rpm/tpm2.0-tools
SHA256
1
0
Fork 0
forked from pool/tpm2.0-tools
Code Pull Requests Activity

Commit Graph

  • 2402a1d786 Accepting request 1172162 from security factory Ana Guerrero 2024-05-06 15:53:43 +0000
  • 1d28129213 - Fixed CVE-2024-29038 (bsc#1223687) - Fixed CVE-2024-29039 (bsc#1223689) Matthias Gerstner 2024-05-06 10:15:24 +0000
  • fcebb099b4 Accepting request 1171752 from security Ana Guerrero 2024-05-05 10:10:26 +0000
  • 2ef15b178a Update to version 5.7: + Security - Fixed CVE-2024-29038 - Fixed CVE-2024-29039 + Fixed - Fix eventlog test - Fix issues with reading NV indexes - Fix context save error on tpm2_create - tpm2_sessionconfig: fix handling of --disable-continue session so that the subsequent command will not fail - when attempting to context save a flushed session. - detection of functions within libcrypto when CRYPTO_LIBS is set and system has install libcrypto. - tpm2_send: fix EOF detection on input stream. - tpm2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - Auth file: Ensure 0-termination when reading auths from a file. - configure.ac: fix bashisms. configure scripts need to be runnable with a POSIX-compliant /bin/sh. - cirrus.yml fix tss compilation with libtpms for FreeBSD. - tpm2_tool.c Fix missing include for basename to enable compilation on netbsd. - options: fix TCTI handling to avoid failures for commands that should work with no options. - tpm2_getekcertificate.c Fix leak. ek_uri was not freed if get_ek_server_address failed. + Added - Add the possibility for autoflush (environment variable "TPM2TOOLS_AUTOFLUSH", or -R option) + Removed - Testing on Ubuntu 18.04 as it's near EOL (May 2023).m2_policy.c fix compilation error caused by format directive for size_t on 32 bit systems. - tpm2_nvread: fix input handling no nv index. - tpm2-tools.keyring: added Andreas Fuchs 0x8F4F9A45D7FFEE74 key, documented in upstream repo, which was used for signing this new release tarball. Matthias Gerstner 2024-05-03 12:58:29 +0000
  • 9a9100b936 Accepting request 1135462 from security Ana Guerrero 2023-12-28 21:55:19 +0000
  • 67cb2ca5c3 Accepting request 1134440 from home:aplanas:branches:security Alberto Planas Dominguez 2023-12-21 12:30:18 +0000
  • c00d9e35d7 Accepting request 1087676 from security Dominique Leuenberger 2023-05-19 09:54:33 +0000
  • fc1a056e9d Accepting request 1087675 from home:aplanas:branches:security Alberto Planas Dominguez 2023-05-17 14:30:51 +0000
  • 595dbc1134 Accepting request 1066202 from security Dominique Leuenberger 2023-02-17 15:44:00 +0000
  • ea39889dde Accepting request 1066201 from home:aplanas:branches:security Alberto Planas Dominguez 2023-02-16 15:25:28 +0000
  • 1f81f6ede0 Accepting request 1066188 from home:aplanas:branches:security Alberto Planas Dominguez 2023-02-16 14:38:17 +0000
  • 490ad5ed0f Accepting request 1055808 from security Dominique Leuenberger 2023-01-05 14:00:08 +0000
  • ef37d363dc Accepting request 1055806 from home:aplanas:branches:security Alberto Planas Dominguez 2023-01-04 13:31:42 +0000
  • 0fadaea8ed Accepting request 1041885 from security Dominique Leuenberger 2022-12-10 20:17:41 +0000
  • 54066e63b9 Accepting request 1041884 from home:aplanas:branches:security Alberto Planas Dominguez 2022-12-09 13:47:38 +0000
  • d9a849d22f Accepting request 1041869 from home:aplanas:branches:security Alberto Planas Dominguez 2022-12-09 13:26:20 +0000
  • 6a84e87ec4 Accepting request 989125 from security Dominique Leuenberger 2022-07-14 14:33:27 +0000
  • cb919fb8ac Accepting request 989124 from home:aplanas:branches:security Alberto Planas Dominguez 2022-07-14 09:58:27 +0000
  • 2dec5107b8 Accepting request 989000 from home:aplanas:branches:security Alberto Planas Dominguez 2022-07-13 12:35:56 +0000
  • 29706ce84b Accepting request 987921 from security Dominique Leuenberger 2022-07-09 14:59:09 +0000
  • d946dab0ca Accepting request 987920 from home:aplanas:branches:security Alberto Planas Dominguez 2022-07-08 13:36:19 +0000
  • f3e46a0f5a Accepting request 987892 from home:aplanas:branches:security Alberto Planas Dominguez 2022-07-08 11:40:48 +0000
