Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libtpms for openSUSE:Factory checked in at 2022-04-13 21:03:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libtpms (Old) and /work/SRC/openSUSE:Factory/.libtpms.new.1900 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libtpms" Wed Apr 13 21:03:59 2022 rev:14 rq:968367 version:0.9.3 Changes: -------- --- /work/SRC/openSUSE:Factory/libtpms/libtpms.changes 2021-12-12 21:27:23.628333876 +0100 +++ /work/SRC/openSUSE:Factory/.libtpms.new.1900/libtpms.changes 2022-04-13 21:04:01.792520330 +0200 @@ -1,0 +2,9 @@ +Sun Apr 10 12:43:58 UTC 2022 - Dirk M??ller <[email protected]> + +- update to 0.9.3: + * build-sys: Add probing for -fstack-protector + * tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size + * (OSSL 3) + * tpm2: When writing state initialize s_ContextSlotMask if not set + +------------------------------------------------------------------- Old: ---- libtpms-0.9.1.tar.gz New: ---- libtpms-0.9.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libtpms.spec ++++++ --- /var/tmp/diff_new_pack.sSLwsv/_old 2022-04-13 21:04:03.136521404 +0200 +++ /var/tmp/diff_new_pack.sSLwsv/_new 2022-04-13 21:04:03.140521407 +0200 @@ -1,7 +1,7 @@ # # spec file for package libtpms # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define lname libtpms0 Name: libtpms -Version: 0.9.1 +Version: 0.9.3 Release: 0 Summary: Library providing Trusted Platform Module (TPM) functionality License: BSD-3-Clause ++++++ libtpms-0.9.1.tar.gz -> libtpms-0.9.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/CHANGES new/libtpms-0.9.3/CHANGES --- old/libtpms-0.9.1/CHANGES 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/CHANGES 2022-03-07 18:07:25.000000000 +0100 @@ -1,5 +1,13 @@ CHANGES - changes for libtpms +version 0.9.3: + - build-sys: Add probing for -fstack-protector + - tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size + (OSSL 3) + +version 0.9.2: + - tpm2: When writing state initialize s_ContextSlotMask if not set + version 0.9.1: - tpm2: Do not write permanent state if only clock changed - tpm2: Fix "maybe-uninitialized" warning diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/configure.ac new/libtpms-0.9.3/configure.ac --- old/libtpms-0.9.1/configure.ac 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/configure.ac 2022-03-07 18:07:25.000000000 +0100 @@ -3,7 +3,7 @@ # # See the LICENSE file for the license associated with this file. -AC_INIT([libtpms],[0.9.1]) +AC_INIT([libtpms],[0.9.3]) AC_PREREQ([2.69]) AC_CONFIG_SRCDIR(Makefile.am) AC_CONFIG_AUX_DIR([.]) @@ -284,10 +284,12 @@ AS_HELP_STRING([--disable-hardening], [Disable hardening flags])) if test "x$enable_hardening" != "xno"; then - # Some versions of gcc fail with -Wstack-protector enabled - TMP="$($CC -fstack-protector-strong $srcdir/include/libtpms/tpm_error.h 2>&1)" - if echo $TMP | $GREP 'unrecognized command line option' >/dev/null; then - HARDENING_CFLAGS="-fstack-protector " + # Some versions of gcc fail with -Wstack-protector, + # some with -Wstack-protector-strong enabled + if ! $CC -fstack-protector-strong $srcdir/include/libtpms/tpm_error.h 2>/dev/null; then + if $CC -fstack-protector $srcdir/include/libtpms/tpm_error.h 2>/dev/null; then + HARDENING_CFLAGS="-fstack-protector " + fi else HARDENING_CFLAGS="-fstack-protector-strong " fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/debian/changelog new/libtpms-0.9.3/debian/changelog --- old/libtpms-0.9.1/debian/changelog 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/debian/changelog 2022-03-07 18:07:25.000000000 +0100 @@ -1,3 +1,16 @@ +libtpms (0.9.3) RELEASED; urgency=medium + + - build-sys: Add probing for -fstack-protector + - tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size (OSSL 3) + + -- Stefan Berger <[email protected]> Mon, 07 Mar 2022 09:00:00 -0500 + +libtpms (0.9.2) RELEASED; urgency=medium + + * tpm2: When writing state initialize s_ContextSlotMask if not set + + -- Stefan Berger <[email protected]> Thu, 06 Jan 2022 09:00:00 -0500 + libtpms (0.9.1) RELEASED; urgency=medium * tpm2: Do not write permanent state if only clock changed diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/dist/libtpms.spec new/libtpms-0.9.3/dist/libtpms.spec --- old/libtpms-0.9.1/dist/libtpms.spec 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/dist/libtpms.spec 2022-03-07 18:07:25.000000000 +0100 @@ -1,7 +1,7 @@ # --- libtpm rpm-spec --- %define name libtpms -%define version 0.9.1 +%define version 0.9.3 %define release 0~dev1 # Valid crypto subsystems are 'freebl' and 'openssl' @@ -112,6 +112,12 @@ %postun -p /sbin/ldconfig %changelog +* Mon Mar 07 2022 Stefan Berger - 0.9.3-1 +- Release of version 0.9.3 + +* Thu Jan 06 2022 Stefan Berger - 0.9.2-1 +- Release of version 0.9.2 + * Wed Nov 24 2021 Stefan Berger - 0.9.1-1 - Release of version 0.9.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/dist/libtpms.spec.in new/libtpms-0.9.3/dist/libtpms.spec.in --- old/libtpms-0.9.1/dist/libtpms.spec.in 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/dist/libtpms.spec.in 2022-03-07 18:07:25.000000000 +0100 @@ -112,6 +112,12 @@ %postun -p /sbin/ldconfig %changelog +* Mon Mar 07 2022 Stefan Berger - 0.9.3-1 +- Release of version 0.9.3 + +* Thu Jan 06 2022 Stefan Berger - 0.9.2-1 +- Release of version 0.9.2 + * Wed Nov 24 2021 Stefan Berger - 0.9.1-1 - Release of version 0.9.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/include/libtpms/tpm_library.h new/libtpms-0.9.3/include/libtpms/tpm_library.h --- old/libtpms-0.9.1/include/libtpms/tpm_library.h 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/include/libtpms/tpm_library.h 2022-03-07 18:07:25.000000000 +0100 @@ -50,7 +50,7 @@ #define TPM_LIBRARY_VER_MAJOR 0 #define TPM_LIBRARY_VER_MINOR 9 -#define TPM_LIBRARY_VER_MICRO 1 +#define TPM_LIBRARY_VER_MICRO 3 #define TPM_LIBRARY_VERSION_GEN(MAJ, MIN, MICRO) \ (( MAJ << 16 ) | ( MIN << 8 ) | ( MICRO )) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/src/tpm2/NVMarshal.c new/libtpms-0.9.3/src/tpm2/NVMarshal.c --- old/libtpms-0.9.1/src/tpm2/NVMarshal.c 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/src/tpm2/NVMarshal.c 2022-03-07 18:07:25.000000000 +0100 @@ -1422,6 +1422,11 @@ written += UINT16_Marshal(&array_size, buffer, size); for (i = 0; i < array_size; i++) written += UINT16_Marshal(&data->contextArray[i], buffer, size); + + if (s_ContextSlotMask != 0x00ff && s_ContextSlotMask != 0xffff) { + /* TPM wasn't initialized, so s_ContextSlotMask wasn't set */ + s_ContextSlotMask = 0xffff; + } written += UINT16_Marshal(&s_ContextSlotMask, buffer, size); written += UINT64_Marshal(&data->contextCounter, buffer, size); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libtpms-0.9.1/src/tpm2/crypto/openssl/CryptRsa.c new/libtpms-0.9.3/src/tpm2/crypto/openssl/CryptRsa.c --- old/libtpms-0.9.1/src/tpm2/crypto/openssl/CryptRsa.c 2021-11-24 15:54:47.000000000 +0100 +++ new/libtpms-0.9.3/src/tpm2/crypto/openssl/CryptRsa.c 2022-03-07 18:07:25.000000000 +0100 @@ -1356,10 +1356,9 @@ if (tmp == NULL) ERROR_RETURN(TPM_RC_FAILURE); memcpy(tmp, label->buffer, label->size); + if (EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, tmp, label->size) <= 0) + ERROR_RETURN(TPM_RC_FAILURE); } - // label->size == 0 is supported - if (EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, tmp, label->size) <= 0) - ERROR_RETURN(TPM_RC_FAILURE); tmp = NULL; break; default:
