0fcf37062f- add new sub-package libtss2-tcti-spidev0: TCTI for communicating with a TPM connected directly via SPI. - add new sub-package libtss2-tcti-i2c-helper0: TCTI for communicating with a TPM connected directly via I2C.
Matthias Gerstner
2024-05-06 10:47:12 +0000
57ab8ba31fUpdate to version 4.1: + Security - Fixed CVE-2024-29040 + Fixed - fapi: Fix length check on FAPI auth callbacks - mu: Correct error message for errors - tss2-rc: fix unknown laer handler dropping bits. - fapi: Fix deviation from CEL specification (template_value was used instead of template_data). - fapi: Fix json syntax error in FAPI profiles which was ignored by json-c. - build: fix build fail after make clean. - mu: Fix unneeded size check in TPM2B unmarshaling. - fapi: Fix missing parameter encryption. - build: Fix failed build with --disable-vendor. - fapi: Fix flush of persistent handles. - fapi: Fix test provisioning with template with self generated certificate disabled. - fapi: Fix error in Fapi_GetInfo it TPM supports SHA3 hash algs. - fapi: Revert pcr extension for EV_NO_ACTION events. - fapi: Fix strange error messages if nv, ext, or policy path does not exits. - fapi: Fix segfault caused by wrong allocation of pcr policy. - esys: Fix leak in Esys_EvictControl for persistent handles. - tss2-tcti: tcti-libtpms: fix test failure on big-endian platform. - esys: Add reference counting for Esys_TR_FromTPMPublic. - esys: Fix HMAC error if session bind key has an auth value with a trailing 0. - fapi: fix usage of self signed certificates in TPM. - fapi: Usage of self signed certificates. - fapi: A segfault after the error handling of non existing keys. - fapi: Fix several leaks. - fapi: Fix error handling for policy execution. - fapi: Fix usage of persistent handles (should not be flushed) - fapi: Fix test provisioning with template (skip test without self generated certificate).
Matthias Gerstner
2024-05-03 14:16:18 +0000
27e8c205b8Accepting request 1138772 from security
Ana Guerrero
2024-01-15 21:15:33 +0000
1cb5b7a946Accepting request 1059943 from security
Dominique Leuenberger
2023-01-21 18:10:13 +0000
4cd4a5bc82- add 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch: fixes CVE-2023-22745 (bsc#1207325): Buffer Overlow in TSS2_RC_Decode. Overly large RC values passed to the TSS2 function could lead to memory overread or memory overread. This patch is not yet part of any upstream git tag.
Matthias Gerstner
2023-01-20 11:24:42 +0000
91c97e0294Accepting request 988349 from security
Dominique Leuenberger
2022-07-12 09:12:12 +0000
1367d22f99fix macros in comments
Matthias Gerstner
2021-01-28 09:46:02 +0000
db6ae61a8c- update to 3.0.3: - changes in 3.0.3: * Fix Regression in Fapi_List * Fix memory leak in policy calculation - changes in 3.0.2: * FAPI: Fix setting of the system flag of NV objects * This will let NV object metadata be created system-wide always instead of * locally in the user. Existing metadata will remain in the user directory. * It can be moved to the corresponding systemstore manually if needed. * FAPI: Fix policy searching, when a policyRef was provided * FAPI: Accept EK-Certs without CRL dist point * FAPI: Fix return codes of Fapi_List * FAPI: Fix memleak in policy execution * FAPI: Fix coverity NULL-pointer check * FAPI: Set the written flag of NV objects in FAPI PolicyNV commands * FAPI: Fix deleting of policy files. * FAPI: Fix wrong file loading during object search. * Fapi: Fix memory leak * Fapi: Fix potential NULL-Dereference * Fapi: Remove superfluous NULL check * Fix a memory leak in async keystore load.