  • 45c31e0402 Accepting request 987873 from home:aplanas:branches:security Alberto Planas Dominguez 2022-07-08 09:39:21 +0000
  • 4e86bd2543 Accepting request 987836 from home:aplanas:branches:security Alberto Planas Dominguez 2022-07-08 08:32:19 +0000
  • 9810272594 Accepting request 987481 from home:aplanas:branches:security Alberto Planas Dominguez 2022-07-07 15:38:12 +0000
  • d005922503 Accepting request 936758 from security Dominique Leuenberger 2021-12-08 21:08:49 +0000
  • f3833fe147 Accepting request 936757 from home:aplanas:branches:security Alberto Planas Dominguez 2021-12-08 17:10:00 +0000
  • 08f6726088 Accepting request 934693 from home:aplanas:branches:security Matthias Gerstner 2021-12-06 12:27:09 +0000
  • 0cb4095330 Accepting request 926522 from security Dominique Leuenberger 2021-10-22 22:50:23 +0000
  • a9b849d596 Accepting request 926512 from home:aplanas:branches:security Matthias Gerstner 2021-10-20 10:13:52 +0000
  • 0f526928e4 Accepting request 909338 from security Dominique Leuenberger 2021-08-02 10:04:31 +0000
  • 2daa4759e2 Accepting request 909201 from home:aplanas:branches:security Matthias Gerstner 2021-07-30 08:12:10 +0000
  • 131a800519 Accepting request 906620 from security Dominique Leuenberger 2021-07-18 21:44:47 +0000
  • 9bf3cf3cac OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=82 Matthias Gerstner 2021-07-09 07:27:41 +0000
  • 64866be1b2 - prepare running the test suite via %check, but leave it commented out, because it is broken due to LTO linking. Matthias Gerstner 2021-07-08 09:07:44 +0000
  • f1c0b5d17f Accepting request 902783 from security Dominique Leuenberger 2021-06-28 13:33:46 +0000
  • 30fe5afe17 Accepting request 902778 from home:favogt:branches:security Matthias Gerstner 2021-06-28 09:47:58 +0000
  • 6158f57fbf Accepting request 900775 from security Dominique Leuenberger 2021-06-19 21:04:13 +0000
  • 45f5061ef4 Accepting request 900773 from home:aplanas:branches:security Marcus Meissner 2021-06-18 14:57:05 +0000
  • a84093771b Accepting request 900549 from security Dominique Leuenberger 2021-06-18 08:13:56 +0000
  • ce6c7778e0 Accepting request 900548 from home:aplanas:branches:security Marcus Meissner 2021-06-17 09:37:22 +0000
  • b042d28e80 Accepting request 900121 from security Dominique Leuenberger 2021-06-15 14:38:07 +0000
  • 6478528698 Accepting request 900118 from home:aplanas:branches:security Marcus Meissner 2021-06-15 09:48:43 +0000
  • e97ee890ce Accepting request 899908 from security Dominique Leuenberger 2021-06-14 21:11:13 +0000
  • 3d2db2a128 Accepting request 898108 from home:dimstar:Factory Marcus Meissner 2021-06-14 08:57:05 +0000
  • 9751b0d045 Accepting request 895955 from security Dominique Leuenberger 2021-06-01 08:38:02 +0000
  • b000df49d3 - add 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch: no longer use a fixed AES key in the context of the tpm2_import command. Fixes CVE-2021-3565 (bsc#1186490). - drop fix_pie_linking.patch: now contained in upstream tarball - drop fix_warnings.patch: now contained in upstream tarball - update to upstream version 5.1: - Minimum tpm2-tss version dependency bumped to 3.1.0 - Minimum tpm2-abrmd version dependency bumped to 2.4.0 - tss2: - Support in tools for PolicyRef inclusion in policy search per latest TSS. - Support to use TPM objects protected by a policy with PolicySigned. - Enable backward compatibility to old Fapi callback API. - Fix PCR selection for tss2 quote. - Support policy signed policies by implementing Fapi_SetSignCB. - Command/ response parameter support for auditing and pHash policies: - lib/tpm2_util.c: Add method to determine hashing alg for cp/rphash - Add support to calculate rphash for tpm2_create, tpm2_activatecredential, tpm2_certify, tpm2_certifycreation, tpm2_changeauth, tpm2_changeeps, tpm2_changepps, tpm2_nvdefine, tpm2_nvextend, tpm2_unseal - Add support to calculate cphash for tpm2_changeeps, tpm2_changepps. - Session-support: - tpm2_sessionconfig: Add tool to display and configure session attributes. - tpm2_getrandom: Fix— session input was hardcoded for audit-only - tpm2_startauthsession: Add option to specify the bind object and its authorization value. - tpm2_startauthsession: support for bounded-only session. - tpm2_startauthsession: support for salted-only session. - tpm2_startauthsession: add option to specify an hmac session type. - Add support for specifying non-authorization sessions for audit and parameter encryption for tpm2_getrandom, tpm2_create, tpm2_nvextend, Matthias Gerstner 2021-05-28 10:32:05 +0000
