a00f65aacb- Update to 4.1.3: * Fix name collisions during dlopen() on some linkers - Update to 4.1.2: * configure.ac: Fix test of == to = to be POSIX comliant * Remove use of which in favor of command -v - Update to 4.1.1: * Fixed inclusion of .map and .def files in release tar balls
devel
Alberto Planas Dominguez2025-08-04 12:55:18 +00:00
0fcf37062f- add new sub-package libtss2-tcti-spidev0: TCTI for communicating with a TPM connected directly via SPI. - add new sub-package libtss2-tcti-i2c-helper0: TCTI for communicating with a TPM connected directly via I2C.Matthias Gerstner2024-05-06 10:47:12 +00:00
57ab8ba31fUpdate to version 4.1: + Security - Fixed CVE-2024-29040 + Fixed - fapi: Fix length check on FAPI auth callbacks - mu: Correct error message for errors - tss2-rc: fix unknown laer handler dropping bits. - fapi: Fix deviation from CEL specification (template_value was used instead of template_data). - fapi: Fix json syntax error in FAPI profiles which was ignored by json-c. - build: fix build fail after make clean. - mu: Fix unneeded size check in TPM2B unmarshaling. - fapi: Fix missing parameter encryption. - build: Fix failed build with --disable-vendor. - fapi: Fix flush of persistent handles. - fapi: Fix test provisioning with template with self generated certificate disabled. - fapi: Fix error in Fapi_GetInfo it TPM supports SHA3 hash algs. - fapi: Revert pcr extension for EV_NO_ACTION events. - fapi: Fix strange error messages if nv, ext, or policy path does not exits. - fapi: Fix segfault caused by wrong allocation of pcr policy. - esys: Fix leak in Esys_EvictControl for persistent handles. - tss2-tcti: tcti-libtpms: fix test failure on big-endian platform. - esys: Add reference counting for Esys_TR_FromTPMPublic. - esys: Fix HMAC error if session bind key has an auth value with a trailing 0. - fapi: fix usage of self signed certificates in TPM. - fapi: Usage of self signed certificates. - fapi: A segfault after the error handling of non existing keys. - fapi: Fix several leaks. - fapi: Fix error handling for policy execution. - fapi: Fix usage of persistent handles (should not be flushed) - fapi: Fix test provisioning with template (skip test without self generated certificate).Matthias Gerstner2024-05-03 14:16:18 +00:00
4cd4a5bc82- add 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch: fixes CVE-2023-22745 (bsc#1207325): Buffer Overlow in TSS2_RC_Decode. Overly large RC values passed to the TSS2 function could lead to memory overread or memory overread. This patch is not yet part of any upstream git tag.Matthias Gerstner2023-01-20 11:24:42 +00:00
db6ae61a8c- update to 3.0.3: - changes in 3.0.3: * Fix Regression in Fapi_List * Fix memory leak in policy calculation - changes in 3.0.2: * FAPI: Fix setting of the system flag of NV objects * This will let NV object metadata be created system-wide always instead of * locally in the user. Existing metadata will remain in the user directory. * It can be moved to the corresponding systemstore manually if needed. * FAPI: Fix policy searching, when a policyRef was provided * FAPI: Accept EK-Certs without CRL dist point * FAPI: Fix return codes of Fapi_List * FAPI: Fix memleak in policy execution * FAPI: Fix coverity NULL-pointer check * FAPI: Set the written flag of NV objects in FAPI PolicyNV commands * FAPI: Fix deleting of policy files. * FAPI: Fix wrong file loading during object search. * Fapi: Fix memory leak * Fapi: Fix potential NULL-Dereference * Fapi: Remove superfluous NULL check * Fix a memory leak in async keystore load.Matthias Gerstner2021-01-28 09:21:04 +00:00
a083903c1f- move the tcti-fapi tmpfiles.d config file into the libtss2-fapi1 sub-package. - improve the descriptions of new libraries (fapi1, cmd0, swtpm0)Matthias Gerstner2020-10-22 11:43:23 +00:00
ac062faf0cAccepting request 843352 from home:Guillaume_G:branches:openSUSE:FactoryMatthias Gerstner2020-10-22 10:27:22 +00:00
f12df5d389- update to upstream version 2.3.0: - changes in version 2.3.0: - tss2-tctildr: A new library that helps with tcti initialization Recommend to use this in place of custom tcti loading code now ! - tss2-rc: A new library that provides textual representations for return codes - Option to disable NIST-deprecated crypto (--disable-weak-crypto) - Support Esys_TR_FromTPMPublic on sessions (for use in Esys_FlushContext) - map-files with correct symbol lists for tss2-sys and tss2-esys This may lead to unresolved symbols in linked applications - Support to call Tss2_Sys_Execute repeatedly on certain errors - Reduced RAM consumption in Esys due to Tss2_Sys_Execute change - Automated session attribution clearing for esys (decrypt and encrypt) per cmd - Removed libtss2-mu from "Requires" field of libtss2-esys.pc Needs to be added explicitely now - All fixes from 2.2.1, 2.2.2 and 2.2.3 - Fixed SPDX License Identifiers - Fixed Null-pointer problems in tcti-tbs - Fixed Default locality for tcti-mssim set to LOC_0 - Fixed coverity and valgrind leaks detected in test programs (not library code)Matthias Gerstner2019-12-11 11:09:20 +00:00
