Update to version 5.7:

+ Security - Fixed CVE-2024-29038 - Fixed CVE-2024-29039 + Fixed - Fix eventlog test - Fix issues with reading NV indexes - Fix context save error on tpm2_create - tpm2_sessionconfig: fix handling of --disable-continue session so that the subsequent command will not fail - when attempting to context save a flushed session. - detection of functions within libcrypto when CRYPTO_LIBS is set and system has install libcrypto. - tpm2_send: fix EOF detection on input stream. - tpm2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - Auth file: Ensure 0-termination when reading auths from a file. - configure.ac: fix bashisms. configure scripts need to be runnable with a POSIX-compliant /bin/sh. - cirrus.yml fix tss compilation with libtpms for FreeBSD. - tpm2_tool.c Fix missing include for basename to enable compilation on netbsd. - options: fix TCTI handling to avoid failures for commands that should work with no options. - tpm2_getekcertificate.c Fix leak. ek_uri was not freed if get_ek_server_address failed. + Added - Add the possibility for autoflush (environment variable "TPM2TOOLS_AUTOFLUSH", or -R option) + Removed - Testing on Ubuntu 18.04 as it's near EOL (May 2023).m2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - tpm2-tools.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented in upstream repo, which was used for signing this new release tarball. OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=108
2024-05-03 12:58:29 +00:00 · 2024-05-03 12:58:29 +00:00 · 2ef15b178a
commit 2ef15b178a
parent 67cb2ca5c3
7 changed files with 106 additions and 19 deletions
--- a/tpm2-tools-5.6.tar.gz
+++ b/tpm2-tools-5.6.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:52c8bcbaadca082abfe5eb7ee4967d2d632d84b1677675f2f071b6d2ec22cec3
-size 1266731
--- a/tpm2-tools-5.6.tar.gz.asc
+++ b/tpm2-tools-5.6.tar.gz.asc
@ -1,14 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQGzBAABCgAdFiEEb3KjDupBubVIVwrSDQ2ysmVJPikFAmVLbooACgkQDQ2ysmVJ
-PimY8wv+JZ0+IZXj13MrtUe7Wc+sK9mLlG931vICalPDELF+RtOajcg8pa3g2IAp
-GSDuj7j5QrFwGC9UbZPFlQYLEsbk6aSMnHDnPOb2N1AB3ARrt/jO341ppn3ELUv+
-pPp4rgH+woBYjwBzir2BgBY7b0I7oWsHHypDwXfNMmMkrwHhd20cjBKbeLh5tViN
-4H6Fm7ttQwcOTlL/fACREiJdy87cOcx2arI6G78GjYCTZp30oEpR9L798LsD61pk
-u0Z5DXydXq0tS44UepdYy5zFFYNMhG/xhb4VZGbDNjkYmVK8vajmc+ZqcB9c25Qs
