGKePmxAOvB5YPRfIgkpyqLWNU/rMYNlDK+V0Pf9wNE9uss3zeG6EHnBshT
+LIJwuwhVIFaVg+GuBxpxV5UbgXPl2XEQ12tasp3ye+Ifa5EHLNRmYK4kw/8ZuEoX
+Eawf+IbL5lLaJaKHofVTwzbx8CVU3SHCy1eFBxzBmFwB0YEnWflWZB1ys4Ss6g3m
+fUa8VnPhZDQ+G1j4o68YJzuXVjl+LYQ4dBYtxZGIwBBrVfMgvna3U55Zi25kMoQW
+L0qsI7Zl8wy0HlBhdWwgTW9vcmUgPHBjbW9vcmVAdW1pY2guZWR1PokCOAQTAQIA
+IgUCTpNLgwIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQVeRaWujKfIqz
+kw/+K3xOpXohVdmH1fqKgltyE1yh9P4vvj4GMdenOZ2V/RrC60Ksp1lNbPnMLgDt
+eudqbks2D2NpmvjihQ6GfAgrCbXHGbYoEgaTLucoyKdR+xKViV8nJtImNYDeG/d0
+ojgWl3vGzLXkINyZ8APk19B5bsoPkjRTz3Mqx0XIYJlXTfFZuu8Y+K2dw8H5KJ+O
+nb2VaYbA7Bjm01yDsy9vLm+LpmK3rzpDjCNjOaCgIMoqCTpBKj9UCpcmfw9G225k
+CsN9yStov6EtezHHVbTNopWL2p7JHef/758PE9xzmtAix31NmPueiOP/moaOgsI/
+AUNlpH3u7wy/v3n4hOswItE9gB3wMT3h7eyNkrxH6EK0PRen0qBo1ah+cDhwgdDJ
+ZoojmKzg1pP1jrfxZ7lGRNpisULR3FKCJ6SacHSmiANTr2yYU1rbqvQJfzlxB/hg
+phRFzXGduZILKH6C8gddVIaCWYZeAonjfqpQEUKrb8GV5wtmb8uTS9DI90KvTxnM
+9zsBR9zWEB74+JntEOSEnNBpQ3e5+O9zJ4wYehR6No7cb04MT/JVnpiLwdA83sga
+bJ6HvfFqpy/k+lKt+kr7KNHXdYZ2Lo9EvUgF+96tzV9e3FcHLAWFXij8lq2PpetL
+uGxTkQnjcCcj0Kpr7wUGMsiurN8AoeeDepgoDdHfjr4vSk+5Ag0ETpNLGQEQAO5S
+BPx8kOaU0mmx9DiSmu/JjSXJEPtjbBMFKRI+OfQmubNw7yQk+2QTlEGi+XLZJSoI
+wciPtwUiE/dLMIpur3TGMUq0uyKUNe8296XVeR+SxUEgr0tQ3eOumplhVgsm+mVp
+d4O5Jn+cRBCKG/TyzJQnt+4LCF6fTNIW0SDlSEnqgolqeR5HDF8DBHeVx8Rjeggo
+BvOr88RDpyyqDHV0CMZHpwOIIJOXAgaGHdBTFER+dxM54bnHkt3rjUs7u9fh90iY
+yHYyI2EA4aRxeoF6CPrvDUlrGfXRJ/7PvXv7j9nGLwD5kdNWu90MlSGUtt3qPa5j
+KpTyTYyW8m0PNbmh8UKgOZYwu1lqmJe7YmvkEimDBMjJB706pzz4Sb4IbEKCTmnj
+eo/6iEFiJeX0BBDS0c5HBjukixAzisxIAAWUsD/Vn3+O48sw+CVW+9agKSOtJt0x
+gfNvbwWrxSJBzc4b6/dZvugH3lL2ZVpRZgt7+AbKh/90s8MEFNvHMcud2vxAzsJt
+jAyS+MJFSztmIdgmf+MdO1WbY5hphusMlTqvvRkN3J0zxIMp32WLHT2ppf0SZpGw
