Overview
Request 1059943 accepted
- add 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch: fixes
CVE-2023-22745 (bsc#1207325): Buffer Overlow in TSS2_RC_Decode. Overly large
RC values passed to the TSS2 function could lead to memory overread or
memory overread.
This patch is not yet part of any upstream git tag.
SOs must not obsolete other versions of themselves, that breaks co-installability and is a clear violation of SLPP.
FWICT %{_tmpfilesdir}/tpm2-tss-fapi.conf
needs to be moved to a separate package.
Request History
mgerstner created request
- add 0001-tss2_rc-ensure-layer-number-is-in-bounds.patch: fixes
CVE-2023-22745 (bsc#1207325): Buffer Overlow in TSS2_RC_Decode. Overly large
RC values passed to the TSS2 function could lead to memory overread or
memory overread.
This patch is not yet part of any upstream git tag.
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse set openSUSE:Factory:Staging:G as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:G"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:G"
dimstar accepted review
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:G got accepted.
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:G got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:G got accepted.