-u0zqyWACaasi9MGAtdbNxe8O/1SYpH02MZQzqKf/L06Q2LTYlVW6i7rdykjvJyNp
-V/UafEHd3wTjdeQZn89kGye/MBe4Tr22huFt5VT6EhFdppjEugseZ1GnvXrBs2ZU
-r94qX7xj9kM0qpxdgGjRcqBekqUgVEcurDviD3GYmpNKOo07zlLrLXJc6QSfOOpJ
-c9Dp2co2
-=crkh
-----END PGP SIGNATURE-----
--- a/tpm2-tools-5.7.tar.gz
+++ b/tpm2-tools-5.7.tar.gz
--- a/tpm2-tools-5.7.tar.gz.asc
+++ b/tpm2-tools-5.7.tar.gz.asc
@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCgAdFiEE1TMnWwEj0KZ59R/0j0+aRdf/7nQFAmYrkPMACgkQj0+aRdf/
+7nS6Jw//cepwxzKi9kjxk5+P6ZvG7sYSr8QnS7bYThOYwUQSweRZGxgxLIU5jyj6
+sTY2/ofQyGIDM0ylTgQkZzfQ+dIiUZWZZkJ5hQxSJZo5uL73UvC+HEfnYcbOb6KJ
+8HTBw7SbkymKRT0Na064q/vY0QlrTW3Rh9MVODs8BK36jdiIpq+5zpgp7lxh4pPf
+h/7sfqTolaYI7bkCFe08WwnFCSU9nNuKwxR0jV+RRT6DlY765UW7ML0CiyHDqD78
+BFz7kocAT699+J5NvFuXXxVj3pe0MYlU5PaXbRqjyh2RNlDcpPQaD29z+NeWitha
+Gs/QSfI7jrkVPJnjHMZ3k16vtvqpIkw0KtkUuhYPPr3eizZWz5kR0elZEN0t+c9U
+PRlG/JV+282qXgu/O2o5JwA/pMwfoTSCgzqmJ/UgaDP0X3V+TICWqTbqR6FNbc4W
+urcxWJ6yYDZzx30VpEXwD0OKJUx6z6UFJedxyzgIuCqgjOZRJmnjTmelSdCEgDBs
+HSMU2qqxpRAuhYMDdlI16sb0sMmX6Hm8ZqL8BUqf1aO7MurkZ/r6q+G49/5ZsI39
+5ec7a3FE/RrRZgv8kde9EYkHp8EGoWNtQaa8BHURmqqlEclqjZ2WrVBLu0XNXbZi
+j3t3TspYQIqkmiYETJPZOe6VZw4Y3l1H/kNFY/tE+K2S7Nx/AnE=
+=661g
+-----END PGP SIGNATURE-----
--- a/tpm2-tools.keyring
+++ b/tpm2-tools.keyring
@ -335,3 +335,55 @@ Rny6knt72NrN/y99FJBQ8XUJemR5zVIPYZCz5RVyEnRjJwToSpiN381SO5/J/8rN
 vbESOCFzZLA=
 =1P9t
 -----END PGP PUBLIC KEY BLOCK-----
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBGW4tWABEADShIa5S7B036c2JMRfM26ihylWXfU0emxn4n9JwdewWakT6r2y
+HU5L9b3hkcz8KOIsGAiVyn7bWoK9Q+OJGr0Alm38Jl1FbXGa/TaKeenVCTNWrOHZ
+SLrDPbs8k84KNsvPEOMCapnrOHl+Nm1T0GosJonIzNe1X1ArCN9Zn+SstW+JZeaQ
+IVNjVGKm59roU+EejaYuXqalAWhKq4I9Jd52yfy8TgWEFjk2STF3S3FST7SjiHds
+bmclhp+Vai2WZGrnbzwyMWL324Nyy8h9+/l9WGspxLh2/1qPXtmaDWp8b49RuYDV
+V7OVUSUDfp9eTB7ftfTMFXNbq1TShAkcbxT0xMu+UdTrnfKz1S5rFZ2AwfvvBCBR
+laA2T6/lQ/5oOFAK9u96GRtQjsw4YtTnIQyaRj+UD+KWyXL9cZMdQRWyzjRLkINZ
+dfj5TpXMmerO1ObOPvdji9o7yqAB3BQklhURlcs86z0dwKI3Cnho+2IbI+7jMKIn
+0OGVPAx6GjE3Fia2USHlEPfMx1oTw6eC8PDvtUevz4BcS0GKRvu6n2ucOjtawet4
+lDZPnKQwiscwblBE+zL5/dw1gpQ2/jpIMKOPzUL/pclQDi/uQkfaoViyznLkKTr1
+l4witEysoKNFcKiorqznVAAermTB3jv7zqVzWRjhs2mhofAaPTtWxc0qSQARAQAB
+tCpBbmRyZWFzIEZ1Y2hzIDxhbmRyZWFzLmZ1Y2hzQGluZmluZW9uLmNvbT6JAk4E
+EwEKADgWIQTVMydbASPQpnn1H/SPT5pF1//udAUCZbi1YAIbAwULCQgHAgYVCgkI
+CwIEFgIDAQIeAQIXgAAKCRCPT5pF1//udCAMD/93TGsv34ICGjfnrrMSCb787L/X
+bdziMuqQ62LEaFxy9XlqXDusCF3OxPWXWYzQgCVmBj/zVUSvphsnBsQZR8rtuObr
+pfZCXoGM8ig6u16Gqw7zAym5ckDJnAN3urKqQne7jU3R73QpZADHJR/0FDQFOh3q
+6g+ZWYeyceaYE1ow1A4QX8OmCdulZHaqEqxNXdVf8PRp5ufpNJ9IyDs3Bki2oh73
+hRZuXrp6mo++WqImOkTqepCXyR4ejU5d++Pa7lfdwBOIusmh3f3suGc+6L9sI43j
+ndA9+itheUZV7oUW5OvebPQVh9MQ0AXnnCBTlUEG2piJZ9I6XEqTaJCWYqVFHcbY
+ZEeuhiNnvtdQOTeeYCWbgK50FW9Aw9knSeqym5nLvoYSFGbOCWOVP9z9mArlObQr
+4FoapPXdJgznHnpX8YRdR3t6pCA32NyXppRdUCPylvKsflfLRexwPMPyq4/Zp2tG
+RV0VMeZulnujBD4QYUwaChVocj0Hhgti5hfcDn5p+DJZgrm8uyHmEKBZF3tiIw+o
+ACVz++mbaVlU3f1wGCwopA6E49U5DozkBXYKQFJ1kLXrSk8XsMNcRDTQROifkIl1
+JdZZgXyRkgm/frrCBHeoeK6c9HYLlHBKAYKmDF4spLcK9LFUHfEbOaPxr8/+Lvo3
+NwGQM0/sSrngdfjl67kCDQRluLVgARAAzg83xfiOX2qwYIxwf+4phpmUOhK8q8h1
+P+rdQWNur4XU+dJRwN94tsA51CrbltOQGBRerz3CVMbSnXMCCz+y7+jFEhWMTc71
+B7twmzXWz8kBtHAEUcIA6jI9JExvJlMtp+8FbGwvmOUaCPsFqAfpTMXY3brbxjIZ
+cl99AEiWh5HLQNzO9eTCL8a3v2jtIaEFoqUAcsPAlOUYCp7GOguyHmDfGQfYGpO/
+rJPbjabx/FAd+A2PuIPXr0KqQItoPrhTRj1pGL80PI71Z9iinIaaTZEDSa2VwKB2
+9A+aCYeUi5nWzOhkQdhKYONLuqWjvAdEObfJ79IKiCbzk26Jd3/BvRcUwEnLSBQI
+CcBa0K8CmCCWmcmHQGAYG5cNt9VCl+/Lnip0HlU54u8J3CQqy1SfDBL+yqf4gMtI
+FcRljUh2mBoc8qDg170EdDx7X7prPOAg/j7PK4/+tCOmPpbZsSyRzJWxLIpxTjvW
+JZ+xyn4CM6uxhQLcJsRDMIgHXt3F3Enw4PtgIAjFIyUcCPinebcFUJ2ZpSqtWFhQ
+aAFQOvrtz/q7ZlNNtZGHx3HodtK1rhw2AqBE6f930RSW+dqHTcNQXRoDr7y0dtel
+eCJA4FLprav4ywQCv67f42zNBwNfz2sHNADoeCwr3KKoSk/EN7IWHgyxWw8J5S7y
+x24uTv//7B8AEQEAAYkCNgQYAQoAIBYhBNUzJ1sBI9CmefUf9I9PmkXX/+50BQJl
+uLVgAhsMAAoJEI9PmkXX/+50pWAQALC72x4NLjdsru7hLbJYvBj2Lfm2XVxRhEEJ
+aotNoCeB45P+QhL6XEQl1xtFc3aUWXAgDMe+9Wc9W90SoAZ6fiuAvifV3EMm6NI6
+DO7ScyIOB1qsrxRvbMGo8kCglNb7dCXh/CBnglsnH+jdl1SBrAsWhopYcetPQvOr
+JudtTK4FNQYGevgYtcLNmzMmRX7F7N2DJ1IHDHWF2vEECCvEquXXgwJehZ4XmTL7
+OAeg1ogz6W3QVpTIK6r07a7RmwBkAtxWiGAcVTxEQQZVkwrWwplRHaVqSfXWIe4V
+2MT5zjSzgZ2UqpWHNSxSECctYYXdDjrMXp8ECszk/PIxBV8HJ+ouBw/mBcs6uL8r
+TBeOchmlf5wGKzrf/svzQ+8C5o61rC+eqoOVmlkF6l7OJj9s50DS35ty1CEBpJ4H
+vG9tAmEadNM+kw3JGN+z/sn1xJek8VpUociQstXLDLZwEKIDYb56u/xEfeR5X5NN
+SZvaPpnvbgVUI59GV2stWl53t53EvBW5AokKiYTv2rCddqnOmWomtsUVmvI7ftIn
+kCkaxtx2krMCvxaHZ2ickvJH+LCd65IGZ4G3N/MudGp5PlGhAX1KlT7EkQtDWfnD
+vT8auAcNHeSG2gCTW3sIkZNm7QvunexwIpe85YqAze8+ZpCtxDP34ahhZGrpIkKN
+lFcjH/3q
+=o8mM
+-----END PGP PUBLIC KEY BLOCK-----