+gJg2x28leDYU9UQoPNN7YWWV/B8yXDNp8sLrRpc4tMcb+t7T+PLX0wFemo6skOY3
+kRigqv86TBPRoa/6B+NeDZRnKJmFNFEORY6XZPHjABEBAAGJAjYEKAEIACAWIQRx
+AKrfrm5ulA0uCtZV5Fpa6Mp8igUCW8Sp1gIdAQAKCRBV5Fpa6Mp8ihk+D/41514Q
+flRJK/jS/OjLLA1PkvRs/pAmBDksRTxb4caZpMfkPWNkl7oGk4afYfSCFB+pYbQG
+XmIpsxguuzm2YfhL9EiHzduMb2dpz8yy49aWsv9n/zkNIOy2pQu0qWhf+5yK8a2E
+j9y8r90AMP2Qnj/PlNAgldDcNia8XJOtcklzkVvXYshik7MzcM1kDj1ATi5TMNgc
+Y7nUFtA48vJmKKsgclGBFrW3BoCdzEj8xNEYFjy4Fbo3cw7pxg3iXfUgXiNttCC8
+QB4gfeiWWMZpFaM+Lawez8MgN6ZYNfQl48GeSXnYimaL9NiRtGhjaS9uu/GMCQBg
+wizDYQYvYA6sd13+q786ivwr0d8ULOv2wI4gAhR0lI79aEPqe+csrdHJVayTmgd5
+IegyAq/nWWLgbzxm5bNMjE7xLwkca49K5qXfcLSNmU7zempPfuXPWSOzfrUCmET6
+J361YoFUflYKFktFDIeSEHnZHHzDtb19kuYv5pprQz0/Gk8nmqy/2aUaG2vFL7k4
+v45LBk5EfUMCsQUHgViMuMaSrXXbadvUSRQBZpt7r7B0xn0SJtKABp20oAKKEEqm
+Yr/W0L48z9JmlnOwPbjSLKSo+AmhIw7bajMzxruRsqZTAxp5hLpXV21Icgi5UV81
+apsbhOOqtBtr5fqsIsMKGA2rjaMry7xytADmW4kCHwQYAQIACQUCTpNLGQIbDAAK
+CRBV5Fpa6Mp8iqQaD/9L2zMdzYznSOnApTz1SHhpgbi8RKaKy88jWTz0AxZGrYF6
+cKv8BH2fFgA7phlONcWhUvWpEEpP208EY52c811lohRocNhSlXgWXHYCiG2vydsQ
+e9HEdBB6bUOO0z8g2DPcoBtUGWe1gDZddRW2VbqN2ts8Wxebog2YY3tvJ0ocMo15
+0t5c0koldlStav/zM2eipz+zTjfsN4Xy04q/WQ63FIbub5o5jcUJj1o177I1VtA8
+eEumsfnMMRgQBfz0t2bEIc/ZmrsuR+j/H4WlBAuIarNjWtIylH/eVJhxFtXGnCI5
+mO1gN90QG6IpwszcwEPJf3gU7dO8r+HXeTBifLYB/JnzGWixPaekDgCrNOZXz+48
+KEJEoVXUxsnqa8PRIUO5OtVRq3mk2uwcIHqPEBLb0yB6GRQjb9jQqBdRPun2Favj
+xWRuTZBGS1RItLW8bmAJz1d/ySWizRqnoz8U0s9SyGGHx5OsyJJuFO6FFr31m7WZ
+G5LPfQJUNiyR2y9ZrjdPbwXmchywhTLqyTb5N6j5RfAdn74H379tilUhH5c7ieVL
+t/RLTtWXEnkZzsO7LvP/3X0jHt3eZD2WzvVg4llZFvnuie8C0/yCTwhc2xMJOLd2
+WpH6ZKHNbRqv1a2xg8K2KGdhlZrRo/AYbX/FjZ/k9klZwEjFsefd0Ff4mojoNrkC
+DQRbxKZ9ARAAqZyNg+6knihhIoR7SL22QITesd85JBC2iwdvjJoVmQHU5s3xZiVN
