Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Hi,
Please unblock package tpm-tools
I've uploaded tpm-tools 1.3.9.1-0.1 to unstable.
This version fixes a segfault in tpm_sealdata command.
$ debdiff tpm-tools_1.3.9-0.1.dsc tpm-tools_1.3.9.1-0.1.dsc |diffstat
config.h.in~ | 114 ------------------------------------------------
debian/changelog | 10 ++++
debian/control | 2
lib/Makefile.am | 2
lib/Makefile.in | 2
lib/tpm_unseal.c | 2
po/stamp-po | 1
src/cmds/tpm_sealdata.c | 2
8 files changed, 15 insertions(+), 120 deletions(-)
unblock tpm-tools/1.3.9.1-0.1
Cheers,
Laurent Bigonville
-- System Information:
Debian Release: 9.0
APT prefers unstable-debug
APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental-debug'), (1, 'experimental')
Architecture: amd64
(x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=fr_BE.UTF-8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
diff -Nru tpm-tools-1.3.9/config.h.in~ tpm-tools-1.3.9.1/config.h.in~
--- tpm-tools-1.3.9/config.h.in~ 2016-11-17 20:42:24.000000000 +0100
+++ tpm-tools-1.3.9.1/config.h.in~ 1970-01-01 01:00:00.000000000 +0100
@@ -1,114 +0,0 @@
-/* config.h.in. Generated from configure.ac by autoheader. */
-
-/* Define to 1 if translation of program messages to the user's native
- language is requested. */
-#undef ENABLE_NLS
-
-/* Define to 1 if you have the MacOS X function CFLocaleCopyCurrent in the
- CoreFoundation framework. */
-#undef HAVE_CFLOCALECOPYCURRENT
-
-/* Define to 1 if you have the MacOS X function CFPreferencesCopyAppValue in
- the CoreFoundation framework. */
-#undef HAVE_CFPREFERENCESCOPYAPPVALUE
-
-/* Define if the GNU dcgettext() function is already present or preinstalled.
- */
-#undef HAVE_DCGETTEXT
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#undef HAVE_DLFCN_H
-
-/* Define if the GNU gettext() function is already present or preinstalled. */
-#undef HAVE_GETTEXT
-
-/* Define if you have the iconv() function. */
-#undef HAVE_ICONV
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you support file names longer than 14 characters. */
-#undef HAVE_LONG_FILE_NAMES
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
- */
-#undef LT_OBJDIR
-
-/* Name of package */
-#undef PACKAGE
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define as the return type of signal handlers (`int' or `void'). */
-#undef RETSIGTYPE
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Version number of package */
-#undef VERSION
-
-/* Define to empty if `const' does not conform to ANSI C. */
-#undef const
-
-/* Define to `int' if <sys/types.h> doesn't define. */
-#undef gid_t
-
-/* Define to `__inline__' or `__inline' if that's what the C compiler
- calls it, or to nothing if 'inline' is not supported under any name. */
-#ifndef __cplusplus
-#undef inline
-#endif
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef mode_t
-
-/* Define to `long int' if <sys/types.h> does not define. */
-#undef off_t
-
-/* Define to `int' if <sys/types.h> does not define. */
-#undef pid_t
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-#undef size_t
-
-/* Define to `int' if <sys/types.h> doesn't define. */
-#undef uid_t
diff -Nru tpm-tools-1.3.9/debian/changelog tpm-tools-1.3.9.1/debian/changelog
--- tpm-tools-1.3.9/debian/changelog 2017-02-05 23:24:09.000000000 +0100
+++ tpm-tools-1.3.9.1/debian/changelog 2017-05-13 13:55:08.000000000 +0200
@@ -1,3 +1,13 @@
+tpm-tools (1.3.9.1-0.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * New upstream release
+ - Fix segfault in tpm_sealdata (Closes: #854708)
+ * debian/control: Use ${misc:Pre-Depends} instead of (Pre-) depending on
+ multiarch-support explicitly
+
+ -- Laurent Bigonville <bi...@debian.org> Sat, 13 May 2017 13:55:08 +0200
+
tpm-tools (1.3.9-0.1) unstable; urgency=medium
* Non-maintainer upload.