--- a/tpm2.0-tools.changes
+++ b/tpm2.0-tools.changes
@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Fri May  3 12:49:04 UTC 2024 - Matthias Gerstner <matthias.gerstner@suse.com>
+
+Update to version 5.7:
+
+ Security
+  - Fixed CVE-2024-29038
+  - Fixed CVE-2024-29039
+ Fixed
+  - Fix eventlog test
+  - Fix issues with reading NV indexes
+  - Fix context save error on tpm2_create
+  - tpm2_sessionconfig: fix handling of --disable-continue session so that the subsequent command will not fail
+  - when attempting to context save a flushed session.
+  - detection of functions within libcrypto when CRYPTO_LIBS is set and system has install libcrypto.
+  - tpm2_send: fix EOF detection on input stream.
+  - tpm2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems.
+  - tpm2_nvread: fix input handling no nv index.
+  - Auth file: Ensure 0-termination when reading auths from a file.
+  - configure.ac: fix bashisms. configure scripts need to be runnable with a POSIX-compliant /bin/sh.
+  - cirrus.yml fix tss compilation with libtpms for FreeBSD.
+  - tpm2_tool.c Fix missing include for basename to enable compilation on netbsd.
+  - options: fix TCTI handling to avoid failures for commands that should work with no options.
+  - tpm2_getekcertificate.c Fix leak. ek_uri was not freed if get_ek_server_address failed.
+ Added
+  - Add the possibility for autoflush (environment variable "TPM2TOOLS_AUTOFLUSH", or -R option)
+ Removed
+  - Testing on Ubuntu 18.04 as it's near EOL (May 2023).m2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems.
+  - tpm2_nvread: fix input handling no nv index.
+
+- tpm2-tools.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented
+  in upstream repo, which was used for signing this new release tarball.
+
 -------------------------------------------------------------------
 Thu Dec 21 08:45:24 UTC 2023 - Alberto Planas Dominguez <aplanas@suse.com>

--- a/tpm2.0-tools.spec
+++ b/tpm2.0-tools.spec
@ -1,7 +1,7 @@
 #
 # spec file for package tpm2.0-tools
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -29,7 +29,7 @@
 %bcond_with     test
 %endif
 Name:           tpm2.0-tools
-Version:        5.6
+Version:        5.7
 Release:        0
 Summary:        Trusted Platform Module (TPM) 2.0 administration tools
 License:        BSD-3-Clause