  • b165e43c84 Accepting request 890270 from security Dominique Leuenberger 2021-05-04 20:01:01 +0000
  • d836ba0360 - fix --version output of tools. Since now autoreconf is called and configure.ac attempts to fetch the version from git (which we don't have during building), the version was empty. Fix this by replacing the git invocation in configure.ac. Matthias Gerstner 2021-05-04 08:56:15 +0000
  • f914fdbf72 explicitly mark %license Matthias Gerstner 2021-02-02 12:23:20 +0000
  • 722545cd47 note about download_files magic Matthias Gerstner 2021-01-29 13:09:40 +0000
  • bd294f5c13 Accepting request 867453 from security Dominique Leuenberger 2021-01-28 20:29:02 +0000
  • a5a59f0dae - add fix_pie_linking.patch: fixes an error in the build system that causes the tss2 binary to be linked without passed LDFLAGS (like -pie), which causes the binary not to be position independent. Matthias Gerstner 2021-01-28 11:16:25 +0000
  • 784ccd7c1d - add fix_warnings.patch: fixes a couple of build errors resulting from LTO linking and -Werror. - update to major version 5.0: - Non Backwards Compatible Changes * Default hash algorithm is now sha256. Prior versions claimed sha1, but were inconsistent in choice. Best practice is to specify the hash algorithm to avoid surprises. * tpm2_tools and tss2_tools are now a busybox style commandlet. Ie tpm2_getrandom becomes tpm2 getrandom. make install will install symlinks to the old tool names and the tpm2 commandlet will interrogate argv[0] for the command to run. This will provide backwards compatibility if they are installed. If you wish to use the old names not installed system wide, set DESTDIR during install to a separate path and set the proper directory on PATH. * tpm2_eventlog's output changed to be YAML compliant. The output before was intended to be YAML compliant but was never properly checked and tested. * umask set to 0117 for all tools. * tpm2_getekcertificate now outputs the INTC EK certificates in PEM format by default. In order to output the URL safe variant of base64 encoded output of the INTC EK certificate use the added option --raw. - Dependency update * Update tpm2-tss dependency version to 3.0.1 * Update tpm2-abrmd dependency version to 2.3.3 - New tools and features * tpm2_zgen2phase: Add new tool to support command TPM2_CC_ZGen_2Phase. * tpm2_ecdhzgen: Add new tool to support command TPM2_CC_ECDH_ZGen. * tpm2_ecdhkeygen: Add new tool to support command TPM2_CC_ECDH_KeyGen. * tpm2_commit: Add new tool to support command TPM2_CC_Commit. * tpm2_ecephemeral: Add new tool to support command TPM2_CC_EC_Ephemeral. Matthias Gerstner 2021-01-28 10:50:59 +0000
  • 143120c460 Accepting request 843599 from security Dominique Leuenberger 2020-10-28 10:25:39 +0000
  • 106c7bd534 OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=61 Matthias Gerstner 2020-10-22 13:54:22 +0000
  • 9cd18c2c7f OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=60 Matthias Gerstner 2020-10-22 13:44:19 +0000
  • 58f4c3e7dc OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=59 Matthias Gerstner 2020-10-22 13:30:56 +0000