+vA1zS7gqscsuxsQE2gXT0eYD8quC5AP8ak6guZyvc02asbasIfcUxQnIVIZnQr6E
+pBct0dXGZYny1Wq7biAR0F3fV32JCTKKeMIbGz3G8wyfSWFKh6bqsrDQAIR4Hryi
+M2fdwe51uSSAR39f4lTEpwu/pd4EizINJ/tFGpRokEqYM1Ep8n4J6CYwW28kEyTK
+zoRkiR74ns3Ak9zjnLZ59I+SNA7lNSESeYfjGeDaYFdmMhwk13RxPcdQxhPVrhMb
+mxY4gLybYHGJMHH6sqqW3CtiCAljlL/lyW6wKZtD3WnJcl26yWUWdPEATlvXGfLZ
+65L2+D7ZLYoIh808vS3p6Fj+5Ul1Xq6I7t/oPooJGmvWW4FZBzpA0a647SYTZd8j
+xGitEaZS6Seif8rBr47hvW/6VgLF6bbH0jeEwgiiAKjoOP0SDYsjOWM8yCKi3L8A
+c5vGsBaaDLHsYQQVCS3QQtxdrOdwGSVJB/jWCf5WYJwwPfxFWDwDhgl7ebvzrWcg
+sic8mA+n2bS7IUIkUXQzJHgmflvPPh5oMQNwpOr30jyD8lVBmEGKkRM2anwVVRbg
+Dbn66/nQWGMRNEetc2DCXVy/H7DbIR0eZpXB4OBDg3Z4TnkUniLkvrkAEQEAAYkC
+NgQYAQgAIBYhBHEAqt+ubm6UDS4K1lXkWlroynyKBQJbxKZ9AhsMAAoJEFXkWlro
+ynyKriEQAK00HLBi/+U8Pi+INDsVHh9fxO00OeFK6U/X+D4z49Ej2Xr6s7Ff27kX
+pq+m6qTceWjLy4aHqAKHauGtBpgvgV/bnHxihC2r4EXkFqcgJRRaKfPzAm6J6qvt
+Oz3TvumSYn39FSDBhQHVjmm80PVTJGEOImxfnrU44FjaSdFIhYVDa4nPnk9NLRzM
+xKtlnYG50v28ADbBBe5CAN5JRe5ZGBuTBTeYE21rLB3mr31J93KEfQCVapsfpmyX
+VIjMYjK80TkXqVDtc7PFycyzJDm+YdghJZNbptC3xiPU/0Wd58j+br98VOWhv0ad
+qML+BLL44aQE7fr6Lat4mZNoZMMpmJjGyqWevdLDU+7U2EuROnV9POTUZhEKcv1P
+oF/1ea7FlCz5kNlCRKCIs8ka4cavzu92Yp2qZA2VTvg3njwa3Vw8AzipYQ0NlXTK
+f7i2zoPB8bNjfga55+U7OhQA3j/edRfVcU2kVq6aTrfXkUIMWrGBPYRMxUutXlmN
+6h31k+fT58fij5rkevUqGwaxuWO6mL5UMR0FLIlYUZTww5TrmZNJ2yu0EeP2l+wM
+Dcadm8qO3HbgjnnLPrkrAHFoAPijIn/Mhsx8csB5t+HU5+yWNDKKndN59PVGONyy
+EjQtWrXf6tAU4ozKc66FPuIt6Jni90khyUQSSUjMUsVOUl1fwwTGuQINBFvEprEB
+EADkKGgC+C0itckM2yCYOIaI4ifojiDIc9gRvc1TadgieL3sn44B9HlG0q/JFw9T
+gZHcPYSbskFyLuIQEb5IeNR9TfQUw0TF7eVc3omVEAUtJiZU0OhCa1+s/mOPe9Ds
+D1x2E2RuxHAbU662PbPgZtCZwUK+ZWeE3aBloPLEMRmSGO/c1GGI5Xup2gWUNEBV
+E4H8im8eJ/IM16iGW6Y/0q2xnLRb3t+hw/mFcJpHIyCbsSgSjHFX00UNQBtT1aqC
+Mlf4E3Jj21TCnAvC/UtIsZFq6plYZDSRG5c5ExITdFheV482rG8QpFBnCduAnaDO
