Revisions of tpm2-0-tss

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1172147 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 36)
Update to version 4.1:
+ Security
    - Fixed CVE-2024-29040 (bsc#1223690)
+ Fixed
    - fapi: Fix length check on FAPI auth callbacks
    - mu: Correct error message for errors
    - tss2-rc: fix unknown laer handler dropping bits.
    - fapi: Fix deviation from CEL specification (template_value was used instead of template_data).
    - fapi: Fix json syntax error in FAPI profiles which was ignored by json-c.
    - build: fix build fail after make clean.
    - mu: Fix unneeded size check in TPM2B unmarshaling.
    - fapi: Fix missing parameter encryption.
    - build: Fix failed build with --disable-vendor.
    - fapi: Fix flush of persistent handles.
    - fapi: Fix test provisioning with template with self generated certificate disabled.
    - fapi: Fix error in Fapi_GetInfo it TPM supports SHA3 hash algs.
    - fapi: Revert pcr extension for EV_NO_ACTION events.
    - fapi: Fix strange error messages if nv, ext, or policy path does not exits.
    - fapi: Fix segfault caused by wrong allocation of pcr policy.
    - esys: Fix leak in Esys_EvictControl for persistent handles.
    - tss2-tcti: tcti-libtpms: fix test failure on big-endian platform.
    - esys: Add reference counting for Esys_TR_FromTPMPublic.
    - esys: Fix HMAC error if session bind key has an auth value with a trailing 0.
    - fapi: fix usage of self signed certificates in TPM.
    - fapi: Usage of self signed certificates.
    - fapi: A segfault after the error handling of non existing keys.
    - fapi: Fix several leaks.
    - fapi: Fix error handling for policy execution.
    - fapi: Fix usage of persistent handles (should not be flushed)
    - fapi: Fix test provisioning with template (skip test without self generated certificate).
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1138772 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 35)
- Fix tmpfiles %ghost file names (forwarded request 1138485 from gmbr3)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1100357 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 33)
Require openssl-3 over openssl-1 to assist migration of applications to newer openssl-3.

Alternately we might need to have two copies of the package for openssl-3 and openssl-1, but
we have to transition to just openssl-3 at some point.

This is required for Kanidm as it requires openssl-3 and tpm2-0-tss. (forwarded request 1100221 from firstyear)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1059943 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 31)
- add 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch: fixes
  CVE-2023-22745 (bsc#1207325): Buffer Overlow in TSS2_RC_Decode. Overly large
  RC values passed to the TSS2 function could lead to memory overread or
  memory overread.
  This patch is not yet part of any upstream git tag.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 906621 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 27)
- Remove conflicting sysusers.d file (forwarded request 906490 from gmbr3)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 902710 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 26)
- small services fixes and comments
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 867410 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 25)
- update to 3.0.3:
  - changes in 3.0.3:
    * Fix Regression in Fapi_List
    * Fix memory leak in policy calculation
  - changes in 3.0.2:
    * FAPI: Fix setting of the system flag of NV objects
    * This will let NV object metadata be created system-wide always instead of
    * locally in the user. Existing metadata will remain in the user directory.
    * It can be moved to the corresponding systemstore manually if needed.
    * FAPI: Fix policy searching, when a policyRef was provided
    * FAPI: Accept EK-Certs without CRL dist point
    * FAPI: Fix return codes of Fapi_List
    * FAPI: Fix memleak in policy execution
    * FAPI: Fix coverity NULL-pointer check
    * FAPI: Set the written flag of NV objects in FAPI PolicyNV commands
    * FAPI: Fix deleting of policy files.
    * FAPI: Fix wrong file loading during object search.
    * Fapi: Fix memory leak
    * Fapi: Fix potential NULL-Dereference
    * Fapi: Remove superfluous NULL check
    * Fix a memory leak in async keystore load.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 844057 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 24)
- also add tctildr0 and cmd0 libraries to baselibs.conf
- move the tcti-fapi tmpfiles.d config file into the libtss2-fapi1 sub-package.
- improve the descriptions of new libraries (fapi1, cmd0, swtpm0)
- adjust baselibs.conf to match new library versions and added libraries

- Update to 3.0.1, changelog at:
  https://github.com/tpm2-software/tpm2-tss/blob/3.0.x/CHANGELOG.md
- Update libtss2-sys0 to libtss2-sys1
- Add new libs:
  * libtss2-fapi1
  * libtss2-tcti-cmd0
  * libtss2-tcti-swtpm0
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 778720 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 23)
- Update to version 2.3.3
  * Fixed mixing salted and unsalted sessions in the same ESAPI
    context
  * Removed use of VLAs from TPML marshal code
  * Added check for object node before calling compute_session_value
    function
  * Fixed auth calculation in Esys_StartAuthSession called with
    optional parameters
  * Fixed compute_encrypted_salt error handling in
    Esys_StartAuthSession
  * Fixed exported symbols map for libtss2-mu
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 769069 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 22)
- Use system-users for tss user creation (boo#1162360).

This should be handled together with sr#769061
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 767595 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 21)
- BuildRequire pkgconfig(udev) instead of udev: allow OBS to
  shortcut through the -mini flavor. (forwarded request 766910 from dimstar)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 760375 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 20)
- update to upstream version 2.3.2:
  - changes since version 2.3.0:
    - Fix unit tests on S390 architectures
    - Fixed HMAC generation for policy sessions (forwarded request 759944 from mnhauke)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 755853 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 19)
- update to upstream version 2.3.0:
  - changes in version 2.3.0:
    - tss2-tctildr: A new library that helps with tcti initialization
      Recommend to use this in place of custom tcti loading code now !
    - tss2-rc: A new library that provides textual representations for return
      codes
    - Option to disable NIST-deprecated crypto (--disable-weak-crypto)
    - Support Esys_TR_FromTPMPublic on sessions (for use in Esys_FlushContext)
    - map-files with correct symbol lists for tss2-sys and tss2-esys
      This may lead to unresolved symbols in linked applications
    - Support to call Tss2_Sys_Execute repeatedly on certain errors
    - Reduced RAM consumption in Esys due to Tss2_Sys_Execute change
    - Automated session attribution clearing for esys (decrypt and encrypt)
      per cmd
    - Removed libtss2-mu from "Requires" field of libtss2-esys.pc
      Needs to be added explicitely now
    - All fixes from 2.2.1, 2.2.2 and 2.2.3
    - Fixed SPDX License Identifiers
    - Fixed Null-pointer problems in tcti-tbs
    - Fixed Default locality for tcti-mssim set to LOC_0
    - Fixed coverity and valgrind leaks detected in test programs (not library
      code)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 726006 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 18)
- update to upstream version 2.2.3:
  - changes in version 2.2.3:
    * Fix computation of session name
    * Fixed PolicyPassword handling of session Attributes
    * Fixed windows build from dist ball
    * Fixed default tcti configure option
    * Fixed nonce size calculation in ESYS sessions
  - changes in version 2.2.2:
    * Fixed wrong encryption flag in EncryptDecrypt
    * Fixing openssl engine invocation
Yuchen Lin's avatar Yuchen Lin (maxlin_factory) accepted request 698149 from Matthias Gerstner's avatar Matthias Gerstner (mgerstner) (revision 17)
- bsc#1130588: Require shadow instead of old pwdutils (forwarded request 698141 from jubalh)
Displaying revisions 1 - 20 of 36
openSUSE Build Service is sponsored by