msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V9.14.028.2026.06.18
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Has been cancelled
Details
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
Details
💙 Generating a PUBLIC Live ISO. / 💙 Generating a PUBLIC Live ISO. (push) Has been cancelled
Details
🔐 Generating a Private Live ISO TRIXIE. / 🔐 Generating a Private Live ISO TRIXIE. (push) Has been cancelled
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2026-06-18 10:49:41 +01:00
parent f31ac3503f
commit a8454eeadf
48 changed files with 189 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/CHANGELOG.md
+6 -1
View File
@@ -8,10 +8,15 @@ include_toc: true
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 9.14<br>
**Build**: V9.14.026.2026.06.17<br>
**Build**: V9.14.028.2026.06.18<br>
# 2. Changelog
## V9.14.028.2026.06.18
* **Changed**: [0024-ciss-crypt-squash](../config/includes.chroot/usr/lib/live/boot/0024-ciss-crypt-squash) Explicitly permissions the runtime rootfs attestation cache and fails closed on cache creation or chmod errors.
* **Changed**: [MAN_CISS_ISO_BOOT_CHAIN.md](MAN_CISS_ISO_BOOT_CHAIN.md) Documents the rootfs attestation artifact custody path from build-time `binary/live` creation through the `0024` runtime cache and `0042` verification.
* **Changed**: [README.md](../README.md) Documents the runtime rootfs attestation cache handoff.
## V9.14.026.2026.06.17
* **Updated**: git.coresecret.dev nginx Mainline 1.31.1 custom build with OpenSSL 4.0.1 to support PQC KEX algorithms:
* * ``MLKEM1024`` ``SecP384r1MLKEM1024`` ``X25519MLKEM768``