  • 756009e46c - update to version 4.3: - changes in version 4.3: - tss2_*: Fix double-free errors in commands asking for password authorization - tss2_*: Fix shorthand command -f that was falsely requiring an argument - tss2_*: Update tss2_encrypt to the new FAPI interface - The argument 'policyPath' is removed which was never read anyway - tss2_*: Remove the additional '\n' that was appended when redirecting to stdout - tss2_*: Update mandatory vs optional treatment of arguments according to latest Fapi spec - tss2_*: tss2_getinfo now retrieves the correct FAPI version from Fapi_GetInfo - tss2_*: Fix the error handling in case of multiple inputs and/or outputs from stdin/stdout - tss2_*: Fix syntax errors and update content of man pages according to latest Fapi spec - tss2_*: Add parameter types to all man page - tss2_*: tss2_setappdata now reads from file or stdin allowing to store also binary data - tss2_*: Memory leaks are fixed in cases when a returned empty non-char output value was passed to file output - tss2_pcrextend: fix extending PCR 0 - tss2_quote: fix unused TSS2_RC in LOG_ERR - changes in 4.2.1: - Fix missing handle maps for ESY3 handle breaks. See #1994. - Bump ESYS minimum dependency version from 2.3.0 to 2.4.0. - Fix for loop declarations build error. - changes in 4.2: - Fix various issues reported by static analysis tools. - Add integration test for ECC based getekcertificate. - Fix for issue #1959 where ARM builds were failing. - Add a check in autotools to add "expect" as a package dependency for fapi tools. - tpm2_createek: Drop the unused -p or --ek-auth option - tpm2_policyor: List of policy files should be specified as an argument - instead of -l option. The -l option is still retained for backwards - compatibility. See issue#1894. - tpm2_eventlog: add a tool for parsing and displaying the event log. Matthias Gerstner 2020-10-22 12:14:07 +0000
  • f15d2d4306 Accepting request 755855 from security Dominique Leuenberger 2019-12-18 13:44:47 +0000
  • 4d75d747d9 correct bogus_warning_patch Matthias Gerstner 2019-12-11 13:32:27 +0000
  • 2100671155 - add fix_bad_bufsize.patch: fixes findings from compile time fread() checks that indicate bad buffer size specification. - add fix_bogus_warning.patch: fixes maybe-unitialized warnings that are bogus, since the variables in questions will be initialized in any case later on. Matthias Gerstner 2019-12-11 13:30:50 +0000
  • 394bb79c04 - update to major version 4.1: - changes in version 4.1: * tpm2_certifycreation: New tool enabling command TPM2_CertifyCreation. Matthias Gerstner 2019-12-11 12:45:49 +0000
  • 698e740696 Accepting request 726072 from security Dominique Leuenberger 2019-08-27 08:23:58 +0000
  • 06e79ab919 - update to minor version 3.1.4: * Fix various man pages * tpm2_getmanufec: fix OSSL build warnings * Fix broken -T option * Various build compatibility fixes * Fix some unit tests * Update build for recent autoconf-archive versions * Install m4 files Matthias Gerstner 2019-08-26 07:43:27 +0000
  • 0f58e8a3e3 Accepting request 682127 from security Dominique Leuenberger 2019-03-06 14:52:18 +0000
  • f1323dc909 - update to minor version 3.1.3: - Restore support for the TPM2TOOLS_* env vars for TCTI configuration, in addition to supporting the new unified TPM2TOOLS_ENV_TCTI - Fix tpm2_getcap to print properties with the TPM_PT prefix, rather than TPM2_PT - Make test_tpm2_activecredential Python 3 compatible - Fix tpm2_takeownership to only attempt to change the specified hierarchies - use a _service file to sync with upstream tags Matthias Gerstner 2019-03-06 10:49:41 +0000
  • 66b1dc2233 Accepting request 665954 from security Dominique Leuenberger 2019-01-21 09:53:02 +0000
  • 2b2ef21cc0 incorporate FATE# in changes file for SLE-15-SP1 (bsc#1121860) Matthias Gerstner 2019-01-14 14:23:36 +0000
  • abc442bb2e Accepting request 638482 from security Dominique Leuenberger 2018-09-28 06:53:21 +0000
  • 50f2c4ff46 - update to minor version 3.1.2: - Revert the change to use user supplied object attributes exclusively. This is an inappropriate behavioural change for a MINOR version number increment. - Fix inclusion of object attribute specifiers section in tpm2_create and tpm2_createprimary man pages. - Use better object attribute defaults for authentication, preventing an empty password being used for authentication when a policy is set. Matthias Gerstner 2018-09-26 16:05:23 +0000
  • 648bab42ff Accepting request 630849 from security Dominique Leuenberger 2018-08-22 12:22:37 +0000
