Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for tboot

This update for tboot fixes the following issues:

Security issues fixed:

- CVE-2017-16837: Fix tbootfailed to validate a number of immutable function pointers, which could allow an attacker to bypass the chain of trust and execute arbitrary code (boo#1068390).
- Make tboot package compatible with OpenSSL 1.1.0 for SLE-15 support (boo#1067229).

Bug fixes:

- Update to new upstream version.
See release notes for details (1.9.6; 1.9.5, FATE#321510; 1.9.4, FATE#320665; 1.8.3, FATE#318542):
* https://sourceforge.net/p/tboot/code/ci/default/tree/CHANGELOG
- Fix some gcc7 warnings that lead to errors. (boo#1041264)
- Fix wrong pvops kernel config matching (boo#981948)
- Fix a excessive stack usage pattern that could lead to resets/crashes (boo#967441)
- fixes a boot issue on Skylake (boo#964408)
- Trim filler words from description; use modern macros over shell vars.
- Add reproducible.patch to call gzip -n to make build fully reproducible.

Fixed bugs
bnc#964408
[Miaoli_ X3250M6_Skylake ][OSEnab] The system will auto reboot when select tboot kernel in SLES12
bnc#967441
stack overflow in tboot when memory logging is active causes TXT boot to fail
bnc#1068390
VUL-0: CVE-2017-16837: tboot: Certain function pointers in Trusted Boot (tboot) through 1.9.6 are notvalidated and can cause arbitrary code execution, which allows local users tooverwrite dynamic PCRs of Trusted Platform Module (TPM) by h
bnc#1041264
GCC 7: tboot fails to build
bnc#981948
SLES12.2Beta1 default kernel without tboot on RD650_MLK
bnc#1067229
tboot fails to build with OpenSSL 1.1 on SLE-15
CVE-2017-16837
FATE#320665
FATE#321510
FATE#318542
Selected Binaries
openSUSE Build Service is sponsored by
Places