ELBA-2021-9237

ELBA-2021-9237 - libtpms bug fix update

Type:BUG
Severity:NA
Release Date:2021-05-17

Description


libtpms
[0.8.2-1.el7]
- spec: Update spec file for 0.8.2

* Mon Mar 01 2021 Stefan Berger - 0.8.2-1
- tpm2: CryptSym: fix AES output IV; a CVE has been filed for this issue

* Fri Feb 26 2021 Stefan Berger - 0.8.1-1
- Fixed a context save and suspend/resume problem when public keys are loaded

* Wed Feb 24 2021 Stefan Berger - 0.8.0-1
- Release of version 0.8.0 (rev. 162)

* Fri Jul 19 2019 Stefan Berger - 0.7.0-1
- Release of version 0.7.0 (rev. 150)

* Mon Jan 15 2018 Stefan Berger - 0.6.0-1
- Release of version 0.6.0 with TPM 2.0 support

* Mon Jun 30 2014 Stefan Berger - 0.5.2-1
- Updated to version 0.5.2
- coverity fixes
- fixes for ARM64 using __aarch64__

[0.5.1-20.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

[0.5.1-19]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Mon Mar 25 2013 Stefan Berger - 0.5.1-18
- Ran autoreconf for support of aarch64
- Checking for __arm64__ in code

[0.5.1-17]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

[0.5.1-16]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

[0.5.1-15]
- Add dist tag as required by package guidelines

* Fri Jan 27 2012 Stefan Berger - 0.5.1-14
- fix gcc-4.7 compilation problem

[0.5.1-13]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

[0.5.1-12]
- fix build on secondary arches

* Wed Nov 02 2011 Stefan Berger - 0.5.1-11
- added (lib)gmp as runtime dependency

* Sat Oct 08 2011 Stefan Berger - 0.5.1-10
- internal fixes; callback fixes

* Tue Aug 30 2011 Stefan Berger - 0.5.1-9
- new directory structure and build process

* Tue Jul 12 2011 Stefan Berger - 0.5.1-8
- added pkgconfig as build dependency
- enabling __powerpc__ build following Bz 728220

* Wed May 25 2011 Stefan Berger - 0.5.1-7
- increasing NVRAM area space to have enough room for certificates

* Wed May 25 2011 Stefan Berger - 0.5.1-6
- adding libtpms.pc pkg-config file

* Wed Apr 13 2011 Stefan Berger - 0.5.1-5
- adding BuildRequires for nss-softokn-freebl-static
- several libtpms-internal changes around state serialization and
deserialization
- fixes to libtpms makefile (makefile-libtpms)
- adding build_type to generate a debug or production build
- need nss-devel to have nss-config

* Tue Mar 08 2011 Stefan Berger - 0.5.1-4
- small fixes to libtpms makefile

* Fri Feb 25 2011 Stefan Berger - 0.5.1-3
- removing release from tar ball name
- Use {?_smp_mflags} for make rather than hardcoding it
- Fixing post and postun scripts; removing the scripts for devel package
- Fixing usage of defattr
- Adding version information into the changelog headers and spaces between the changelog entries
- Adding LICENSE, README and CHANGELOG file into tar ball and main rpm
- Removing clean section
- removed command to clean the build root
- adding library version to the libries required for building and during
runtime
- Extended Requires in devel package with {?_isa}

* Fri Feb 18 2011 Stefan Berger - 0.5.1-2
- make rpmlint happy by replacing tabs with spaces
- providing a valid URL for the tgz file
- release is now 2 -> 0.5.1-2

* Mon Jan 17 2011 Stefan Berger - 0.5.1-1
- Update version to 0.5.1

* Fri Jan 14 2011 Stefan Berger - 0.5.0-1
- Changes following Fedora review comments

* Thu Dec 02 2010 Stefan Berger
- Small tweaks after reading the FedoreCore packaging requirements

* Tue Nov 16 2010 Stefan Berger
- Created initial version of rpm spec files
- Version of library is now 0.5.0
- Debuginfo rpm is built but empty -- seems to be a known problem
Check https://bugzilla.redhat.com/show_bug.cgi?id=209316

swtpm
[0.3.4-4.el7]
- spec: Use old instead of (Patrick
Colp)

[0.3.4-3.el7]
- samples: Do not follow symlinks on logfile (CVE-2020-28407) (Patrick Colp) {CVE-2020-28407}
- swtpm_setup: Do no follow symlink on logfile (CVE-2020-28407) (Patrick Colp) {CVE-2020-28407}
- swtpm: Use open() (not fopen()) when accessing statefile (CVE-2020-28407) (Stefan Berger) {CVE-2020-28407}
- swtpm: Write state files atomically using file renaming (Stefan Berger) {CVE-2020-28407}
- swtpm: Switch to open() from fopen() for the pidfile (CVE-2020-28407) (Stefan Berger) {CVE-2020-28407}
- swtpm: Do not follow symlinks when opening lockfile (CVE-2020-28407) (Stefan Berger) {CVE-2020-28407}
- swtpm_cert: Switch to open() from fopen() for writing certificate (Stefan Berger) [Orabug: 32739904] {CVE-2020-28407}

[0.3.4-2.el7]
- swtpm: Add a function to query the mtime of the NVRAM file (Patrick Colp)
- Allow storing/loading the PCR event log state blob to/from a file (David Edmondson)
- Allow storing the PCR values state blob to a file (David Edmondson)
- Allow the PCR event log blob to be set (David Edmondson)
- Allow the current PCR event log blob to be queried (David Edmondson)
- Allow the current PCR values blob to be queried (David Edmondson)

[0.3.4-1.el7]
- spec: Add initial swtpm.spec file

[0.3.4]
- v0.3.4 release

[0.3.3]
- v0.3.3 release

[0.3.2]
- v0.3.2 release

[0.3.1-20200218git7b30a54]
- v0.3.1 release

[0.3.0-20200218git38f36f3]
- v0.3.0 release

[0.2.0-20190716git817d3a8]
- v0.2.0 release

[0.1.0-0.20190204git2c25d13]
- v0.1.0 release

[0.1.0-0.20180918git67d7ea3]
- Created initial version of rpm spec files
- Version is now 0.1.0
- Bugzilla for this spec: https://bugzilla.redhat.com/show_bug.cgi?id=1611829




Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete