libtpms (0.9.7+pve1) bookworm; urgency=medium

  * update to new usptream release 0.9.7
  * fixes CVE-2025-49133

 -- Proxmox Support Team <support@proxmox.com>  Mon, 16 Jun 2025 09:28:07 +0200

libtpms (0.9.7) RELEASED; urgency=high

  * tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
  * tpm2: Remove assigned-to value to offset because it is unused (Coverity)
  * tpm2: Insert assert ensuring *buflen != BUFLEN_EMPTY_BUFFER (Coverity)
  * tpm2: Address Coverity Issue by casting '1' before shift (CID 1470813)
  * tpm2: Filter bad input values to avoid underflow in FindNthSetBit (Coverity)
  * tpm2: Address a possible unsigned integer underflow (Coverity)
  * tpm2: Remove assigned to value to offset because it is unused (Coverity)
  * tpm2: Initialize eccPublic before passing to TPMS_ECC_POINT_Unmarshal (Coverity)
  * tpm2: Preserve more *target and restore them if needed (Coverity)
  * tpm2: Return TPM_RC_VALUE upon decryption failure
  * tpm12: Replace include of engine.h with err.h
  * tpm2: Fix issue in CryptParameterEncryption() (TPM 2 errata v1.4)
  * tpm2: Sync fix in TPM2_PolicyAuthorize() with upstream
  * tpm2: Sync CryptParameterDecrypt implementation  with upstream
  * tpm2: Fix issue related to CryptGenerateKeyDes (TPM 2 errata v1.4)
  * tpm2: Check size of TPM2B_NAME buffer before reading 2 bytes from it

 -- Stefan Berger <stefanb@linux.ibm.com>  Tue, 10 Jun 2025 00:00:00 -0500

libtpms (0.9.6+pve1) bookworm; urgency=medium

  * build for Proxmox VE 8 / Debian 12 Bookworm

  * update to new upstream release 0.9.6

 -- Proxmox Support Team <support@proxmox.com>  Thu, 25 May 2023 16:11:20 +0200

libtpms (0.9.6) RELEASED; urgency=high

  * tpm2: Check size of buffer before accessing it (CVE-2023-1017 & -1018)

 -- Stefan Berger <stefanb@linux.ibm.com>  Tue, 28 Feb 2023 09:00:00 -0500

libtpms (0.9.5~bpo11+1) bullseye; urgency=medium

  * Rebuild for Proxmox VE 7.x bullseye

 -- Proxmox Support Team <support@proxmox.com>  Fri, 11 Nov 2022 12:39:26 +0100

libtpms (0.9.5) RELEASED; urgency=medium

  * tpm2: Do not set RSA_FLAG_NO_BLINDING on RSA keys anymore
  * tpm2: Fix a potential overflow expression (coverity)
  * tpm2: Fix size check in CryptSecretDecrypt

 -- Stefan Berger <stefanb@linux.ibm.com>  Fri, 01 Jul 2022 09:00:00 -0500

libtpms (0.9.4) RELEASED; urgency=medium

  * tpm: #undef printf in case it is #define'd (OSS-Fuzz)
  * tpm2: Check return code of BN_div()
  * tpm2: Initialize variables due to gcc complaint (s390x, false positive)
  * tpm12: Initialize variables due to gcc complaint (s390x, false positive)
  * build-sys: Fix configure script to support _FORTIFY_SOURCE=3

 -- Stefan Berger <stefanb@linux.ibm.com>  Mon, 25 Apr 2022 09:00:00 -0500

libtpms (0.9.3) RELEASED; urgency=medium

  * build-sys: Add probing for -fstack-protector
  * tpm2: Do not call EVP_PKEY_CTX_set0_rsa_oaep_label() for label of size (OSSL 3)

 -- Stefan Berger <stefanb@linux.ibm.com>  Mon, 07 Mar 2022 09:00:00 -0500

libtpms (0.9.2~bpo11+1) bullseye; urgency=medium

  * Rebuild for Proxmox VE 7.x based on Debian Bullseye

 -- Proxmox Support Team <support@proxmox.com>  Tue, 22 Feb 2022 08:12:04 +0100

libtpms (0.9.2) RELEASED; urgency=medium

  * tpm2: When writing state initialize s_ContextSlotMask if not set

 -- Stefan Berger <stefanb@linux.ibm.com>  Thu, 06 Jan 2022 09:00:00 -0500

libtpms (0.9.1) RELEASED; urgency=medium

  * tpm2: Do not write permanent state if only clock changed

 -- Stefan Berger <stefanb@linux.ibm.com>  Wed, 24 Nov 2021 09:00:00 -0500

libtpms (0.9.0+1) bullseye; urgency=medium

  * package for Proxmox VE 7.x

 -- Proxmox Support Team <support@proxmox.com>  Tue, 05 Oct 2021 06:40:52 +0200

libtpms (0.9.0) RELEASED; urgency=medium

  * Stable release

 -- Stefan Berger <stefanb@linux.ibm.com>  Wed, 29 Sep 2021 09:00:00 -0500

libtpms (0.9.0~dev1) UNRELEASED; urgency=medium

  * Developer release 1

 -- Stefan Berger <stefanb@linux.ibm.com>  Wed, 24 Feb 2021 13:48:00 -0500

libtpms (0.8.0) RELEASED; urgency=medium

  * Stable release

 -- Stefan Berger <stefanb@linux.ibm.com>  Wed, 24 Feb 2021 10:55:00 -0500

libtpms (0.8.0~dev1) UNRELEASED; urgency=medium

  * Developer release 1

 -- Stefan Berger <stefanb@linux.ibm.com>  Fri, 19 Jul 2019 13:38:08 -0500

libtpms (0.7.0-1) RELEASED; urgency=medium

  * Stable release

 -- Stefan Berger <stefanb@linux.ibm.com>  Thu, 18 Jul 2019 16:26:00 -0500

# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libtpms0`.