Matthias Gerstner
2021-01-28 09:21:04 +0000
259739975dAccepting request 844057 from security
Dominique Leuenberger
2020-10-28 08:58:30 +0000
a083903c1f- move the tcti-fapi tmpfiles.d config file into the libtss2-fapi1 sub-package. - improve the descriptions of new libraries (fapi1, cmd0, swtpm0)
Matthias Gerstner
2020-10-22 11:43:23 +0000
ac062faf0cAccepting request 843352 from home:Guillaume_G:branches:openSUSE:Factory
Matthias Gerstner
2020-10-22 10:27:22 +0000
d61f568b38Accepting request 778720 from security
Dominique Leuenberger
2020-02-26 14:02:05 +0000
11ea812f83sync _service with current version
Matthias Gerstner
2020-02-24 09:44:44 +0000
9dfcbbab6bAccepting request 778034 from home:mnhauke
Matthias Gerstner
2020-02-24 09:44:15 +0000
e3f585c33eAccepting request 769069 from security
Dominique Leuenberger
2020-02-09 20:01:18 +0000
00388c2150Accepting request 769062 from home:michals
Matthias Gerstner
2020-01-31 14:16:21 +0000
49479aa880Accepting request 767595 from security
Dominique Leuenberger
2020-01-30 08:33:03 +0000
065455a1d1Accepting request 766910 from home:dimstar:Factory
Matthias Gerstner
2020-01-27 08:58:42 +0000
5d799305f8Accepting request 760375 from security
Dominique Leuenberger
2020-01-05 14:20:41 +0000
9877757ad7Accepting request 759944 from home:mnhauke
Matthias Gerstner
2020-01-02 09:06:06 +0000
0c84f891dbAccepting request 755853 from security
Dominique Leuenberger
2019-12-17 12:29:00 +0000
8566a367e8adjust spec file to account for newly added libraries
Matthias Gerstner
2019-12-11 11:27:31 +0000
f12df5d389- update to upstream version 2.3.0: - changes in version 2.3.0: - tss2-tctildr: A new library that helps with tcti initialization Recommend to use this in place of custom tcti loading code now ! - tss2-rc: A new library that provides textual representations for return codes - Option to disable NIST-deprecated crypto (--disable-weak-crypto) - Support Esys_TR_FromTPMPublic on sessions (for use in Esys_FlushContext) - map-files with correct symbol lists for tss2-sys and tss2-esys This may lead to unresolved symbols in linked applications - Support to call Tss2_Sys_Execute repeatedly on certain errors - Reduced RAM consumption in Esys due to Tss2_Sys_Execute change - Automated session attribution clearing for esys (decrypt and encrypt) per cmd - Removed libtss2-mu from "Requires" field of libtss2-esys.pc Needs to be added explicitely now - All fixes from 2.2.1, 2.2.2 and 2.2.3 - Fixed SPDX License Identifiers - Fixed Null-pointer problems in tcti-tbs - Fixed Default locality for tcti-mssim set to LOC_0 - Fixed coverity and valgrind leaks detected in test programs (not library code)
Matthias Gerstner
2019-12-11 11:09:20 +0000
05ac4981c6Accepting request 726006 from security
Dominique Leuenberger
2019-08-27 08:22:31 +0000
bc68386482clearer wording in changelog
Matthias Gerstner
2019-08-26 05:44:16 +0000
e7a38c4fbc- update to upstream version 2.2.3: - changes from version 2.2.3: * Fix computation of session name * Fixed PolicyPassword handling of session Attributes * Fixed windows build from dist ball * Fixed default tcti configure option * Fixed nonce size calculation in ESYS sessions - changes from version 2.2.2: * Fixed wrong encryption flag in EncryptDecrypt * Fixing openssl engine invocation
Matthias Gerstner
2019-08-23 12:08:26 +0000
43cb96e289Accepting request 698149 from security
Yuchen Lin
2019-04-26 20:55:03 +0000
f9fbc4ab42Accepting request 698141 from home:jubalh:branches:security
Matthias Gerstner
2019-04-26 10:43:02 +0000
0fe6a1b86dAccepting request 682101 from security
Dominique Leuenberger
2019-03-06 14:51:44 +0000
8e53f96352- introduce _service file for syncing with upstream tags
Matthias Gerstner
2019-03-06 10:10:25 +0000
d53bc3b303remove old tarball
Matthias Gerstner
2019-03-06 10:09:59 +0000