+edeS6Qimqjk0srqL9mgyXxqzaF4tC06PdzPsWgaui4v5FVG/UuymNQkg+27rsPQg
+K4gFSWQWArrwcqePbQcGFklYZ9hlEYe5nsfdTbCdh+zr3i8oGBB0r0/ktgEQNZb6
+SwxBvC7yLiqPEK8JgpBOQDuFlOnOtoJ62o1sEw1NEd/L1zmw9HaroLob1ci1ojhF
+VmnFFF30zeoQi6KlJTgIoyoEph1YYyLNp54CnUfzyzkIlYyqTMcQ6MkrTCZH4JIS
+/L/Q/1QVN/fEMATgR1xQ6LymS4Tc99ilNzGtqRPkRmWAREHggFgSudTDXXKbHUNK
+dujt9x+jafhlkR0sK7bztNBytFneHjpjuS2NgIklHStDVwARAQABiQRsBBgBCAAg
+FiEEcQCq365ubpQNLgrWVeRaWujKfIoFAlvEprECGwICQAkQVeRaWujKfIrBdCAE
+GQEIAB0WIQRLQqjPB/KZ1VSXfu/qIPLalzeJcwUCW8SmsQAKCRDqIPLalzeJc9H5
+EACCxvzjdeuxKiatlTTAg/3uEruTOf0c3KLBJPtMcZh8ozk5/9+kxvbp3jUq/iGj
+XUnh/dui2laXGrkhXQim3oCo851E7ZjH3SUF/ok3XzuyU0nWQAhR0FEr2uEbOt91
+TE58oSXUXq8axrzQC9GgMg3Uxua3PwkkI4+vNwCRivU+4mbm4JASlqGGPI7SYp7E
+rnj6foBXrSIQkMhtp0quMqyIF23epf5CXbKqusRM+NpmxiX9rj0PwRGw/4M1o5vL
+EVACfdbtJR6s9yo0ODM3bFPjJv54GXcl1s8JXwtuEGxwK/XJ1sGb7S3b6Nhu84oD
+F+z8jMHxKuZe4t4BUtDJ8ty7bxqh9QEv2CXMw3sqJw7UdoAKbWJcgRzgX7XY+4Va
+GUtEDTbLNgdJMB6klji7X4DB1ogVxavG7p7cFhltq1F7O+4LymBvUwdWtDWKdR79
+hTjlAlmPac7P1gTpFtLORDomrcaA3wBSKCh+xZag3+wp69yKWikurVwx/uwd+UAa
+bWIDCGON7/hoaiBBC5GmKMN1Z503G0BYtFXwcYfxoMocnYRcmlLOXY5JQmdPdZ0U
+WHg0slIQdZ5a+xZ7iyvdf65umCPiFpsNo92erq5Zw+kzWDxX3mc1w6CYLZUbHBxU
+C9vxwiIgnDm1RXfB2wrx5jaTHUcSHfKqIDq/8uS7thWL80cxD/wPDTasKo+811pO
+cOpY+LVZO/egeIDzWdDVCF2HlKGxLbrj464eEkElTpbrwAwlef/Krj+H3cP4jbZm
+qE6mKpoaRwKxYD/YIx0O7y9/nhwkCKldIXYbC5tLfKJeQKz9wYDbX0t0XEH95EPW
+kHSGLHM+Yk7wqXJ3FazFw8c98Du2CspczRw1Be26NRTHPRz3nXCm8xvwURZ6cGDZ
+/MNuMZa/fqNWBM8IHOPDe3Y3ALGJeygiCqvNr1q23njzRywOMqNK3aktUT+4yJTp
+TFn8RfiBjg5MAn4rjFlaN+YebjD7ngNMchHxqG19TrSuqZHhatW9ZjWAla/vuHlm
+iY+uHL94o8f7APjYudaQ9XR68FEbl+RSIsUSZtGsMKCYMW7Fy8ueDxlYGrTaGtVs
+eJZ7f+hwN9jLTOyJtDTCxgLdvfBg/wCK92wJ26L3rzU42scKTvCpTDS4QDamLRox
