Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libtspi1-32bit | Distribution: SUSE Linux Enterprise 15 |
Version: 0.3.15 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 150400.1.10 | Build date: Sun May 8 08:14:18 2022 |
Group: Productivity/Security | Build host: sheep94 |
Size: 554168 | Source RPM: trousers-0.3.15-150400.1.10.src.rpm |
Packager: https://www.suse.com/ | |
Url: http://trousers.sourceforge.net/ | |
Summary: TSS (TCG Software Stack) access daemon for a TPM chip |
The trousers package provides a TSS implementation through the help of a user-space daemon, the tcsd, and a library Trousers aims to be compliant to the 1.1b and 1.2 TSS specifications as available from the Trusted Computing website http://www.trustedcomputinggroup.org/. The package needs the /dev/tpm device file to be present on your system. It is a character device file major 10 minor 224, 0600 tss:tss.
BSD-3-Clause
* Tue Oct 05 2021 matthias.gerstner@suse.com - update to new upstream version 0.3.15 (jira#SLE-18269): - Corrected mutliple security issues that existed if the tcsd is started by root instead of the tss user. CVE-2020-24332, CVE-2020-24330, CVE-2020-24331 - Replaced use of _no_optimize with asm memory barrier - Fixed multiple potential instances of use after free memory handling - Removed unused global variables which caused build issue on some distros - drop bsc1164472.patch: now contained in upstream tarball - adjusted %setup macro invocation which seemed to be wrong * Mon May 25 2020 matthias.gerstner@suse.com - fix a potential tss user to root privilege escalation when running tcsd (bsc#1164472). To do this run tcsd as the 'tss' user right away to prevent badly designed privilege drop and initialization code to run. - add bsc1164472.patch: additionally harden operation of tcsd when running as root. No longer follow symlinks in /var/lib/tpm. Drop gid to tss main group. require /etc/tcsd.conf to be owned by root:tss mode 0640. * Tue Nov 26 2019 matthias.gerstner@suse.com - Fix a local symlink attack problem with the %posttrans scriptlet (bsc#1157651, CVE-2019-18898). A rogue tss user could have used this attack to gain ownership of arbitrary files in the system during installation/update of the trousers package. * Tue Oct 30 2018 matthias.gerstner@suse.com - fix wrong installation of system.data.{auth,noauth} into /var/lib/tpm. These files are only sample files that *can* be used to fake that ownership was already taken by trousers, when other TPM stacks did that already. These files should not be there by default. Therefore install them into /usr/share/trousers instead, to allow the user to use them at his own discretion (fixes bsc#1111381). - implement a backup and restore logic for /var/lib/tpm/system.data.* to prevent removal of validly stored trousers state during update. * Sun Jan 01 2017 mailaender@opensuse.org - Update to version 0.3.14 (see ChangeLog) (FATE#321450) * Fri May 06 2016 jengelh@inai.de - Check for user/group existence before attempting to add them, and remove error suppression from these calls. - Avoid runtime dependency on systemd, the macros can all deal with its absence. * Fri Jun 19 2015 crrodriguez@opensuse.org - Force GNU inline semantics, fixes build with GCC5 * Thu Apr 02 2015 mpluskal@suse.com - Cleanup spec-file with spec-cleaner - Update prerequires - Use systemd unit file * replace tcsd.init with tcsd.service * Tue Jun 03 2014 meissner@suse.com - updated to trousers 0.3.13 (bnc#881095 LTC#111124) - Changed exported functions which had a name too common, to avoid collision - Assessed daemon security using manual techniques and coverity - Fixed major security bugs and memory leaks - Added debug support to run tcsd with a different user/group - Daemon now properly closes sockets before shutting down * TROUSERS_0_3_12 - Added new network code for RPC, which supports IPv6 - Users of client applications can configure the hostname of the tcsd server they want to connect through the TSS_TCSD_HOSTNAME env var (only works if application didn't set a hostname in the context) - Added disable_ipv4 and disable_ipv6 config options for server - removed trousers-wrap_large_key_overflow.patch: upstream - removed trousers-0.3.11.2.diff: solved upstream now * Wed Mar 19 2014 meissner@suse.com - trousers-wrap_large_key_overflow.patch: Do not wrap keys larger than 2048 bit, as the space on the TPM is limited to that amount. (bnc#868933)
/lib/libtspi.so.1 /lib/libtspi.so.1.2.0
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 16:00:25 2024