Package: libtpms | Debian Sources

Package: libtpms / 0.9.2-3.1+deb12u1

Package	Version	Patches format
libtpms	0.9.2-3.1+deb12u1	3.0 (quilt)

Patch	File delta	Description
0003 set man page date to last changelog.patch \| (download)	man/man3/Makefile.am \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	set the date of man pages to the last changelog entry.
0004 fix ftbfs bug.patch \| (download)	src/tpm2/NVDynamic.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	fix ftbfs caused by the incomplete condition.
do_not_inline_makeiv.patch \| (download)	src/tpm2/AlgorithmTests.c \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	---
no_local_check.patch \| (download)	src/Makefile.am \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
tpm2 Check size of buffer before accessing it CVE 20.patch \| (download)	src/tpm2/CryptUtil.c \| 6 6 + 0 - 0 ! 1 file changed, 6 insertions(+)	tpm2: check size of buffer before accessing it (cve-2023-1017 & -1018)
CVE 2025 49133.patch \| (download)	src/tpm2/CryptUtil.c \| 119 97 + 22 - 0 ! src/tpm2/SigningCommands.c \| 11 9 + 2 - 0 ! src/tpm2/crypto/CryptHash_fp.h \| 2 1 + 1 - 0 ! src/tpm2/crypto/openssl/CryptHash.c \| 4 2 + 2 - 0 ! 4 files changed, 109 insertions(+), 27 deletions(-)	tpm2: fix potential out-of-bound access & abort due to hmac signing issue Fix an HMAC signing issue that may causes an out-of-bounds access in a TPM2B that in turn was running into an assert() in libtpms causing an abort. The signing issue was due to an inconsistent pairing of the signKey and signScheme parameters, where the signKey is ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme. This fixes CVE-2025-49133.

Patch	File delta	Description
0003 set man page date to last changelog.patch \| (download)	man/man3/Makefile.am \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	set the date of man pages to the last changelog entry.
0004 fix ftbfs bug.patch \| (download)	src/tpm2/NVDynamic.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	fix ftbfs caused by the incomplete condition.
do_not_inline_makeiv.patch \| (download)	src/tpm2/AlgorithmTests.c \| 3 3 + 0 - 0 ! 1 file changed, 3 insertions(+)	---
no_local_check.patch \| (download)	src/Makefile.am \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	---
tpm2 Check size of buffer before accessing it CVE 20.patch \| (download)	src/tpm2/CryptUtil.c \| 6 6 + 0 - 0 ! 1 file changed, 6 insertions(+)	tpm2: check size of buffer before accessing it (cve-2023-1017 & -1018)
CVE 2025 49133.patch \| (download)	src/tpm2/CryptUtil.c \| 119 97 + 22 - 0 ! src/tpm2/SigningCommands.c \| 11 9 + 2 - 0 ! src/tpm2/crypto/CryptHash_fp.h \| 2 1 + 1 - 0 ! src/tpm2/crypto/openssl/CryptHash.c \| 4 2 + 2 - 0 ! 4 files changed, 109 insertions(+), 27 deletions(-)	tpm2: fix potential out-of-bound access & abort due to hmac signing issue Fix an HMAC signing issue that may causes an out-of-bounds access in a TPM2B that in turn was running into an assert() in libtpms causing an abort. The signing issue was due to an inconsistent pairing of the signKey and signScheme parameters, where the signKey is ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme. This fixes CVE-2025-49133.