+ZYbnBn0I1TsTlNHN0C9cASebNGzZbc+QvC6gkaaoyXON79wn0PyGc6mfoOdcCVlo
+DfcAI+tnaA+MeiZVYNewGZulkaBkI7Jcg1LgRN2bWXdl16XOz/625n2UAnK9VtYf
+JqAZJ21Nnjo4v3FC4BjN2PFuVd0cDYA+yBRwyq9SNfT8gRDK/kJPilR6bMNPUsTr
+aiR3Y7Ssczq4C9Kxvp9FWMenZdi7eLkCDQRe7MkJARAAu1wXmuFM4hRX3Wuj7qDA
+cqX/z0WFZ6j17LsnoX6ZC4qE88QUYuUwNfuSbXjzB/EqCeBcvnF9hbU9wjmJUFzx
+6DBalGWoZus27FdLE491l7S9nFWfQzqGs6wAIac+UkHTEeMwVhFMREMfHyakUWAG
+TRLyKMeLtj2I/7Uemm3yzWa0nYP0YpH9CVS+hCmL7FOlUI+OYTzSjMl5khlXPoGe
+eno2XUmxCFTAtpWI/Bsh1Mjeu7ArFY8194X/NtCK7mAlxc2Wd4L57yDKaaAdvyVJ
+T2E3feQoi00rRskV2Vh1g0ss3fRdlpsJzLFnyGwdoGiFqQvby96l+7vC8hwu7jZc
+q/5B1PWqohKqKy85/3oCGSO7SFRJiZsmTjitT3N8hcDLEF7f5gaJdNoTTJ29g4mh
+tn/v4oVPiXn2hon3GkbEt6OdEDmsGiaOYzKYhlR8eQk22e4CzoaRwHVgUmTxtgcp
+QJX8hOhag+Ty6kFfZz6lE7xhCHdbNdsbv9bRCsFNwm5Sqf0F/Ud6/G/bXGi/tT03
+RukzL6mJCFygkjWmrz7rvq0pxNl8LlA2Yf9CBQWPzGeaz9qX3eAEBldBrYBwE7hk
+6kHWAsxDikbTa5oEI94YPldXLsEW2uaQm4T9JrTz7Qz98kW203JUnVeExDXFrZKk
+n+49N5Roc+AMj4c0Md3ZgyMAEQEAAYkCNgQYAQgAIBYhBHEAqt+ubm6UDS4K1lXk
+WlroynyKBQJe7MkJAhsgAAoJEFXkWlroynyKqDsQAKwK1wxNbxb1ge3aFqU01NuI
+/p9xjj1ui9UPggMSiL+3FedYfoet2Z1vLChVG6iXltgvZ/wghUDyElZJz27fpKmV
+m+dzXAINlzfQlj83hR1h8dF21HjVRGZgRaADMSwfqGc8i/DnlcAo7epYgfyPXLTz
+IxBY+Xa0iSqFkV2oeRQBQ/sCs98A5UWSifxXfDEwuCi+Va9WyoZjByctChvgRR50
+RoFDtOOGXNYNQ/nLU2wdRbVrKAWBqXpaEMYulsRB37NsRAmSkSRTe7gFyethfZA/
+Lsac3L4j3+oIp5KVFPxe9vXUlx+6lH/Woj4TpR94nDY2YErT6RLjaHpGG5zfvaAd
+/VeX43XmjPymy17bj5ulH5/iL2XIHb06x91uTFagzHSTuWlElVUBpwUKnkU1bBdW
+PUQGCsOf8XNpLKOJCkHseAoHqW96rfPoFDx94aIpuxT7MfD7FmldEQHgdKxyAk7w
+0y0ef9nfC+FWGVzCmkoDIvHaZdRAjxiLNfjlBux0bLCPmvzlSMsiDKSzvWkHgCjb
+YrT0RSXIF2ms+55f7RncHbhOPemwGv6VoMpyk7Uj9pqmCyeIDuidAUF7bjMvVqsJ
+qhlLDKXXX26hyimY1orGzJvu/y3LideO2az9mV6dBQCJy+gTvFFZBmDBJJZAD0r2
