Changelog for
libtpms0-0.8.2-150300.3.9.1.x86_64.rpm :
* Tue Apr 25 2023 meissnerAATTsuse.com- 0001-tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch: Fixes CVE-2023-1017 & CVE-2023-1018: fixed memory corruptions in CryptParameterDecryption (bsc#1206022 bsc#1206023)
* Fri Nov 25 2022 pgajdosAATTsuse.com- fix build for ppc64le: use -Wl,--no-as-needed in check-local [bsc#1204556]
* Fri Oct 21 2022 meissnerAATTsuse.com- Added patches: 0001-tpm2-Reset-TPM2B-buffer-sizes-after-test-fails-for-v.patch 0002-tpm2-Add-maxSize-parameter-to-TPM2B_Marshal-for-sani.patch 0003-tpm2-Restore-original-value-if-unmarsalled-value-was.patch- CVE-2021-3623: Fixed out-of-bounds access when trying to resume the state of the vTPM (bsc#1187767)
* Tue Aug 31 2021 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-3746 [bsc#1189935], out-of-bounds access via specially crafted TPM 2 command packets + libtpms-CVE-2021-3746.patch
* Mon Apr 19 2021 glinAATTsuse.com- Update to version 0.8.2
* NOTE: Downgrade to 0.7.x or below is not possible. Due to fixes in the TPM 2 prime number generation code in rev155 it is not possible to downgrade from libtpms version 0.8.0 to some previous version. The seeds are now associated with an age so that older seeds use the old TPM 2 prime number generation code while newer seed use the newer code.
* tpm2: rev155: Add new RsaAdjustPrimeCandidate code but do not use (bsc#1184939 CVE-2021-3505)
* tpm2: Activate SEED_COMPAT_LEVEL_RSA_PRIME_ADJUST_FIX (bsc#1184939 CVE-2021-3505)
* Update to TPM 2 code release 159 - X509 support is enabled + SM2 signing of ceritificates is NOT supported - Authenticated timers are disabled
* Update to TPM 2 code relase 162 - ECC encryption / decryption is disabled
* Fix support for elliptic curve due to missing unmarshalling code
* Runtime filter supported elliptic curves supported by OpenSSL
* Fix output buffer parameter and size for RSA decryption that could cause stack corruption under certain circumstances
* Set the RSA PSS salt length to the digest length rather than max
* Fixes to symmetric decryption related to input size check, defer padding to the user [EVP_CIPHER_CTX_set_padding(ctx, 0)] and to always use a temporary malloc\'ed buffer for decryption
* Fixed the set of PCRs belonging to the TCB group. This affects the pcrUpdateCounter in TPM2_Pcrread() responses, thus needs latest swtpm for test cases to succeed there.
* Fri Mar 19 2021 glinAATTsuse.com- Update to version 0.7.7
* CryptSym: fix AES output IV (bsc#1183729, CVE-2021-3446)
* tpm2: Fix public key context save due to ANY_OBJECT_Marshal usage
* tpm2: Address some Coverity issues (false positives)
* tpm1.2: Backported ASAN/UBSAN related fixes
* tpm2: Return properly sized array for b parameter for NIST P521 (HLK)
* tpm2: Addressed issues detected by UBSAN
* tpm2: Addressed issues detected by cppcheck (false positives)
* Mon Nov 23 2020 glinAATTsuse.com- Update to version 0.7.4
* Addressed potential constant-time related issues in TPM 1.2 and TPM 2 code TPM 1.2: RSA decryption TPM 2: EcSchnorr and EcSM2 signatures; Ecsda is handled by OpenSSL
* Fixed some compilation issues
* Thu Jul 23 2020 kai.liuAATTsuse.com- Update to version 0.7.3
* Fixed the set of PCRs belonging to the TCB group. This affects the pcrUpdateCounter in TPM2_Pcrread() responses, thus needs latest `swtpm` (master, stable branches) for test cases to succeed there.- Changes since version 0.7.2
* Fix output buffer parameter and size for RSA decryption that could cause stack corruption under certain circumstances
* Set the RSA PSS salt length to the digest length rathern than max. possible
* Fixes to symmetric decrytion related to input size check, defer padding to the user [EVP_CIPHER_CTX_set_padding(ctx, 0)] and to always use a temporary malloc\'ed buffer for decryption- Changes since version 0.7.1
* tpm2: Fix TDES key creation by adding missing un-/marshalling functions
* tpm2: Fix a bug in CheckAuthSession
* compilation fixes for TPM 1.2 & TPM 2 and various architectures and gcc versions
* Fix support for NIST curves P{192,224,521} and SM2 P256 and BNP648 that would not work;
* Runtime filter elliptic curves (that OpenSSL does not support) and do not advertise those curves as capabilities
* Removed unnecessary space in MANUFACTURER \"IBM \" -> \"IBM\"
* Thu Sep 05 2019 glinAATTsuse.com- Update to version 0.7.0
* fixes for TPM2- Add gcc-c++ to BuildRequires
* Mon Jan 28 2019 glinAATTsuse.com- Update to version 0.6.0
* Introduce TPM2 support- Use %license tag for LICENSE
* Wed Jan 17 2018 vcizekAATTsuse.com- Update to version 0.6.0-dev1
* no upstream changelog
* fix build with openssl 1.1 (bsc#1074801)- fix rpm group
* Sat Mar 21 2015 p.drouandAATTgmail.com- Update to version 0.5.2
* No entry for this release- Update project home and download Urls- Add autoconf, automake and libtool build require; the tarball comes from git and configure script has to be generated