Sigsum-announce March 2026

sigsum-announce@lists.sigsum.org

2 participants
3 discussions

ANNOUNCE: sigsum ansible v1.7.0
by Elias Rudberg 30 Mar '26

30 Mar '26

The Sigsum team is happy to release a new version of the sigsum ansible collection, version tag v1.7.0, succeeding the previous release v1.6.0. The release can be checked out from the git repository as git clone -b v1.7.0 https://git.glasklar.is/sigsum/admin/ansible.git See the NEWS file for details on changes, excerpt below. If you find any bugs, please report them on the sigsum-general(a)lists.sigsum.org mailing list or open an issue on GitLab in the ansible repository: https://git.glasklar.is/sigsum/admin/ansible/ See the README.md file for installation and usage instructions, and the HACKING file for information about how the molecule tests can be used. / The Sigsum team NEWS for upcoming sigsum ansible v1.7.0 Changes between v1.6.0 and v1.7.0: * Support for installing yubihsm-connector through a .deb file was added. * /etc/yubihsm-connector.yaml is now under Ansible control. Those with local changes to this file will have to adapt the Ansible template to meet their needs. * Bumped community.mysql version from 4.0.1 to 4.2.0

1 0

ANNOUNCE: sigsum ansible v1.6.0
by Elias Rudberg 23 Mar '26

23 Mar '26

The Sigsum team is happy to release a new version of the sigsum ansible collection, version tag v1.6.0, succeeding the previous release v1.5.0. The release can be checked out from the git repository as git clone -b v1.6.0 https://git.glasklar.is/sigsum/admin/ansible.git See the NEWS file for details on changes, excerpt below. If you find any bugs, please report them on the sigsum-general(a)lists.sigsum.org mailing list or open an issue on GitLab in the ansible repository: https://git.glasklar.is/sigsum/admin/ansible/ See the README.md file for installation and usage instructions, and the HACKING file for information about how the molecule tests can be used. / The Sigsum team NEWS for sigsum ansible v1.6.0 With this release, all users should upgrade to torchwood v0.9.0 due to bugs in earlier versions of witnessctl and litebastion. Changes between v1.5.0 and v1.6.0: * Added support for per-log bastions. * Added support for periodically pulling logs to witness from a centrally managed list (e.g., https://testing.witness-network.org/log-list.1). * Added support for using externally managed TLS certificates for litebastion. This is useful when using challenge methods other than TLS-ALPN-01, such as DNS-01. * Added support for litewitness -no-listen flag, which prevents litewitness from opening any listening sockets. This should only be used when relying solely on per-log bastions. * Added support for toggling debug endpoints such as /logz for litewitness and litebastion. Debug endpoints are disabled by default. * Deprecated the variables litewitness_sigsum_log_keys and litewitness_vkey_log_keys in favor of litewitness_logs. The old variables will remain supported for now but will be removed in a future release. * Deprecated the variables litebastion_host and litebastion_email in favor of litebastion_acme_host and litebastion_acme_email. The old variables will remain supported for now but will be removed in a future release. * Removed the litebastion_h2v variable as the corresponding flag was removed in litebastion v0.4.0. * Bumped the default version of torchwood for litewitness and litebastion from v0.7.0 to v0.9.0. * Bumped community.mysql version from 3.12.0 to 4.0.1 * Moved molecule tests to extensions directory. * Fixed various warnings in molecule tests.

1 0

ANNOUNCE: Bug fix release v1.0.1 of the Sigsum Log Server Protocol
by Niels Möller 19 Mar '26

19 Mar '26

This is a minor bugfix release, see NEWS below. The updated version is available at https://git.glasklar.is/sigsum/project/documentation/-/blob/log.md-release-… Publication on https://www.sigsum.org/ will be updated shortly. /The Sigsum team NEWS for log.md, version v1.0.1 This release includes only minor bugfixes to the Sigsum Log Server Protocol, i.e., the file log.md. Bug fixes: * Correct description of the get-leaves response. The fields on each leaf line are ordered: checksum, signature, keyhash. This is the same order as when serialized for the computation of the leaf hash, and the order used by all known implementations. * Correct table-of-contents links, to work with gitlab's html rendering.

1 0

2026

2025

2024

Sigsum-announce March 2026