  • 7ae3e16bae - update to minor version 3.1.1: - Allow man page installation without pandoc being available Matthias Gerstner 2018-08-22 09:07:13 +0000
  • 0afd2b19a5 Accepting request 620445 from security Dominique Leuenberger 2018-07-06 08:41:14 +0000
  • 49a7dff047 OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=42 Matthias Gerstner 2018-06-29 14:14:45 +0000
  • 06f893a56a Accepting request 614208 from security Dominique Leuenberger 2018-06-08 21:14:01 +0000
  • 9deb2b9aaa - fix build after adding install-man.patch: autoreconf is needed again (sigh!) Matthias Gerstner 2018-06-05 09:56:06 +0000
  • 7314156e15 Accepting request 603119 from security Dominique Leuenberger 2018-05-03 10:34:00 +0000
  • 04fa779b2e - install-man.patch: even after update to 3.0.4 the man pages are not installed correctly. This patch fixes it locally. Matthias Gerstner 2018-05-02 12:11:07 +0000
  • f479ea4d55 - update to version 3.0.4: - Fix save and load for TPM2B_PRIVATE object. - Use a default buffer size for tpm2_nv{read,write} if the TPM reports a 0 size. - Fix --verbose and --version options crossover. - Generate man pages from markdown and include them in the distribution tarball. - Print usage summary if tools are executed with no options or man page can't be displayed. - man pages will be shipped for SLE version now, too (pandoc dependency was removed) Matthias Gerstner 2018-05-02 11:07:16 +0000
  • 8df45f9c6d Accepting request 583976 from security Dominique Leuenberger 2018-03-08 09:59:21 +0000
  • b936ba61f5 - disable pandoc for all but openSUSE, since pandoc never was on SLE Matthias Gerstner 2018-03-07 15:44:46 +0000
  • 190967a254 - disable pandoc/man pages generation on SLE-15, because pandoc is not available there (and adding it would require two dozen additional haskell packages) Matthias Gerstner 2018-03-07 14:45:11 +0000
  • 71d06872b5 Accepting request 578990 from security Dominique Leuenberger 2018-02-26 22:24:17 +0000
  • 14f68543f3 - update to version 3.0.3: - various changes in tool options - man pages are now in section 1 (formerly in section 8) - tools are now installed in /usr/bin (formerly /usr/sbin) Matthias Gerstner 2018-02-22 11:21:56 +0000
  • 5b27cc75a1 Accepting request 540241 from security Dominique Leuenberger 2017-11-11 13:20:13 +0000
  • d61e6c9bf0 Accepting request 540183 from home:vitezslav_cizek:branches:security Matthias Gerstner 2017-11-09 14:39:53 +0000
  • f8ff91ad97 Accepting request 517972 from security Dominique Leuenberger 2017-08-28 13:12:10 +0000
  • df8d6a816d Accepting request 517963 from home:mgerstner:branches:security Marcus Meissner 2017-08-21 16:23:48 +0000
  • a81dc31f7d Accepting request 514173 from security Dominique Leuenberger 2017-08-21 09:36:34 +0000
  • 66300d848f Accepting request 514158 from home:mgerstner:branches:security Marcus Meissner 2017-08-03 08:12:24 +0000
  • 97028ca739 Accepting request 507025 from security Dominique Leuenberger 2017-06-29 13:22:20 +0000
  • 7df9e7ce3c added missing bnc/CVE Matthias Gerstner 2017-06-29 10:25:50 +0000
  • 00ea3cc493 - 0002-kdfa-use-openssl-for-hmac-not-tpm.patch: fixed unexpected leak of cleartext password into the tpm when generating an HMAC in the context of tpm_kdfa() (key derivation function). Matthias Gerstner 2017-06-29 09:49:42 +0000
  • e50722fd3a Accepting request 505011 from security Dominique Leuenberger 2017-06-21 11:57:31 +0000
  • 04ffd0c388 - 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch: fixed tpm2_listpcrs aborting saying "too much pcrs to get!" (bnc#1044419) Matthias Gerstner 2017-06-20 08:42:38 +0000
  • 7a34ca473f Accepting request 500551 from security Dominique Leuenberger 2017-06-04 00:00:01 +0000
  • f72afddb76 - tpm2.0-tools-fix-gcc7.patch: fixed gcc7 case fallthrough errors Marcus Meissner 2017-06-02 07:38:55 +0000
  • 867d9609b5 OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=18 Marcus Meissner 2017-06-02 07:36:48 +0000
  • 3e796b468b - tpm2.0-tools-fix-hardening.patch: do not disable fortify, do not use -Wstack-protector as it warns also for non-utilized functions and then -Werror fails. Marcus Meissner 2017-06-02 07:17:27 +0000