Revisions of libtpms

Elisei Roca's avatar Elisei Roca (eroca) committed (revision 2)
- Update to 0.9.6:
  * CVE-2023-1018: tpm2: Fixed out of bounds read in CryptParameterDecryption (bsc#1206023)
  * CVE-2023-1017: tpm2: Fixed out of bounds write in CryptParameterDecryption (bsc#1206022)
- 0001-tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch: upstreamed

- update to 0.9.5:
  * tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
  * tpm2: Fix a potential overflow expression (coverity)
  * tpm2: Fix size check in CryptSecretDecrypt
  * tpm: #undef printf in case it is #define'd (OSS-Fuzz)
  * tpm2: Check return code of BN_div()
  * tpm2: Initialize variables due to gcc complaint (s390x, false positive)
  * tpm12: Initialize variables due to gcc complaint (s390x, false positive)
  * build-sys: Fix configure script to support _FORTIFY_SOURCE=3

- update to 0.9.3:
  * build-sys: Add probing for -fstack-protector
  * tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size
  * (OSSL 3)
  * tpm2: When writing state initialize s_ContextSlotMask if not set 

- Update to version 0.9.1
  * Downgrade to previous versions is not possible, as the size of
    the context gap has been adjusted to 0xffff from 0xff.
  * Enabled Camellia symmetric key encryption algorithm
  * tpm2: Update to TPM 2 spec rev 164
  * tpm2: Added a cache for private exponent D and prime Q
  * tpm2: bug fixes
- Fixed CVE-2021-3746 [bsc#1189935], out-of-bounds access via specially crafted TPM 2 command packets
- Fixed CVE-2021-3623 (bsc#1187767)
Elisei Roca's avatar Elisei Roca (eroca) committed (revision 1)
initialize package
Displaying all 2 revisions
openSUSE Build Service is sponsored by