Subject: CVS commit: pkgsrc/sysutils/libtpms
From: Benny Siegert
Date: 2023-07-05 14:23:58
Message id: 20230705122358.6A46FFA89@cvs.NetBSD.org
Log Message:
libtpms: update to 0.9.6 (security)

version 0.9.6:

    tpm2: Check size of buffer before accessing it (CVE-2023-1017 & \ 
CVE-2023-1018)

version 0.9.5:

    tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
    tpm2: Fix a potential overflow expression (coverity)
    tpm2: Fix size check in CryptSecretDecrypt

version 0.9.4:

    tpm: #undef printf in case it is #define'd (OSS-Fuzz)
    tpm2: Check return code of BN_div()
    tpm2: Initialize variables due to gcc complaint (s390x, false positive)
    tpm12: Initialize variables due to gcc complaint (s390x, false positive)
    build-sys: Fix configure script to support _FORTIFY_SOURCE=3

version 0.9.3:

    build-sys: Add probing for -fstack-protector
    tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size
    (OSSL 3)

version 0.9.2:

    tpm2: When writing state initialize s_ContextSlotMask if not set
Files:
RevisionActionfile
1.2modifypkgsrc/sysutils/libtpms/Makefile
1.2modifypkgsrc/sysutils/libtpms/distinfo