a153966f3f- update to upstream version 2.2.1: - changes from version 2.2.0: - Fixed leak of hkey on success in iesys_cryptossl_hmac_start - Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth - Fixed NULL ptr issue in sequenceHandleNode - Fixed NULL ptr auth handling in Esys_TR_SetAuth - Fixed NULL auth handling in iesys_compute_session_value - Fixed marshaling of TPM2Bs with sub types. - Fixed NULL ptr session handling in Esys_TRSess_SetAttributes - Fixed the way size of the hmac value of a session without authorization - Added missing MU functions for TPM2_NT type - Added missing MU functions for TPMA_ID_OBJECT type - Added missing type TPM2_NT into tss2_tpm2_types.h - Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h - Fixed build breakage when --with-maxloglevel is not 'trace' - Fixed build breakage in generated configure script when CFLAGS is set - Fixed configure scritp ERROR_IF_NO_PROG macro - Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest - Fixed unmarshaling of the TPM2B type with invalid size - Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM - Added support for QNX build - Added support for partial reads in device TCTI - changes from version 2.1.1: - Fixed leak of hkey on success in iesys_cryptossl_hmac_start - Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth - Fixed NULL ptr issue in sequenceHandleNode - Fixed NULL ptr auth handling in Esys_TR_SetAuth - Fixed NULL auth handling in iesys_compute_session_value - Fixed marshaling of TPM2Bs with sub types. - Fixed NULL ptr session handling in Esys_TRSess_SetAttributes
Matthias Gerstner
2019-03-06 10:09:35 +0000
464248b9d8Accepting request 665951 from security
Dominique Leuenberger
2019-01-21 09:52:56 +0000
46aab25ceeincorporate FATE number in changes file for SLE-15-SP1 (bsc#1121860)
Matthias Gerstner
2019-01-14 14:18:22 +0000
f3841324bdAccepting request 638457 from security
Dominique Leuenberger
2018-09-28 06:53:18 +0000
852586d92b- update to upstream version 2.0.1: - Fixed problems with doxygan failing make distcheck - Fixed conversion of gcrypt mpi numbers to binary data - Fixed an error in parsing socket address in MSSIM TCTI - Fixed compilation error with --disable-tcti-mssim - Added initialization function for gcrypt to suppress warning - Fixed invalid type base type while marshaling TPMI_ECC_CURVE in Tss2_Sys_ECC_Parameters - Fixed invalid RSA encryption with exponent equal to 0 - Fixed checking of return codes in ESAPI commands - Added checks for programs required by the test harness @ configure time - Fixed warning on TPM2_RC_INITIALIZE rc after a Startup in Esys_Startup - Checked for 1.2 TPM type response - Changed constants values in esys header file to unsigned
Matthias Gerstner
2018-09-26 15:42:09 +0000
a032a0c880Accepting request 636378 from security
Yuchen Lin
2018-09-19 12:30:22 +0000
41614edfb3- also process udev triggers for tpmrm subsystem, otherwise /dev/tpmrm0 isn't properly updated (at least on SLES-12-SP4)
Matthias Gerstner
2018-09-18 09:05:11 +0000
deccdd4131Accepting request 621176 from security
Dominique Leuenberger
2018-07-06 08:49:13 +0000
dcaf845187- added all librares to baselibs.conf to satisfy 32-bit dependencies of esys0 and sys0
Matthias Gerstner
2018-07-05 15:40:46 +0000
4dfbe08170add all libraries to baslibs to fix dependencies of esys 32 bit lib
Matthias Gerstner
2018-07-05 15:30:52 +0000
6783165805also add mu0 to baselibs, required by esys0
Matthias Gerstner
2018-07-05 15:22:13 +0000
e59c70a0b3switch to release tarball URL
Matthias Gerstner
2018-07-03 11:44:25 +0000
ea68279678- Explicitly require udev to fix missing ownership for /usr/lib/udev.
Matthias Gerstner
2018-07-03 11:21:50 +0000
382a889ab9try to fix /usr/lib/udev issue again
Matthias Gerstner
2018-07-03 08:31:06 +0000
3d60827667- Explicitly own the udev dir to fix builds on SLE12-SP2 and older. Alternative would be to require the filesystem package but that does seem like a hack, too.
Matthias Gerstner
2018-07-03 07:57:35 +0000
20164b1bf7Accepting request 619787 from home:mgerstner:branches:security
Matthias Gerstner
2018-06-29 14:14:43 +0000
d19a9668ccAccepting request 583943 from security
Dominique Leuenberger
2018-03-08 09:59:04 +0000
a097eb82c2- added version_fix.patch to fix package config version numbers.
Matthias Gerstner
2018-02-22 10:49:01 +0000
97d9bd7034- update to upstream version 1.3.0: - support for reproducable builds - improved documentation / manual pages - various stability bugfixes - EncryptDecrypt2 command is now implemented - removed reproducable.patch. This is now included upstream.
Matthias Gerstner
2018-02-22 10:16:24 +0000
7b77d4e348Accepting request 520198 from security
Dominique Leuenberger
2017-09-04 10:34:45 +0000
5efd3976fa- fix the "fix", turns out only the unversioned symlink's supposed to go into -devel.
Matthias Gerstner
2017-09-01 14:32:12 +0000
dc68fc293eAccepting request 514212 from security
Dominique Leuenberger
2017-08-21 09:36:37 +0000