Releases: stefanberger/libtpms
Releases · stefanberger/libtpms
Release of v0.9.6
version 0.9.6:
- tpm2: Check size of buffer before accessing it (CVE-2023-1017 & CVE-2023-1018)
Release of v0.8.9
version 0.8.9:
- tpm2: Check size of buffer before accessing it (CVE-2023-1017 & CVE-2023-1018)
Release of v0.7.11
version 0.7.11:
- tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
- tpm2: Fix a potential overflow expression (coverity)
- tpm2: Fix size check in CryptSecretDecrypt
- tpm2: Check return code of BN_div()
- tpm2: Do not write permanent state if only clock changed
Release of v0.8.8
version 0.8.8:
- tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
- tpm2: Fix a potential overflow expression (coverity)
- tpm2: Fix size check in CryptSecretDecrypt
- tpm2: Check return code of BN_div()
- tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size 0 (OSS
- tpm2: Do not write permanent state if only clock changed
- build-sys: Add probing for -fstack-protector
Release of v0.9.5
version 0.9.5:
- tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
- tpm2: Fix a potential overflow expression (coverity)
- tpm2: Fix size check in CryptSecretDecrypt
Release of v0.9.4
version 0.9.4:
- tpm: #undef printf in case it is #define'd (OSS-Fuzz)
- tpm2: Check return code of BN_div()
- tpm2: Initialize variables due to gcc complaint (s390x, false positive)
- tpm12: Initialize variables due to gcc complaint (s390x, false positive)
- build-sys: Fix configure script to support _FORTIFY_SOURCE=3
Release of v0.9.3
version 0.9.3:
- build-sys: Add probing for -fstack-protector
- tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size
(OSSL 3)
Release of v0.9.2
Version 0.9.2:
- tpm2: When writing state initialize s_ContextSlotMask if not set
Release of v0.9.1
version 0.9.1:
- tpm2: Do not write permanent state if only clock changed
- tpm2: Fix "maybe-uninitialized" warning
Release of v0.9.0
Version 0.9.0:
- NOTE: Downgrade to previous versions is not possible. See below.
- The size of the context gap has been adjusted to 0xffff from 0xff.
As a consequence of this the volatile state's format (STATE_RESET_DATA)
has changed and cannot be downgraded. - Applied work-around for Win 2016 & 2019 server related to
TPM2_ContextLoad (issue #217) - Check for several more compile-time constants
- Enabled Camellia symmetric key encryption algorithm
- tpm2: CryptSym: fix AES output IV
- tpm2: Added a cache for private exponent D and prime Q
- tpm2: bug fixes related to state marshalling
- tpm2: Consume padding bytes in TPM2_ContextLoad() (Win2k19, issue #217)
- tests: Improvements on the fuzzer
- tpm2: Switch to UINT16 for CONTEXT_SLOT and 64k context gap
- tpm2: Update to TPM 2 spec rev 164
- build-sys: Enable building --without-tpm1
- tpm2: Marshal event sequence objects' hash state
- tpm2: Fixes for build and runtime when using OpenSSL 3.0