| Message ID | 20230508132334.427518-1-peter.marko@siemens.com |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-security,kirkstone] tpm2-tss: upgrade to 3.2.2 to fix CVE-2023-22745 | expand |
Hi, Since master has 4.0.1 and CVE is impacting: https://nvd.nist.gov/vuln/detail/CVE-2023-22745 "Up to (including) 4.0.0" then I guess master branch and 4.0.1 is not impacted. Would be nice to have this info in commit message though. Cheers, -Mikko On Mon, May 08, 2023 at 03:23:34PM +0200, Peter Marko via lists.yoctoproject.org wrote: > Changelog: > 3.2.2 > A buffer overflow in tss2-rc as CVE-2023-22745. > The drv layer in tss2-rc should have been the policy layer. > Spec deviation in Fapi_GetDescription caused description to be NULL when it should be empty string. > This is API breaking but considered a bug since it deviated from the FAPI spec. > FAPI: undefined reference to curl_url_strerror when using curl less than 7.80.0. > 3.2.1 > Makefile.am: make all EXTRA_DIST includes unconditional to fix pristine tars > Fix usage of NULL pointer if Esys_TR_SetAuth is calles with ESYS_TR_NONE. > Store VERSION into the release tarball. > fapi: fix usage of policy_nv with a TPM nv index. > Tss2_Sys_Flushcontext: flushHandle was encoded as a handleArea handle and not as parameter one, this affected the contents of cpHash. > linking tcti for libtpms against tss2-tctildr. It should be linked against tss2-mu. > build: Remove erroneous trailing comma in linker option. Bug #2391. > esys: fix allow usage of HMAC sessions for Esys_TR_FromTPMPublic. > test: build with opaque FILE structure like in musl libc. > Usage of a second profile in a path was not possible because the default profile was always used. > FAPI: Fix provisioning if auth value for storage hierarchy was set. > FAPI: Fix recreation of EK. > FAPI: Fix usage of lockout auth value in Fapi_Provison. > FAPI: Fix loading of key in policy execution. > FAPI: Fix Fapi_ChangeAuth updates on hierarchy objects not being reflected across profiles. > Esys_PCR_SetAuthValue: remembers the auth like other SetAutg ESAPI functions. > tests: esys-pcr-auth-value.int moved to destructive tests. > FAPI: Fix double free if keystore is corrupted. > Spec deviation in Fapi_GetDescription caused description to be NULL when it should be empty string. > This is API breaking but considered a bug since it deviated from the FAPI spec. > > Signed-off-by: Peter Marko <peter.marko@siemens.com> > --- > .../tpm2-tss/{tpm2-tss_3.2.0.bb => tpm2-tss_3.2.2.bb} | 7 +------ > 1 file changed, 1 insertion(+), 6 deletions(-) > rename meta-tpm/recipes-tpm2/tpm2-tss/{tpm2-tss_3.2.0.bb => tpm2-tss_3.2.2.bb} (91%) > > diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb > similarity index 91% > rename from meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb > rename to meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb > index 8440bb9..9b76c2f 100644 > --- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb > +++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb > @@ -10,7 +10,7 @@ SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN > file://fixup_hosttools.patch \ > " > > -SRC_URI[sha256sum] = "48305e4144dcf6d10f3b25b7bccf0189fd2d1186feafd8cd68c6b17ecf0d7912" > +SRC_URI[sha256sum] = "ba9e52117f254f357ff502e7d60fce652b3bfb26327d236bbf5ab634235e40f1" > > inherit autotools pkgconfig systemd useradd > > @@ -26,11 +26,6 @@ USERADD_PACKAGES = "${PN}" > GROUPADD_PARAM:${PN} = "--system tss" > USERADD_PARAM:${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" > > -do_configure:prepend() { > - # do not extract the version number from git > - sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac > -} > - > do_install:append() { > # Remove /run as it is created on startup > rm -rf ${D}/run > -- > 2.30.2 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#59902): https://lists.yoctoproject.org/g/yocto/message/59902 > Mute This Topic: https://lists.yoctoproject.org/mt/98760863/7159507 > Group Owner: yocto+owner@lists.yoctoproject.org > Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub [mikko.rapeli@linaro.org] > -=-=-=-=-=-=-=-=-=-=-=- >
