2021-09-10 15:22:37 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 31 16:36:31 UTC 2021 - pgajdos@suse.com
|
|
|
|
|
|
|
|
|
|
- security update
|
|
|
|
|
- added patches
|
|
|
|
|
fix CVE-2021-3746 [bsc#1189935], out-of-bounds access via specially crafted TPM 2 command packets
|
|
|
|
|
+ libtpms-CVE-2021-3746.patch
|
|
|
|
|
|
2021-04-19 16:15:21 +02:00
|
|
|
-------------------------------------------------------------------
|
2021-08-09 10:47:20 +02:00
|
|
|
Sat Aug 7 15:00:32 UTC 2021 - Callum Farmer <gmbr3@opensuse.org>
|
|
|
|
|
|
|
|
|
|
- Update to version 0.8.4:
|
|
|
|
|
* Reset too large size indicators in TPM2B to avoid access
|
|
|
|
|
beyond buffer
|
|
|
|
|
* Restore original value in buffer if unmarshalled one was
|
|
|
|
|
illegal
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2021-04-19 16:15:21 +02:00
|
|
|
Mon Apr 19 07:18:37 UTC 2021 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to version 0.8.2
|
|
|
|
|
* NOTE: Downgrade to 0.7.x or below is not possible.
|
|
|
|
|
Due to fixes in the TPM 2 prime number generation code in
|
|
|
|
|
rev155 it is not possible to downgrade from libtpms version
|
|
|
|
|
0.8.0 to some previous version. The seeds are now associated
|
|
|
|
|
with an age so that older seeds use the old TPM 2 prime number
|
|
|
|
|
generation code while newer seed use the newer code.
|
|
|
|
|
* tpm2: rev155: Add new RsaAdjustPrimeCandidate code but do
|
|
|
|
|
not use (bsc#1184939 CVE-2021-3505)
|
|
|
|
|
* tpm2: Activate SEED_COMPAT_LEVEL_RSA_PRIME_ADJUST_FIX
|
|
|
|
|
(bsc#1184939 CVE-2021-3505)
|
|
|
|
|
* Update to TPM 2 code release 159
|
|
|
|
|
- X509 support is enabled
|
|
|
|
|
+ SM2 signing of ceritificates is NOT supported
|
|
|
|
|
- Authenticated timers are disabled
|
|
|
|
|
* Update to TPM 2 code relase 162
|
|
|
|
|
- ECC encryption / decryption is disabled
|
|
|
|
|
* Fix support for elliptic curve due to missing unmarshalling
|
|
|
|
|
code
|
|
|
|
|
* Runtime filter supported elliptic curves supported by OpenSSL
|
|
|
|
|
* Fix output buffer parameter and size for RSA decryption that
|
|
|
|
|
could cause stack corruption under certain circumstances
|
|
|
|
|
* Set the RSA PSS salt length to the digest length rather than
|
|
|
|
|
max
|
|
|
|
|
* Fixes to symmetric decryption related to input size check,
|
|
|
|
|
defer padding to the user [EVP_CIPHER_CTX_set_padding(ctx, 0)]
|
|
|
|
|
and to always use a temporary malloc'ed buffer for decryption
|
|
|
|
|
* Fixed the set of PCRs belonging to the TCB group. This affects
|
|
|
|
|
the pcrUpdateCounter in TPM2_Pcrread() responses, thus needs
|
|
|
|
|
latest swtpm for test cases to succeed there.