+SLnfENA1O0cRq5UbtxNOmQINBF3C4AkBEADQxp4jfxmbJ3t/ZuKcsV4JxG8mhuGX
+BkzMB0k2uGULCpY4yh7dsN4PBU7PuHgUMkxJnJlbg0xVR2nux20INzroYn8xzRe+
+jSmKTW0fTvNH+Nxyr4k+KgqmVZCcfyvwXuL7IOfG5luc/oSXJV62u+LHP891dVcJ
+lVN0Ef9i5Sz9iRkkMUknwoTrOK9q1nZNOA+XoLMhCIdyWIPx6jFmPxfZpgEJw6YI
+eyOSRIPYtH4twuDj50bzQuTTfQ3ph9FdcXVLYwP3BayvfFasGhyJ6caqVW9GpMDa
+/OPvteNmt2WbqaRgcX9CWWOKonhFqkaWAXj0lYFkM65DTzSUKpNtoh2MRVA7qyGZ
+2zlHocNWSplQ8VJlly6ch9O95UEXlSIJFxAi/7NBNuG/CekHQxxQZhdslUe7LIsu
+jlKS8Fy0bpYsTDPb/g+rUuIHWCOhEC+B0qOYVEf+wcc9jTQjZf6NP3zIV4dO+Mc9
+GVT+d3Kz0y11g1ON0b82qy2ONvRys1NmqXC2vCnXzKCQ6UTHRYt+EdV0nlo59G+l
+olCnT8t1sW7ezuByA4zWMI6hLyk0NLb8xwPK9BT732RGhzba7a7EaArTBsPA3rWv
+ObC1kQWSaw+ule5rmnTL5Q4Jw3qDhgM9b2Bg3hLYP5/UU0INq7krH413Kin0C29T
+1aNmLfMTfmS5EwARAQABtCZUb20gSHJvbWF0a2EgPHRvbS5ocm9tYXRrYUBvcmFj
+bGUuY29tPokCTgQTAQgAOBYhBEemj843x9cCT9ZeETVs5iwrUkCZBQJdwuAJAhsD
+BQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEDVs5iwrUkCZNL0P/3KFyrWXW5ou
+PuAzWeMMUZrQmyz31T70iVSS8PtPWb8S2QxQdzgpdVPrvxT+wfq5zJbdz3X5uPvd
+OXUeyv0bAQRqYQVX/tkz10zu6+m+Bgx0H6I5Xk9F7EDvag1EDDs/BDSLh9VbsTll
+SaNpLhFjSRj0dVmE1DgaUDX5F66npYMgSIspsAjEI1MZ1PDYQfhoyxEMiz0ld14y
+v6HE7hBPekcQW2mAWzlpZmgw9NVIcqShy3znJNGGpQUbLEtGbrv/wRMNWjGWPJyf
+E5dLDvkfQjrdsTRWv5+Sd5/z3fwp0G8dUq1iWeegu6mFe0KRLB5z3lcc+QJSlWet
+yyoYWOhq1Jzn0QHjakZp2Nb4rtp9/b9TdhvD5cOjpsECmL5qMri1mn/j4F63AG4y
+LQaYrwwjWzDcz+jQ8wNuyl7cXQFD6UYbywC1tC9DE0VppV2nOirtTOPz8+etXMx6
+sg40STJ4dbYn/gJLhiycSaUAqGkSHpC24FbcvkVwKz5MBUYuLEgNH3RyNKVgnb5J
+WZofE7ehOVCc+VAmzMyobjE+71FRXlPdmqD/im4vYDsqzb15wX79VsXqI0bij+xV
+YaR7GoQbTfVQ0a6f6slWex6PmKOnZTjfLL7sEu1JhAteqlI9I0NlNJBF/y32T6lQ
+pO+3CJGhY+2rSiCpnI31NMusAkcufnxquQINBF3C4AkBEAC9ReOzYf6nryTLn8lG
+g6M0kpMX3P7v8GlOV1hZ8hTDlUETpo+xxR3FvNjWEDNyuawCpvNz8Pu3OKqxKDIi