diff -Nru tpm-tools-1.3.9/debian/control tpm-tools-1.3.9.1/debian/control
--- tpm-tools-1.3.9/debian/control 2015-06-28 12:02:59.000000000 +0200
+++ tpm-tools-1.3.9.1/debian/control 2017-05-13 13:49:13.000000000 +0200
@@ -42,7 +42,7 @@
Package: libtpm-unseal1
Section: libs
Architecture: any
-Pre-Depends: multiarch-support
+Pre-Depends: ${misc:Pre-Depends}
Depends: ${misc:Depends}, ${shlibs:Depends}
Description: Management tools for the TPM hardware (library)
tpm-tools is a group of tools to manage and utilize the Trusted Computing
diff -Nru tpm-tools-1.3.9/lib/Makefile.am tpm-tools-1.3.9.1/lib/Makefile.am
--- tpm-tools-1.3.9/lib/Makefile.am 2016-11-17 20:37:17.000000000 +0100
+++ tpm-tools-1.3.9.1/lib/Makefile.am 2017-02-21 03:23:56.000000000 +0100
@@ -80,4 +80,4 @@
# Unseal library - for addition to existing apps, counter part of seal cmd
libtpm_unseal_la_SOURCES = tpm_unseal.c
libtpm_unseal_la_LDFLAGS = -shared -version-info 1:0:0
-libtpm_unseal_la_LIBADD = -ltspi libtpm_tspi.la @INTLLIBS@
+libtpm_unseal_la_LIBADD = -ltspi libtpm_tspi.la -lcrypto @INTLLIBS@
diff -Nru tpm-tools-1.3.9/lib/Makefile.in tpm-tools-1.3.9.1/lib/Makefile.in
--- tpm-tools-1.3.9/lib/Makefile.in 2016-11-29 02:43:44.000000000 +0100
+++ tpm-tools-1.3.9.1/lib/Makefile.in 2017-02-21 03:31:45.000000000 +0100
@@ -324,7 +324,7 @@
# Unseal library - for addition to existing apps, counter part of seal cmd
libtpm_unseal_la_SOURCES = tpm_unseal.c
libtpm_unseal_la_LDFLAGS = -shared -version-info 1:0:0
-libtpm_unseal_la_LIBADD = -ltspi libtpm_tspi.la @INTLLIBS@
+libtpm_unseal_la_LIBADD = -ltspi libtpm_tspi.la -lcrypto @INTLLIBS@
all: all-am
.SUFFIXES:
diff -Nru tpm-tools-1.3.9/lib/tpm_unseal.c tpm-tools-1.3.9.1/lib/tpm_unseal.c
--- tpm-tools-1.3.9/lib/tpm_unseal.c 2016-11-17 22:09:33.000000000 +0100
+++ tpm-tools-1.3.9.1/lib/tpm_unseal.c 2017-02-21 03:23:56.000000000 +0100
@@ -408,7 +408,7 @@
}
/* Decode and decrypt the encrypted data */
- EVP_CIPHER_CTX *ctx = NULL;
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit(ctx, EVP_aes_256_cbc(), symKey, (unsigned char
*)TPMSEAL_IV);
/* Create a base64 BIO to decode the encrypted data */
diff -Nru tpm-tools-1.3.9/po/stamp-po tpm-tools-1.3.9.1/po/stamp-po
--- tpm-tools-1.3.9/po/stamp-po 2016-11-17 22:11:45.000000000 +0100
+++ tpm-tools-1.3.9.1/po/stamp-po 1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-timestamp
diff -Nru tpm-tools-1.3.9/src/cmds/tpm_sealdata.c
tpm-tools-1.3.9.1/src/cmds/tpm_sealdata.c
--- tpm-tools-1.3.9/src/cmds/tpm_sealdata.c 2016-11-17 22:09:33.000000000
+0100
+++ tpm-tools-1.3.9.1/src/cmds/tpm_sealdata.c 2017-02-21 03:23:56.000000000
+0100
@@ -343,7 +343,7 @@
BIO_puts(bdata, TPMSEAL_ENC_STRING);
bdata = BIO_push(b64, bdata);
- EVP_CIPHER_CTX *ctx = NULL;
+ EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_EncryptInit(ctx, EVP_aes_256_cbc(), randKey, (unsigned char
*)TPMSEAL_IV);
while ((lineLen = BIO_read(bin, line, sizeof(line))) > 0) {