|
|
|
|
|
|
2021-03-19 08:40:53 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Mar 19 02:03:20 UTC 2021 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to version 0.7.7
|
|
|
|
|
* CryptSym: fix AES output IV (bsc#1183729, CVE-2021-3446)
|
|
|
|
|
* tpm2: Fix public key context save due to ANY_OBJECT_Marshal usage
|
|
|
|
|
* tpm2: Address some Coverity issues (false positives)
|
|
|
|
|
* tpm1.2: Backported ASAN/UBSAN related fixes
|
|
|
|
|
* tpm2: Return properly sized array for b parameter for NIST P521
|
|
|
|
|
(HLK)
|
|
|
|
|
* tpm2: Addressed issues detected by UBSAN
|
|
|
|
|
* tpm2: Addressed issues detected by cppcheck (false positives)
|
|
|
|
|
|
2020-11-23 09:03:48 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Nov 23 03:31:28 UTC 2020 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to version 0.7.4
|
|
|
|
|
* Addressed potential constant-time related issues in TPM 1.2 and
|
|
|
|
|
TPM 2 code
|
|
|
|
|
TPM 1.2: RSA decryption
|
|
|
|
|
TPM 2: EcSchnorr and EcSM2 signatures; Ecsda is handled by OpenSSL
|
|
|
|
|
* Fixed some compilation issues
|
|
|
|
|
|
2020-07-23 10:15:48 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Jul 23 05:01:12 UTC 2020 - Kai Liu <kai.liu@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to version 0.7.3
|
|
|
|
|
* Fixed the set of PCRs belonging to the TCB group. This affects
|
|
|
|
|
the pcrUpdateCounter in TPM2_Pcrread() responses, thus needs
|
|
|
|
|
latest `swtpm` (master, stable branches) for test cases to
|
|
|
|
|
succeed there.
|
|
|
|
|
|
|
|
|
|
- Changes since version 0.7.2
|
|
|
|
|
* Fix output buffer parameter and size for RSA decryption that
|
|
|
|
|
could cause stack corruption under certain circumstances
|
|
|
|
|
* Set the RSA PSS salt length to the digest length rathern than
|
|
|
|
|
max. possible
|
|
|
|
|
* Fixes to symmetric decrytion related to input size check, defer
|
|
|
|
|
padding to the user [EVP_CIPHER_CTX_set_padding(ctx, 0)] and to
|
|
|
|
|
always use a temporary malloc'ed buffer for decryption
|
|
|
|
|
|
|
|
|
|
- Changes since version 0.7.1
|
|
|
|
|
* tpm2: Fix TDES key creation by adding missing un-/marshalling
|
|
|
|
|
functions
|
|
|
|
|
* tpm2: Fix a bug in CheckAuthSession
|
|
|
|
|
* compilation fixes for TPM 1.2 & TPM 2 and various architectures
|
|
|
|
|
and gcc versions
|
|
|
|
|
* Fix support for NIST curves P{192,224,521} and SM2 P256 and
|
|
|
|
|
BNP648 that would not work;
|
|
|
|
|
* Runtime filter elliptic curves (that OpenSSL does not support)
|
|
|
|
|
and do not advertise those curves as capabilities
|
|
|
|
|
* Removed unnecessary space in MANUFACTURER "IBM " -> "IBM"
|
|
|
|
|
|
2019-09-09 14:39:29 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Sep 5 08:21:34 UTC 2019 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to version 0.7.0
|
|
|
|
|
* fixes for TPM2
|
|
|
|
|
- Add gcc-c++ to BuildRequires
|
|
|
|
|
|
2019-02-13 18:01:49 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Jan 28 09:25:27 UTC 2019 - Gary Ching-Pang Lin <glin@suse.com>
|
|
|
|
|
|
|
|
|
|
- Update to version 0.6.0
|
|
|
|
|
* Introduce TPM2 support
|
|
|
|
|
- Use %license tag for LICENSE
|
|
|
|
|
|
2018-01-22 17:25:33 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 17 12:05:51 UTC 2018 - vcizek@suse.com
|
|
|
|
|
|
|
|
|
|
- Update to version 0.6.0-dev1
|
|
|
|
|
* no upstream changelog
|
|
|
|
|
* fix build with openssl 1.1 (bsc#1074801)
|
|
|
|
|
- fix rpm group
|
|
|
|
|
|
2015-03-21 13:07:02 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sat Mar 21 11:50:03 UTC 2015 - p.drouand@gmail.com
|
|
|
|
|
|
|
|
|
|
- Update to version 0.5.2
|
|
|
|
|
* No entry for this release
|
|
|
|
|
- Update project home and download Urls
|
|
|
|
|
- Add autoconf, automake and libtool build require; the tarball
|
|
|
|
|
comes from git and configure script has to be generated
|
|
|
|
|
|
2014-01-14 15:53:17 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 14 14:51:14 UTC 2014 - meissner@suse.com
|
|
|
|
|
|
|
|
|
|
- import 0.5.1
|
|
|
|
|
- software TPM driver library for hooking into QEMU
|
|
|
|
|
|
