Fedora has issued an advisory on May 2: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C5KBU2UTLZC4ZWDUVRNULGMPVMFQ3RZ7/ The problem is fixed in version 4.1.0.
Source RPM: (none) => tpm2-tss-4.0.1-1.mga9.src.rpmStatus comment: (none) => Fixed upstream in 4.1.0CVE: (none) => CVE-2024-29040
DavidG has just put version: 4.1.0 in Cauldron, so this bug is for porting it to M9.
Assignee: bugsquad => geiger.david68210
Assigning to QA, Packages in 9/Core/Updates_testing: ====================== lib64tpm2-tss-devel-4.0.2-1.mga9 lib64tss2-esys0-4.0.2-1.mga9 lib64tss2-fapi1-4.0.2-1.mga9 lib64tss2-mu0-4.0.2-1.mga9 lib64tss2-policy0-4.0.2-1.mga9 lib64tss2-rc0-4.0.2-1.mga9 lib64tss2-sys1-4.0.2-1.mga9 lib64tss2-tcti-cmd0-4.0.2-1.mga9 lib64tss2-tcti-device0-4.0.2-1.mga9 lib64tss2-tcti-mssim0-4.0.2-1.mga9 lib64tss2-tcti-pcap0-4.0.2-1.mga9 lib64tss2-tcti-spi-helper0-4.0.2-1.mga9 lib64tss2-tcti-swtpm0-4.0.2-1.mga9 lib64tss2-tctildr0-4.0.2-1.mga9 tpm2-tss-4.0.2-1.mga9 libtpm2-tss-devel-4.0.2-1.mga9 libtss2-esys0-4.0.2-1.mga9 libtss2-fapi1-4.0.2-1.mga9 libtss2-mu0-4.0.2-1.mga9 libtss2-policy0-4.0.2-1.mga9 libtss2-rc0-4.0.2-1.mga9 libtss2-sys1-4.0.2-1.mga9 libtss2-tcti-cmd0-4.0.2-1.mga9 libtss2-tcti-device0-4.0.2-1.mga9 libtss2-tcti-mssim0-4.0.2-1.mga9 libtss2-tcti-pcap0-4.0.2-1.mga9 libtss2-tcti-spi-helper0-4.0.2-1.mga9 libtss2-tcti-swtpm0-4.0.2-1.mga9 libtss2-tctildr0-4.0.2-1.mga9 From SRPMS: tpm2-tss-4.0.2-1.mga9.src.rpm
Assignee: geiger.david68210 => qa-bugs
As I not found any good info of what this CVEs are , I requet some help to write the advisory for this and bug#33175
@katnatek in reply to comment 3: Shall take a look but it will not be quick. Meanwhile; Mageia9, x64 Installed all the core packages then updated them via qarepo and drakrpm-update. No issues there. Having already ascertained that none of my hardware meets the specification required there is little that can be done to test the software here so it should be released on the basis of a clean update unless anybody else could test it on more relevant hardware (Windows 11 compliant). CVE-2024-29040 has been reserved pending further analysis. The description says "arbitrary quote data may go undetected by Fapi_VerifyQuote". And https://access.redhat.com/security/cve/CVE-2024-29040 "A flaw was found in the tpm2-tss package, where it was not checked to see if the magic number in the attest is equal to the TPM2_GENERATED_VALUE. This flaw allows an attacker to generate arbitrary quote data, which may not be detected by Fapi_VerifyQuote."
CC: (none) => tarazed25
Keywords: (none) => advisory
Oops! Too much hurry - I think I left out the bug number in the commit message. Anybody know how to edit that?
(In reply to Len Lawrence from comment #5) > Oops! Too much hurry - I think I left out the bug number in the commit > message. Anybody know how to edit that? What we can do is EDITOR=vi svn propedit --revprop svn:log -r REVISION In this case EDITOR=vi svn propedit --revprop svn:log -r 16181 I did edit this for you If you update your working copy and run svn log 33176.adv You'll see that now the message include the bugnumber Sadly, this not fix the flaw in https://svnweb.mageia.org/advisories/33176.adv Also, we can 1 make a cosmetic change and updates the file and provide a new message or 2 delete from svn and create again the file I not remember if this is in the wikki, marja give me this tip in my first advisory, if it is not so, I'll add it
In reply to katnatek in comment 5: Thanks for doing that and for the information. I did follow some of the steps again: $ EDITOR=vi svn propedit --revprop svn:log -r 16181 Set new value for property 'svn:log' on revision 16181 $ svn diff $ svn log 33176.adv ------------------------------------------------------------------------ r16181 | tarazed | 2024-05-06 11:06:32 +0100 (Mon, 06 May 2024) | 2 lines Security advisory M9 tpm2-tss mga#33176 ------------------------------------------------------------------------ but as you said, nothing actually changes on SVN. I shall try the cosmetic change and re-submit.
That has worked I think. $ svn up Updating '.': At revision 16183. lcl@yildun:adv $ svn log 33176.adv ------------------------------------------------------------------------ r16183 | tarazed | 2024-05-06 21:23:01 +0100 (Mon, 06 May 2024) | 1 line Update security advisory M9 tpm2-tss mga#33176 [...] It looks OK on the link you quoted. Thanks again.
Time's up. Sending this on.
Whiteboard: (none) => MGA9-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0171.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED