.gitignore

@@ -1,5 +1 @@
-/libtpms-20191018.tar.xz
-/libtpms-20200527.tar.xz
-/libtpms-20200818.tar.xz
-/libtpms-20201106.tar.xz
 SOURCES/libtpms-20211126.tar.xz

.libtpms.metadata

@@ -0,0 +1 @@
+ae609402e34992590961b0d025e9ef1202d8dede SOURCES/libtpms-20211126.tar.xz

0001-tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch

@@ -1,52 +0,0 @@
-From 324dbb4c27ae789c73b69dbf4611242267919dd4 Mon Sep 17 00:00:00 2001
-From: Stefan Berger <stefanb@linux.ibm.com>
-Date: Mon, 20 Feb 2023 14:41:10 -0500
-Subject: [PATCH] tpm2: Check size of buffer before accessing it (CVE-2023-1017
- & -1018)
-
-Check that there are sufficient bytes in the buffer before reading the
-cipherSize from it. Also, reduce the bufferSize variable by the number
-of bytes that make up the cipherSize to avoid reading and writing bytes
-beyond the buffer in subsequent steps that do in-place decryption.
-
-This fixes CVE-2023-1017 & CVE-2023-1018.
-
-Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
----
- src/tpm2/CryptUtil.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/tpm2/CryptUtil.c b/src/tpm2/CryptUtil.c
-index 002fde0..8fae5b6 100644
---- a/src/tpm2/CryptUtil.c
-+++ b/src/tpm2/CryptUtil.c
-@@ -830,6 +830,10 @@ CryptParameterDecryption(
- 			  + sizeof(session->sessionKey.t.buffer)));
-     TPM2B_HMAC_KEY          key;            // decryption key
-     UINT32                  cipherSize = 0; // size of cipher text
-+
-+    if (leadingSizeInByte > bufferSize)
-+	return TPM_RC_INSUFFICIENT;
-+
-     // Retrieve encrypted data size.
-     if(leadingSizeInByte == 2)
- 	{
-@@ -837,6 +841,7 @@ CryptParameterDecryption(
- 	    // data to be decrypted
- 	    cipherSize = (UINT32)BYTE_ARRAY_TO_UINT16(buffer);
- 	    buffer = &buffer[2];   // advance the buffer
-+	    bufferSize -= 2;
- 	}
- #ifdef  TPM4B
-     else if(leadingSizeInByte == 4)
-@@ -844,6 +849,7 @@ CryptParameterDecryption(
- 	    // the leading size is four bytes so get the four byte size field
- 	    cipherSize = BYTE_ARRAY_TO_UINT32(buffer);
- 	    buffer = &buffer[4];   //advance pointer
-+	    bufferSize -= 4;
- 	}
- #endif
-     else
--- 
-2.39.2
-

SPECS/libtpms.spec

@@ -3,7 +3,7 @@
 
 Name:           libtpms
 Version:        0.9.1
-Release:        2.%{gitdate}git%{gitversion}%{?dist}
+Release:        1.%{gitdate}git%{gitversion}%{?dist}
 
 Summary: Library providing Trusted Platform Module (TPM) functionality
 License:        BSD
@@ -11,7 +11,6 @@ Url:            http://github.com/stefanberger/libtpms
 Source0:        libtpms-%{gitdate}.tar.xz
 ExcludeArch:    i686
 Patch0003:      0001-tpm2-When-writing-state-initialize-s_ContextSlotMask.patch
-Patch0004:      0001-tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch
 
 BuildRequires:  openssl-devel
 BuildRequires:  pkgconfig gawk sed
@@ -59,11 +58,6 @@ find %{buildroot} -type f -name '*.la' | xargs rm -f -- || :
 %{_mandir}/man3/*
 
 %changelog
-* Tue Mar 21 2023 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.9.1-2.20211126git1ff6fe1f43
-- Backport "tpm2: Check size of buffer before accessing it" (CVE-2023-1017 & CVE-2023-1018)
-  Resolves: rhbz#2173964
-  Resolves: rhbz#2173970
-
 * Thu Jul 28 2022 Marc-André Lureau <marcandre.lureau@redhat.com> - 0.9.1-1.20211126git1ff6fe1f43
 - Backport s_ContextSlotMask initialization fix
   Resolves: rhbz#2111433

make-git-snapshot.sh

@@ -1,22 +0,0 @@
-#!/bin/sh
-
-# Usage: ./make-git-snapshot.sh [COMMIT]
-#
-# to make a snapshot of the given tag/branch.  Defaults to HEAD.
-# Point env var REF to a local mesa repo to reduce clone time.
-
-DIRNAME=libtpms-$( date +%Y%m%d )
-
-echo REF ${REF:+--reference $REF}
-echo DIRNAME $DIRNAME
-echo HEAD ${1:-HEAD}
-
-rm -rf $DIRNAME
-
-git clone ${REF:+--reference $REF} \
-	https://github.com/stefanberger/libtpms $DIRNAME
-
-GIT_DIR=$DIRNAME/.git git archive --format=tar --prefix=$DIRNAME/ ${1:-HEAD} \
-	| xz > $DIRNAME.tar.xz
-
-# rm -rf $DIRNAME

sources

@@ -1 +0,0 @@
-SHA512 (libtpms-20211126.tar.xz) = 050b945ff538ba23746b08af8779ced944d6c911a046fa7705e5bd7cd8e6344adc85f341a5513c4b7db3e078aaf7ebcce743c45180206a6e001225e02ca242a2