e7a38c4fbc- update to upstream version 2.2.3: - changes from version 2.2.3: * Fix computation of session name * Fixed PolicyPassword handling of session Attributes * Fixed windows build from dist ball * Fixed default tcti configure option * Fixed nonce size calculation in ESYS sessions - changes from version 2.2.2: * Fixed wrong encryption flag in EncryptDecrypt * Fixing openssl engine invocationMatthias Gerstner2019-08-23 12:08:26 +00:00
43cb96e289Accepting request 698149 from securityYuchen Lin2019-04-26 20:55:03 +00:00
f9fbc4ab42Accepting request 698141 from home:jubalh:branches:securityMatthias Gerstner2019-04-26 10:43:02 +00:00
a153966f3f- update to upstream version 2.2.1: - changes from version 2.2.0: - Fixed leak of hkey on success in iesys_cryptossl_hmac_start - Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth - Fixed NULL ptr issue in sequenceHandleNode - Fixed NULL ptr auth handling in Esys_TR_SetAuth - Fixed NULL auth handling in iesys_compute_session_value - Fixed marshaling of TPM2Bs with sub types. - Fixed NULL ptr session handling in Esys_TRSess_SetAttributes - Fixed the way size of the hmac value of a session without authorization - Added missing MU functions for TPM2_NT type - Added missing MU functions for TPMA_ID_OBJECT type - Added missing type TPM2_NT into tss2_tpm2_types.h - Fixed wrong typename _ID_OBJECT in tss2_tpm2_types.h - Fixed build breakage when --with-maxloglevel is not 'trace' - Fixed build breakage in generated configure script when CFLAGS is set - Fixed configure scritp ERROR_IF_NO_PROG macro - Changed TPM2B type unmarshal to use sizeof of the dest buffer instead of dest - Fixed unmarshaling of the TPM2B type with invalid size - Removed dead code defect detected by coverity from Esys_TRSess_GetNonceTPM - Added support for QNX build - Added support for partial reads in device TCTI - changes from version 2.1.1: - Fixed leak of hkey on success in iesys_cryptossl_hmac_start - Fixed NULL ptr issues in Esys_HMAC_Start, Esys_HierarchyChangeAuth and Esys_NV_ChangeAuth - Fixed NULL ptr issue in sequenceHandleNode - Fixed NULL ptr auth handling in Esys_TR_SetAuth - Fixed NULL auth handling in iesys_compute_session_value - Fixed marshaling of TPM2Bs with sub types. - Fixed NULL ptr session handling in Esys_TRSess_SetAttributesMatthias Gerstner2019-03-06 10:09:35 +00:00
852586d92b- update to upstream version 2.0.1: - Fixed problems with doxygan failing make distcheck - Fixed conversion of gcrypt mpi numbers to binary data - Fixed an error in parsing socket address in MSSIM TCTI - Fixed compilation error with --disable-tcti-mssim - Added initialization function for gcrypt to suppress warning - Fixed invalid type base type while marshaling TPMI_ECC_CURVE in Tss2_Sys_ECC_Parameters - Fixed invalid RSA encryption with exponent equal to 0 - Fixed checking of return codes in ESAPI commands - Added checks for programs required by the test harness @ configure time - Fixed warning on TPM2_RC_INITIALIZE rc after a Startup in Esys_Startup - Checked for 1.2 TPM type response - Changed constants values in esys header file to unsignedMatthias Gerstner2018-09-26 15:42:09 +00:00
a032a0c880Accepting request 636378 from securityYuchen Lin2018-09-19 12:30:22 +00:00
41614edfb3- also process udev triggers for tpmrm subsystem, otherwise /dev/tpmrm0 isn't properly updated (at least on SLES-12-SP4)Matthias Gerstner2018-09-18 09:05:11 +00:00
3d60827667- Explicitly own the udev dir to fix builds on SLE12-SP2 and older. Alternative would be to require the filesystem package but that does seem like a hack, too.Matthias Gerstner2018-07-03 07:57:35 +00:00
20164b1bf7Accepting request 619787 from home:mgerstner:branches:securityMatthias Gerstner2018-06-29 14:14:43 +00:00
a097eb82c2- added version_fix.patch to fix package config version numbers.Matthias Gerstner2018-02-22 10:49:01 +00:00
97d9bd7034- update to upstream version 1.3.0: - support for reproducable builds - improved documentation / manual pages - various stability bugfixes - EncryptDecrypt2 command is now implemented - removed reproducable.patch. This is now included upstream.Matthias Gerstner2018-02-22 10:16:24 +00:00
Dominique Leuenberger
Alberto Planas Dominguez
Ana Guerrero
Matthias Gerstner
Marcus Meissner
Yuchen Lin