File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 1+ libtpms (0.7.12) RELEASED; urgency=high
2+
3+ * tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
4+ * tpm2: Check size of buffer before accessing it (CVE-2023-1017 & -1018)
5+ * tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size 0 (OSSL 3)
6+ * tpm2: Return TPM_RC_VALUE upon decryption failure
7+ * tpm2: Fix the returned number in the JSON
8+ * tpm12: Replace include of engine.h with err.h
9+
10+ -- Stefan Berger <stefanb@linux.ibm.com> Tue, 10 Jun 2025 00:00:00 -0500
11+
112libtpms (0.7.11) RELEASED; urgency=medium
213
314 * tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
Original file line number Diff line number Diff line change @@ -112,6 +112,14 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
112112%postun -p /sbin/ldconfig
113113
114114%changelog
115+ * Tue Jun 10 2025 Stefan Berger - 0.7.12-1
116+ - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
117+ - tpm2: Check size of buffer before accessing it (CVE-2023-1017 & -1018)
118+ - tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size 0 (OSSL 3)
119+ - tpm2: Return TPM_RC_VALUE upon decryption failure
120+ - tpm2: Fix the returned number in the JSON
121+ - tpm12: Replace include of engine.h with err.h
122+
115123* Fri Nov 11 2022 Stefan Berger - 0.7.11-1
116124- tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
117125- tpm2: Fix a potential overflow expression (coverity)
Original file line number Diff line number Diff line change @@ -112,6 +112,14 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
112112%postun -p /sbin/ldconfig
113113
114114%changelog
115+ * Tue Jun 10 2025 Stefan Berger - 0.7.12-1
116+ - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
117+ - tpm2: Check size of buffer before accessing it (CVE-2023-1017 & -1018)
118+ - tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size 0 (OSSL 3)
119+ - tpm2: Return TPM_RC_VALUE upon decryption failure
120+ - tpm2: Fix the returned number in the JSON
121+ - tpm12: Replace include of engine.h with err.h
122+
115123* Fri Nov 11 2022 Stefan Berger - 0.7.11-1
116124- tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
117125- tpm2: Fix a potential overflow expression (coverity)
You can’t perform that action at this time.
0 commit comments