From patchwork Wed Jan 21 13:39:01 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 9428 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4dx5001ltbz3wpn for ; Wed, 21 Jan 2026 13:39:28 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [IPv6:2001:678:b28::201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail02.haj.ipfire.org", Issuer "E8" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4dx4zx4VyTz5hb for ; Wed, 21 Jan 2026 13:39:25 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [IPv6:::1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4dx4zs082Gz34K0 for ; Wed, 21 Jan 2026 13:39:21 +0000 (UTC) X-Original-To: development@lists.ipfire.org Received: from mail01.ipfire.org (mail01.haj.ipfire.org [IPv6:2001:678:b28::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519) (Client CN "mail01.haj.ipfire.org", Issuer "R12" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4dx4zm03NPz339q for ; Wed, 21 Jan 2026 13:39:16 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4dx4zk2sjKz5b9; Wed, 21 Jan 2026 13:39:14 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1769002754; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=B7Z8xs5J4gRZa8ZMVhVd4ub1jJmHw0J1mZNrY4abGXM=; b=HR7166ibR78LYZOHKy1R9xOSEvM0jEq9tMrB+lu3VgBPrEawnRTML78ndnl0fNkCPM7Cr2 cbUizVAwZ112NgCw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1769002754; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=B7Z8xs5J4gRZa8ZMVhVd4ub1jJmHw0J1mZNrY4abGXM=; b=IxVTBUZOsH4B5Yy3EKN8v6BuGvX59VlIRO6a6YwwY4KPBA+LJSpZRCsnnVJe7dPiSk0Llj zNuFBLKrF1u2Zbc9g91CeJJ4aeiZRENUe3bJZ5wZasjsUeMx6QwkZ8xMfFnfWTL/8/UsZJ hPOkbUL4n9hzt5Qrix4v2cdPwCG1qgSWy0X+u6LMh2MYcYTLQhrwMUaB2/tR+VpUiVpyG4 8kwfydLMx4W5Mh4ws0PS7K9bY1bejGrXMLXraZAyNqYO3zg11ig/kaMGSkqb6Eb0KObMgN UCYxWZYwXWIa3FiKJU4h5URdKrBq8sJo238QxyCaTxThpQYzZX8Okwo7kQ8uRg== From: Adolf Belka To: development@lists.ipfire.org Cc: Adolf Belka Subject: [PATCH] libtpms: Update to version 0.10.2 Date: Wed, 21 Jan 2026 14:39:01 +0100 Message-ID: <20260121133907.3552584-11-adolf.belka@ipfire.org> In-Reply-To: <20260121133907.3552584-1-adolf.belka@ipfire.org> References: <20260121133907.3552584-1-adolf.belka@ipfire.org> Precedence: list List-Id: List-Subscribe: , List-Unsubscribe: , List-Post: List-Help: Sender: Mail-Followup-To: MIME-Version: 1.0 - Update from version 0.10.1 to 0.10.2 - Update of rootfile - CVE fix - Changelog 0.10.2 - tpm2: Fix memory leak by freeing KDF context - tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444) Signed-off-by: Adolf Belka --- config/rootfiles/packages/libtpms | 2 +- lfs/libtpms | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/config/rootfiles/packages/libtpms b/config/rootfiles/packages/libtpms index 6fce3ebd8..5420d0323 100644 --- a/config/rootfiles/packages/libtpms +++ b/config/rootfiles/packages/libtpms @@ -9,7 +9,7 @@ #usr/lib/libtpms.la #usr/lib/libtpms.so usr/lib/libtpms.so.0 -usr/lib/libtpms.so.0.10.1 +usr/lib/libtpms.so.0.10.2 #usr/lib/pkgconfig/libtpms.pc #usr/share/man/man3/TPMLIB_CancelCommand.3 #usr/share/man/man3/TPMLIB_ChooseTPMVersion.3 diff --git a/lfs/libtpms b/lfs/libtpms index 6116e9412..61cecc20e 100644 --- a/lfs/libtpms +++ b/lfs/libtpms @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2025 IPFire Team # +# Copyright (C) 2007-2026 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -26,7 +26,7 @@ include Config SUMMARY = This library provides software emulation of a Trusted Platform Module (TPM 1.2 and TPM 2.0). -VER = 0.10.1 +VER = 0.10.2 THISAPP = libtpms-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -34,7 +34,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = libtpms -PAK_VER = 2 +PAK_VER = 3 DEPS = @@ -48,7 +48,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 39feead951a84b715e8e4db8cd6eab7f19728c00423df16150c99004230061691cde90fcf7aafc6a5748647ac58cb696b89a709368da4b8f0c684b22321ff1ea +$(DL_FILE)_BLAKE2 = 19c881d60f8124b6ffe1622731cf73593a38a683cd0a593445ca93033e927c94e1ba75cd30e2847da2137155934f17f785e7dfb96731596361b7a77476cc5a94 install : $(TARGET) @@ -84,10 +84,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) -mkdir -pv $(DIR_APP) cd $(DIR_APP) && autoreconf -vfi cd $(DIR_APP) && ./configure \ - --prefix=/usr \ - --with-tpm2 \ - --with-openssl \ - --disable-hardening + --prefix=/usr \ + --with-tpm2 \ + --with-openssl \ + --disable-hardening cd $(DIR_APP) && make $(MAKETUNING) cd $(DIR_APP) && make install @rm -rf $(DIR_APP)