File _patchinfo of Package patchinfo.36171

<patchinfo incident="36171">
  <issue tracker="bnc" id="1222899">[SECURITY] openSSL 3.1.x EC doesn't work with tpm2</issue>
  <issue tracker="jsc" id="PED-11053"/>
  <packager>ayankov</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for tpm2-openssl</summary>
  <description>This update for tpm2-openssl fixes the following issues:

This update ships tpm2-openssl. (bsc#1222899, jsc#PED-11053)

Added:

* Added support for ECDH with a KDF, which is used by ECC-based CMS (S/MIME).
* Added retrieval of OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY for EC keys and retrieval
  of TLS-GROUP provider capabilities to enable mTLS authentication (thanks to @rshearman).
* Added mTLS example to documentation (thanks to @hoinmic).
* Added missing RAND parameters: 'state' and 'strength' (thanks to @mccarey).
* Added ability to run tests in a container (thanks to @afreof).
* Added Visual Studio properties to simplify the Windows build (thanks to @philippun1).

Changed:
* Symmetric operations are disabled by default. In most situations these are not needed and
  cause a huge performance penalty. To enable, configure with --enable-op-digest or
  --enable-op-cipher.

Removed:
* Removed unofficial support for tpm2-tss &lt; 3.2.0, which do not support the openssl 3.x.

Fixed:

* Fixed key export: the private keys are not exportable, which shall fix some TPM-based sign
  operations (thanks to @fhars).
* Fixed handle related operations on 32b machines (thanks to @dezgeg).
* Fixed OSSL_FUNC_KEYMGMT_HAS operations with NULL keys.
* Fixed a heap exception on some machines (thanks to @philippun1).
* Fixed build warnings when building on the Fedora Linux.
* In documentation and tests applied a correct order of providers (thanks to @hoinmic).
* Modified documentation: the user-space resource manager (abrmd) is almost mandatory for complex
  scenarios such as SSL or X.509 operations.
</description>
</patchinfo>