+vyVdJNEc335glsMY7BmAevLvAtyfjb0rOzOXqLfhdsn108Nr6Ai+lkMs8xlK2hxG
+I3qpDHzImOYmhWD4J181gxlj5Gaj8fOyV8JZvfY6AZcei2tzlmHpj9SSh7K59trU
+ZtaUDljUeVAEP4KfU1sLEYy3BUzS+eb4Qw1tleui+89E/J4zPrgwwuLg5OU+ScTi
+gfbEF/05MMUAySiKieKhp8IFsT41+FXOlotBl0wz6Jbo4HxNtY5Ptrpv6BOrBlYf
+hfhZeANk4+y5OnLqRjjgTvf1p9CHmsgs6sx/lkNyXpzoxKR89RzxHxnrgUATSa80
+JK9o/0tPZkN33HKJlkSndPQEM4uLrTsIxvNsBSOPIKC09siMbbBeI0t811P1pMh8
+zvTnRl2FSQjiumLoVhr+xxZ2wWiPxztVQkMLuuWXkzcxQUfuw5nEQCH+WdqYKNmV
+6rw2kU6j10q0kvvspWPMTbsI/vBY3KyiP1F8dToXiwulNT1U05NGJ20YbzEHnYEK
+atBq9ZILLx63c8eLZ6VppkAE0ZlmgsOvn+zIcv81P4x9mDLvuqTOzRj/RuDAY6qJ
+HuICpsV3F5A03z9ne/Z9u0mwSwARAQABiQI2BBgBCAAgFiEER6aPzjfH1wJP1l4R
+NWzmLCtSQJkFAl3C4AkCGwwACgkQNWzmLCtSQJkiQA/8Cm07bQf2FIKTdwRECJO7
+pvpuc3zE1XsSuLyu40qpsWX24Ll97S7cpOK7rN2jSZ6UDoXpNgXViOzma5yiC+GO
+6UUWxr8xE/CDXeuawxHUt0Xrn+UQnWsirsrZifjVPkXou71QM+kaQ9qXy4liOpRa
+Jjf8B7iz3ilgMUACnMcwOVn+jbswLQpNetsKk+vrLwQlILPkWcKGxIu1Iro3E7Wo
+IPojHHtT7Co7mSRzaNI00VU7jMwZwXFQL/IbeGsKlaAyxh1BzRLnLdPN8hxiYtEq
+2IG66Uq3EmigtwOvh06d/Qi/gBH6CWxdahRk7HwATyrNvbjfduzNnhF+lPA39iKr
+I5+IGasK6Lp9HklUJD0Q9JK7yac/cUj5LptY/PBFC7eJKHJLyohmvlXYgRSeAXEm
+7uGpU5k/jUZDM4Z1o5JboiNVQoqDWs6iDYJb82cRjKKlvC2d2lFKxtBOR3xJZUUs
+IpoQrstxn1LA5DcBosPvd9ISyIZs38UyJNTz07GUedEpeE3YhLkesc6n2iL9D2Yj
+z/S4ANukxl9YZDW+EFS8LtTchvK11OHWubvWxWFV7txLFmkBYQwk2krCi2MVguRZ
+Gj8bodqjty1H8ZMfA5NYwAKeyQmsmTHqNmR1Ws/cdQCV7+3q9RurlUtY1AVxx4Lt
+nS16GX+OVCybWzbK1uqLrfo=
+=RyUi
+-----END PGP PUBLIC KEY BLOCK-----
--- /dev/null
+version=4
+opts="searchmode=plain,\
+pgpsigurlmangle=s/$/.asc/" \
+https://api.github.com/repos/seccomp/libseccomp/releases?per_page=50 \
+https://github.com/seccomp/libseccomp/releases/download/[^/]+/libseccomp-@ANY_VERSION@@ARCHIVE_EXT@
projects / libseccomp.git / commitdiff