* SECURITY UPDATE: out-of-bounds read/write
- debian/patches/CVE-2023-1017_1018.patch: add a buffer size check and
properly reduce bufferSize variable by the number of bytes that make
up the cipherSize in CryptParameterDecryption() in
src/tpm2/CryptUtil.c
- CVE-2023-1017
- CVE-2023-1018
* SECURITY UPDATE: out-of-bounds read
- debian/patches/tpm2-Check-size-of-TPM2B_NAME.patch: add a buffer
size check in TPM2_PolicyAuthorize() in src/tpm2/EACommands.c.
- No CVE number
libtpms (0.9.3- 0ubuntu1. 22.10.1) kinetic-security; urgency=medium
* SECURITY UPDATE: out-of-bounds read/write patches/ CVE-2023- 1017_1018. patch: add a buffer size check and ecryption( ) in tpm2/CryptUtil. c patches/ tpm2-Check- size-of- TPM2B_NAME. patch: add a buffer orize() in src/tpm2/ EACommands. c.
- debian/
properly reduce bufferSize variable by the number of bytes that make
up the cipherSize in CryptParameterD
src/
- CVE-2023-1017
- CVE-2023-1018
* SECURITY UPDATE: out-of-bounds read
- debian/
size check in TPM2_PolicyAuth
- No CVE number
-- Rodrigo Figueiredo Zaiden <email address hidden> Wed, 01 Mar 2023 19:45:47 -0300