Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package tpm2.0-tools for openSUSE:Factory checked in at 2021-10-23 00:50:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tpm2.0-tools (Old) and /work/SRC/openSUSE:Factory/.tpm2.0-tools.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tpm2.0-tools" Sat Oct 23 00:50:23 2021 rev:32 rq:926522 version:5.2 Changes: -------- --- /work/SRC/openSUSE:Factory/tpm2.0-tools/tpm2.0-tools.changes 2021-08-02 12:04:42.657660613 +0200 +++ /work/SRC/openSUSE:Factory/.tpm2.0-tools.new.1890/tpm2.0-tools.changes 2021-10-23 00:50:43.825126259 +0200 @@ -1,0 +2,108 @@ +Wed Oct 20 08:53:37 UTC 2021 - Alberto Planas Dominguez <[email protected]> + +- Update to version 5.2: + + tpm2_nvextend: + * Added option -n, --name to specify the name of the nvindex in + hex bytes. This is used when cpHash ought to be calculated + without dispatching the TPM2_NV_Extend command to the TPM. + + tpm2_nvread: + * Added option --rphash=FILE to specify ile path to record the + hash of the response parameters. This is commonly termed as + rpHash. + * Added option -n, --name to specify the name of the nvindex in + hex bytes. This is used when cpHash ought to be calculated + without dispatching the TPM2_NVRead command to the TPM. + * Added option -S, --session to specify to specify an auxiliary + session for auditing and or encryption/decryption of the + parameters. + + tpm2_nvsetbits: + * Added option --rphash=FILE to specify file path to record the + hash of the response parameters. This is commonly termed as + rpHash. + * Added option -S, --session to specify to specify an auxiliary + session for auditing and or encryption/decryption of the + parameters. + * Added option -n, --name to specify the name of the nvindex in + hex bytes. This is used when cpHash ought to be calculated + without dispatching the TPM2_NV_SetBits command to the TPM. + + tpm2_createprimary: + * Support public-key output at creation time in various public-key + formats. + + tpm2_create: + * Support public-key output at creation time in various public-key + formats. + + tpm2_print: + * Support outputing public key in various public key formats over + the default YAML output. Supports taking -u output from + tpm2_create and converting it to a PEM or DER file format. + + tpm2_import: + * Add support for importing keys with sealed-data-blobs. + + tpm2_rsaencrypt, tpm2_rsadecrypt: + * Add support for specifying the hash algorithm with oaep. + + tpm2_pcrread, tpm2_quote: + * Add option -F, --pcrs_format to specify PCR format selection for + the binary blob in the PCR output file. 'values' will output a + binary blob of the PCR values. 'serialized' will output a binary + blob of the PCR values in the form of serialized data structure + in little endian format. + + tpm2_eventlog: + * Add support for decoding StartupLocality. + * Add support for printing the partition information. + * Add support for reading eventlogs longer than 64kb including + from /sys/kernel/security/tpm0/binary_bios-measurements. + + tpm2_duplicate: + * Add option -L, --policy to specify an authorization policy to be + associated with the duplicated object. + * Added support for external key duplication without needing the + TCTI. + + tools: + * Enhance error message on invalid passwords when sessions cannot + be used. + + lib/tpm2_options: + * Add option to specify fake tcti which is required in cases where + sapi ctx is required to be initialized for retrieving command + parameters without invoking the tcti to talk to the TPM. + + openssl: + * Dropped support for OpenSSL < 1.1.0 + * Add support for OpenSSL 3.0.0 + + Support added to make the repository documentation and man pages + available live on readthedocs. + + Bug-fixes: + * tpm2_import: Don't allow setting passwords for imported object + with -p option as the tool doesn't modify the TPM2B_SENSITIVE + structure. Added appropriate logging to indicate using + tpm2_changeauth after import. + * lib/tpm2_util.c: The function to calculate pHash algorithm + returned error when input session is a password session and the + only session in the command. + * lib/tpm2_alg_util.c: Fix an error where oaep was parsed under + ECC. + * tpm2_sign: Fix segfaults when tool does not find TPM resources + (TPM or RM). + * tpm2_makecredential: Fix an issue where reading input from stdin + could result in unsupported data size larger than the largest + digest size. + * tpm2_loadexternal: Fix an issue where restricted attribute could + not be set. + * lib/tpm2_nv_util.h: The NV index size is dependent on different + data sets read from the GetCapability structures because there + is a dependency on the NV operation type: Define vs Read vs + Write vs Extend. Fix a sane default in the case where + GetCapability fails or fails to report the specific property/ + data set. This is especially true because some properties are + TPM implementation dependent. + * tpm2_createpolicy: Fix an issue where tool exited silently + without reporting an error if wrong pcr string is specified. + * lib/tpm2_alg_util: add error message on public init to prevent + tools from dying silently, add an error message. + * tpm2_import: fix an issue where an imported hmac object scheme + was NULL. While allowed, it was inconsistent with other tools + like tpm2_create which set the scheme as hmac->sha256 when + generating a keyedhash object. + +- Drop patches already in upstream: + + 0001-tpm2_checkquote-fix-uninitialized-variable.patch + + 0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch + + 0001-tpm2_eventlog-read-eventlog-file-in-chunks.patch + +------------------------------------------------------------------- Old: ---- 0001-tpm2_checkquote-fix-uninitialized-variable.patch 0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch 0001-tpm2_eventlog-read-eventlog-file-in-chunks.patch tpm2-tools-5.1.1.tar.gz tpm2-tools-5.1.1.tar.gz.asc New: ---- tpm2-tools-5.2.tar.gz tpm2-tools-5.2.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tpm2.0-tools.spec ++++++ --- /var/tmp/diff_new_pack.H5qkCV/_old 2021-10-23 00:50:44.505126413 +0200 +++ /var/tmp/diff_new_pack.H5qkCV/_new 2021-10-23 00:50:44.509126413 +0200 @@ -17,7 +17,7 @@ Name: tpm2.0-tools -Version: 5.1.1 +Version: 5.2 Release: 0 Summary: Trusted Platform Module (TPM) 2.0 administration tools License: BSD-3-Clause @@ -28,9 +28,6 @@ # git show william-roberts-pub javier-martinez-pub joshua-lock-pub idesai-pub > tpm2-tools.keyring Source2: tpm2-tools.keyring Patch0: fix_bogus_warning.patch -Patch2: 0001-tpm2_checkquote-fix-uninitialized-variable.patch -Patch3: 0001-tpm2_eventlog-read-eventlog-file-in-chunks.patch -Patch4: 0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch BuildRequires: gcc-c++ BuildRequires: libcurl-devel BuildRequires: libopenssl-devel @@ -83,7 +80,7 @@ %files %defattr(-,root,root) -%doc README.md doc/CHANGELOG.md +%doc doc/README.md doc/CHANGELOG.md %license doc/LICENSE /usr/bin/tpm2* /usr/bin/tss2* ++++++ tpm2-tools-5.1.1.tar.gz -> tpm2-tools-5.2.tar.gz ++++++ ++++ 10701 lines of diff (skipped)
