| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001_add_version_string.patch | Add version string to configure.ac The configure.ac uses git to get the version string. However the git command cannot get the version string because this is not a git repo. In Debian we should get the string from debian/changelog. =================================================================== |
Ying-Chun Liu (PaulLiu) <paulliu@debian.org> | no | debian | 2018-12-10 | |
| 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch | [PATCH] tpm2_import: fix fixed AES key CVE-2021-3565 tpm2_import used a fixed AES key for the inner wrapper, which means that a MITM attack would be able to unwrap the imported key. Even the use of an encrypted session will not prevent this. The TPM only encrypts the first parameter which is the fixed symmetric key. To fix this, ensure the key size is 16 bytes or bigger and use OpenSSL to generate a secure random AES key. |
William Roberts <william.c.roberts@intel.com> | no | debian | 2021-05-21 |