diff options
Diffstat (limited to '')
-rw-r--r-- | debian/patches/0003-set-man-page-date-to-last-changelog.patch | 20 | ||||
-rw-r--r-- | debian/patches/0004-fix-ftbfs-bug.patch | 14 | ||||
-rw-r--r-- | debian/patches/do_not_inline_makeiv.patch | 20 | ||||
-rw-r--r-- | debian/patches/no_local_check.patch | 21 | ||||
-rw-r--r-- | debian/patches/series | 5 | ||||
-rw-r--r-- | debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch | 55 |
6 files changed, 135 insertions, 0 deletions
diff --git a/debian/patches/0003-set-man-page-date-to-last-changelog.patch b/debian/patches/0003-set-man-page-date-to-last-changelog.patch new file mode 100644 index 0000000..39d4a19 --- /dev/null +++ b/debian/patches/0003-set-man-page-date-to-last-changelog.patch @@ -0,0 +1,20 @@ +Description: Set the date of man pages to the last changelog entry. +Forwarded: not-needed + +--- a/man/man3/Makefile.am ++++ b/man/man3/Makefile.am +@@ -55,11 +55,14 @@ + TPM_Malloc.3 + + man3_MANS += $(man3_MANS_generated) ++BUILD_DATE ?= $$(dpkg-parsechangelog -S Date -l../../debian/changelog) ++PODDATE = $$(date -u "+%Y-%m-%d" -d "$(BUILD_DATE)") + + %.3 : %.pod + @pod2man -r "libtpms" \ + -c "" \ + -n $(basename $@) \ ++ --date="$(PODDATE)" \ + --section=3 $< > $@ + + EXTRA_DIST = $(man3_MANS) $(man3_PODS) diff --git a/debian/patches/0004-fix-ftbfs-bug.patch b/debian/patches/0004-fix-ftbfs-bug.patch new file mode 100644 index 0000000..a8e456b --- /dev/null +++ b/debian/patches/0004-fix-ftbfs-bug.patch @@ -0,0 +1,14 @@ +Description: Fix FTBFS caused by the incomplete condition. +Forwarded: not-needed + +--- a/src/tpm2/NVDynamic.c ++++ b/src/tpm2/NVDynamic.c +@@ -122,7 +122,7 @@ + if(HandleGetType(nvHandle) == type) + break; + } +- if(handle != NULL) ++ if((handle != NULL) && (addr != 0)) + *handle = nvHandle; + return addr; + } diff --git a/debian/patches/do_not_inline_makeiv.patch b/debian/patches/do_not_inline_makeiv.patch new file mode 100644 index 0000000..393e2ac --- /dev/null +++ b/debian/patches/do_not_inline_makeiv.patch @@ -0,0 +1,20 @@ +Do not inline MakeIV due toppc64 compiler issue + +The ppc64 gcc compiler has an issue with MakeIv. + +--- + src/tpm2/AlgorithmTests.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/src/tpm2/AlgorithmTests.c ++++ b/src/tpm2/AlgorithmTests.c +@@ -179,6 +179,9 @@ + /* 10.2.1.4.1 MakeIv() */ + /* Internal function to make the appropriate IV depending on the mode. */ + static UINT32 ++#if defined(__powerpc64__) ++__attribute__((noinline)) ++#endif + MakeIv( + TPM_ALG_ID mode, // IN: symmetric mode + UINT32 size, // IN: block size of the algorithm diff --git a/debian/patches/no_local_check.patch b/debian/patches/no_local_check.patch new file mode 100644 index 0000000..c7f461e --- /dev/null +++ b/debian/patches/no_local_check.patch @@ -0,0 +1,21 @@ +Do not run check-local due to bug in ppc64 gcc on Jammy + +ppc64 gcc has a bug causing issued in check-local. +Therefore, do not run check-local while ppc64 gcc is broken +on Ubuntu Jammy. + +--- + src/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -599,7 +599,7 @@ + LDFLAGS_ARCH += $(findstring -m64, $(AM_LDFLAGS)) + + check-local: SHELL?="/usr/bin/env bash" +-check-local: ++NO-check-local: + @case $(host_os) in \ + openbsd*) ADDLIBS="-lc" ;; \ + darwin*|freebsd*) LDFLAGS_OS="-shared" ;; \ diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..1f4b815 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,5 @@ +0003-set-man-page-date-to-last-changelog.patch +0004-fix-ftbfs-bug.patch +do_not_inline_makeiv.patch +no_local_check.patch +tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch diff --git a/debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch b/debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch new file mode 100644 index 0000000..89fef6a --- /dev/null +++ b/debian/patches/tpm2-Check-size-of-buffer-before-accessing-it-CVE-20.patch @@ -0,0 +1,55 @@ +From: Stefan Berger <stefanb@linux.ibm.com> +Date: Mon, 20 Feb 2023 14:41:10 -0500 +Subject: tpm2: Check size of buffer before accessing it (CVE-2023-1017 & + -1018) +Origin: https://github.com/stefanberger/libtpms/commit/324dbb4c27ae789c73b69dbf4611242267919dd4 +Bug-Debian: https://bugs.debian.org/1032420 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-1018 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-1017 + +Check that there are sufficient bytes in the buffer before reading the +cipherSize from it. Also, reduce the bufferSize variable by the number +of bytes that make up the cipherSize to avoid reading and writing bytes +beyond the buffer in subsequent steps that do in-place decryption. + +This fixes CVE-2023-1017 & CVE-2023-1018. + +Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> +--- + src/tpm2/CryptUtil.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/tpm2/CryptUtil.c b/src/tpm2/CryptUtil.c +index 002fde0987a9..8fae5b6903ca 100644 +--- a/src/tpm2/CryptUtil.c ++++ b/src/tpm2/CryptUtil.c +@@ -830,6 +830,10 @@ CryptParameterDecryption( + + sizeof(session->sessionKey.t.buffer))); + TPM2B_HMAC_KEY key; // decryption key + UINT32 cipherSize = 0; // size of cipher text ++ ++ if (leadingSizeInByte > bufferSize) ++ return TPM_RC_INSUFFICIENT; ++ + // Retrieve encrypted data size. + if(leadingSizeInByte == 2) + { +@@ -837,6 +841,7 @@ CryptParameterDecryption( + // data to be decrypted + cipherSize = (UINT32)BYTE_ARRAY_TO_UINT16(buffer); + buffer = &buffer[2]; // advance the buffer ++ bufferSize -= 2; + } + #ifdef TPM4B + else if(leadingSizeInByte == 4) +@@ -844,6 +849,7 @@ CryptParameterDecryption( + // the leading size is four bytes so get the four byte size field + cipherSize = BYTE_ARRAY_TO_UINT32(buffer); + buffer = &buffer[4]; //advance pointer ++ bufferSize -= 4; + } + #endif + else +-- +2.39.2 + |