* [Buildroot] [PATCH 1/1] package/tpm2-tss: security bump version to 3.2.2
@ 2023-07-22 8:03 Bernd Kuhls
2023-07-22 21:23 ` Thomas Petazzoni via buildroot
2023-08-29 16:58 ` Peter Korsgaard
0 siblings, 2 replies; 3+ messages in thread
From: Bernd Kuhls @ 2023-07-22 8:03 UTC (permalink / raw)
To: buildroot
Fixes CVE-2023-22745.
Changelog:
https://github.com/tpm2-software/tpm2-tss/blob/3.2.x/CHANGELOG.md
Changed the ac_cv_prog variables due to an upstream commit which changed
the detection of groupadd/useradd:
https://github.com/tpm2-software/tpm2-tss/commit/7fde604383c62fc764a1e060dff48fc06f79860b
Buildroot commit a85f5f2a412db894fdf548e10d12e7c56eda9107 bumped
tpm2-pkcs11 to 1.8.0 which includes a commit bumping the required
version of tpm2-tss to >= 3.2
https://github.com/tpm2-software/tpm2-pkcs11/commit/940b661e330cac0ecc7d4db5d3626ef828ecdda8
Fixes:
http://autobuild.buildroot.net/results/6fd/6fddfee6f852ce835c5d1178e6913b6ab1b3fe50/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
package/tpm2-tss/tpm2-tss.hash | 2 +-
package/tpm2-tss/tpm2-tss.mk | 5 +++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/package/tpm2-tss/tpm2-tss.hash b/package/tpm2-tss/tpm2-tss.hash
index b6eb3c1f97..c9fa4e6ae0 100644
--- a/package/tpm2-tss/tpm2-tss.hash
+++ b/package/tpm2-tss/tpm2-tss.hash
@@ -1,3 +1,3 @@
# Locally computed:
-sha256 8900a6603f74310b749b65f23c3461cde6e2a23a5f61058b21004c25f9cf19e8 tpm2-tss-3.1.0.tar.gz
+sha256 ba9e52117f254f357ff502e7d60fce652b3bfb26327d236bbf5ab634235e40f1 tpm2-tss-3.2.2.tar.gz
sha256 18c1bf4b1ba1fb2c4ffa7398c234d83c0d55475298e470ae1e5e3a8a8bd2e448 LICENSE
diff --git a/package/tpm2-tss/tpm2-tss.mk b/package/tpm2-tss/tpm2-tss.mk
index 060883c377..10d605fc65 100644
--- a/package/tpm2-tss/tpm2-tss.mk
+++ b/package/tpm2-tss/tpm2-tss.mk
@@ -4,7 +4,7 @@
#
################################################################################
-TPM2_TSS_VERSION = 3.1.0
+TPM2_TSS_VERSION = 3.2.2
TPM2_TSS_SITE = https://github.com/tpm2-software/tpm2-tss/releases/download/$(TPM2_TSS_VERSION)
TPM2_TSS_LICENSE = BSD-2-Clause
TPM2_TSS_LICENSE_FILES = LICENSE
@@ -26,7 +26,8 @@ TPM2_TSS_CONF_OPTS = \
ac_cv_prog_result_setfacl=yes \
ac_cv_prog_systemd_sysusers=no \
ac_cv_prog_systemd_tmpfiles=no \
- ac_cv_prog_result_useradd=yes \
+ ac_cv_prog_useradd=yes \
+ ac_cv_prog_groupadd=yes \
--with-crypto=ossl \
--disable-doxygen-doc \
--disable-defaultflags
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/tpm2-tss: security bump version to 3.2.2
2023-07-22 8:03 [Buildroot] [PATCH 1/1] package/tpm2-tss: security bump version to 3.2.2 Bernd Kuhls
@ 2023-07-22 21:23 ` Thomas Petazzoni via buildroot
2023-08-29 16:58 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-07-22 21:23 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
On Sat, 22 Jul 2023 10:03:13 +0200
Bernd Kuhls <bernd@kuhls.net> wrote:
> Fixes CVE-2023-22745.
>
> Changelog:
> https://github.com/tpm2-software/tpm2-tss/blob/3.2.x/CHANGELOG.md
>
> Changed the ac_cv_prog variables due to an upstream commit which changed
> the detection of groupadd/useradd:
> https://github.com/tpm2-software/tpm2-tss/commit/7fde604383c62fc764a1e060dff48fc06f79860b
>
> Buildroot commit a85f5f2a412db894fdf548e10d12e7c56eda9107 bumped
> tpm2-pkcs11 to 1.8.0 which includes a commit bumping the required
> version of tpm2-tss to >= 3.2
> https://github.com/tpm2-software/tpm2-pkcs11/commit/940b661e330cac0ecc7d4db5d3626ef828ecdda8
>
> Fixes:
> http://autobuild.buildroot.net/results/6fd/6fddfee6f852ce835c5d1178e6913b6ab1b3fe50/
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
> package/tpm2-tss/tpm2-tss.hash | 2 +-
> package/tpm2-tss/tpm2-tss.mk | 5 +++--
> 2 files changed, 4 insertions(+), 3 deletions(-)
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/tpm2-tss: security bump version to 3.2.2
2023-07-22 8:03 [Buildroot] [PATCH 1/1] package/tpm2-tss: security bump version to 3.2.2 Bernd Kuhls
2023-07-22 21:23 ` Thomas Petazzoni via buildroot
@ 2023-08-29 16:58 ` Peter Korsgaard
1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2023-08-29 16:58 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
>>>>> "Bernd" == Bernd Kuhls <bernd@kuhls.net> writes:
> Fixes CVE-2023-22745.
> Changelog:
> https://github.com/tpm2-software/tpm2-tss/blob/3.2.x/CHANGELOG.md
> Changed the ac_cv_prog variables due to an upstream commit which changed
> the detection of groupadd/useradd:
> https://github.com/tpm2-software/tpm2-tss/commit/7fde604383c62fc764a1e060dff48fc06f79860b
> Buildroot commit a85f5f2a412db894fdf548e10d12e7c56eda9107 bumped
> tpm2-pkcs11 to 1.8.0 which includes a commit bumping the required
> version of tpm2-tss to >= 3.2
> https://github.com/tpm2-software/tpm2-pkcs11/commit/940b661e330cac0ecc7d4db5d3626ef828ecdda8
> Fixes:
> http://autobuild.buildroot.net/results/6fd/6fddfee6f852ce835c5d1178e6913b6ab1b3fe50/
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Committed to 2023.02.x and 2023.05.x, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-08-29 16:58 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-22 8:03 [Buildroot] [PATCH 1/1] package/tpm2-tss: security bump version to 3.2.2 Bernd Kuhls
2023-07-22 21:23 ` Thomas Petazzoni via buildroot
2023-08-29 16:58 ` Peter Korsgaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox