Hi Peter
On 08.05.23 at 16:50, Peter Marko via lists.yoctoproject.org wrote:
Changelog:
3.2.2
A buffer overflow in tss2-rc as CVE-2023-22745.
The drv layer in tss2-rc should have been the policy layer.
Spec deviation in Fapi_GetDescription caused description to be NULL when
it should be empty string.
This is API breaking but considered a bug since it deviated from the FAPI
spec.
FAPI: undefined reference to curl_url_strerror when using curl less than
7.80.0.
3.2.1
Makefile.am: make all EXTRA_DIST includes unconditional to fix pristine
tars
Fix usage of NULL pointer if Esys_TR_SetAuth is calles with ESYS_TR_NONE.
Store VERSION into the release tarball.
fapi: fix usage of policy_nv with a TPM nv index.
Tss2_Sys_Flushcontext: flushHandle was encoded as a handleArea handle and
not as parameter one, this affected the contents of cpHash.
linking tcti for libtpms against tss2-tctildr. It should be linked against
tss2-mu.
build: Remove erroneous trailing comma in linker option. Bug #2391.
esys: fix allow usage of HMAC sessions for Esys_TR_FromTPMPublic.
test: build with opaque FILE structure like in musl libc.
Usage of a second profile in a path was not possible because the default
profile was always used.
FAPI: Fix provisioning if auth value for storage hierarchy was set.
FAPI: Fix recreation of EK.
FAPI: Fix usage of lockout auth value in Fapi_Provison.
FAPI: Fix loading of key in policy execution.
FAPI: Fix Fapi_ChangeAuth updates on hierarchy objects not being reflected
across profiles.
Esys_PCR_SetAuthValue: remembers the auth like other SetAutg ESAPI
functions.
tests: esys-pcr-auth-value.int moved to destructive tests.
FAPI: Fix double free if keystore is corrupted.
Spec deviation in Fapi_GetDescription caused description to be NULL when
it should be empty string.
This is API breaking but considered a bug since it deviated from the
FAPI spec.
Signed-off-by: Peter Marko <peter.ma...@siemens.com>
Thanks for the patch!
However, we'd need you to add one thing to your git configuration, so
that your patches are given an "Author" field which matches your
"Signed-off-by" information. See
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded#Fixing_your_From_identity
for details.
Don't hesitate to send a patch test directly to me, if you wish.
Thanks again,
Michael.
--
Michael Opdenacker, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#59913): https://lists.yoctoproject.org/g/yocto/message/59913
Mute This Topic: https://lists.yoctoproject.org/mt/98762712/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