Hi, I'm not a big fan of commit messages saying that other branch has it fixed. But yes, I forgot to mark the CVE as fixed, so sent a v2. Peter -----Original Message----- From: Mikko Rapeli <mikko.rapeli@linaro.org> Sent: Monday, May 8, 2023 15:35 To: Marko, Peter (ADV D EU SK BFS1) <Peter.Marko@siemens.com> Cc: yocto@lists.yoctoproject.org Subject: Re: [yocto] [meta-security][kirkstone][PATCH] tpm2-tss: upgrade to 3.2.2 to fix CVE-2023-22745 > Hi, > > Since master has 4.0.1 and CVE is impacting: > > https://nvd.nist.gov/vuln/detail/CVE-2023-22745 > > "Up to (including) > 4.0.0" > > then I guess master branch and 4.0.1 is not impacted. Would be nice to have this info in commit message though. > > Cheers, > > -Mikko > > On Mon, May 08, 2023 at 03:23:34PM +0200, Peter Marko via lists.yoctoproject.org wrote:
diff --git a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb similarity index 91% rename from meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb rename to meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb index 8440bb9..9b76c2f 100644 --- a/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.0.bb +++ b/meta-tpm/recipes-tpm2/tpm2-tss/tpm2-tss_3.2.2.bb @@ -10,7 +10,7 @@ SRC_URI = "https://github.com/tpm2-software/${BPN}/releases/download/${PV}/${BPN file://fixup_hosttools.patch \ " -SRC_URI[sha256sum] = "48305e4144dcf6d10f3b25b7bccf0189fd2d1186feafd8cd68c6b17ecf0d7912" +SRC_URI[sha256sum] = "ba9e52117f254f357ff502e7d60fce652b3bfb26327d236bbf5ab634235e40f1" inherit autotools pkgconfig systemd useradd @@ -26,11 +26,6 @@ USERADD_PACKAGES = "${PN}" GROUPADD_PARAM:${PN} = "--system tss" USERADD_PARAM:${PN} = "--system -M -d /var/lib/tpm -s /bin/false -g tss tss" -do_configure:prepend() { - # do not extract the version number from git - sed -i -e 's/m4_esyscmd_s(\[git describe --tags --always --dirty\])/${PV}/' ${S}/configure.ac -} - do_install:append() { # Remove /run as it is created on startup rm -rf ${D}/run
Changelog: 3.2.2 A buffer overflow in tss2-rc as CVE-2023-22745. The drv layer in tss2-rc should have been the policy layer. Spec deviation in Fapi_GetDescription caused description to be NULL when it should be empty string. This is API breaking but considered a bug since it deviated from the FAPI spec. FAPI: undefined reference to curl_url_strerror when using curl less than 7.80.0. 3.2.1 Makefile.am: make all EXTRA_DIST includes unconditional to fix pristine tars Fix usage of NULL pointer if Esys_TR_SetAuth is calles with ESYS_TR_NONE. Store VERSION into the release tarball. fapi: fix usage of policy_nv with a TPM nv index. Tss2_Sys_Flushcontext: flushHandle was encoded as a handleArea handle and not as parameter one, this affected the contents of cpHash. linking tcti for libtpms against tss2-tctildr. It should be linked against tss2-mu. build: Remove erroneous trailing comma in linker option. Bug #2391. esys: fix allow usage of HMAC sessions for Esys_TR_FromTPMPublic. test: build with opaque FILE structure like in musl libc. Usage of a second profile in a path was not possible because the default profile was always used. FAPI: Fix provisioning if auth value for storage hierarchy was set. FAPI: Fix recreation of EK. FAPI: Fix usage of lockout auth value in Fapi_Provison. FAPI: Fix loading of key in policy execution. FAPI: Fix Fapi_ChangeAuth updates on hierarchy objects not being reflected across profiles. Esys_PCR_SetAuthValue: remembers the auth like other SetAutg ESAPI functions. tests: esys-pcr-auth-value.int moved to destructive tests. FAPI: Fix double free if keystore is corrupted. Spec deviation in Fapi_GetDescription caused description to be NULL when it should be empty string. This is API breaking but considered a bug since it deviated from the FAPI spec. Signed-off-by: Peter Marko <peter.marko@siemens.com> --- .../tpm2-tss/{tpm2-tss_3.2.0.bb => tpm2-tss_3.2.2.bb} | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) rename meta-tpm/recipes-tpm2/tpm2-tss/{tpm2-tss_3.2.0.bb => tpm2-tss_3.2.2.bb} (91%)