libtpms (0.10.2-1ubuntu1) resolute; urgency=medium

  * Merge with Debian unstable (LP: #2138533). Remaining changes:
    - d/rules: set -D_FLAGS_SOURCE=3 to avoid FTBFS (LP #2136755).
    - d/rules: set -O2 to avoid FTBFS in ppc64el (LP #2136757).
 -- Ural Tunaboyu <ural.tunaboyu@canonical.com>  Fri, 16 Jan 2026 07:23:01 -0800

libtpms (0.10.2-1) unstable; urgency=medium

  * New upstream version 0.10.2 (Closes: #1124557) (CVE-2026-21444)
  * Drop priority from d/control, now defaults to optional
  * Bump Standards-version to 4.7.3

 -- Luca Boccassi <bluca@debian.org>  Sat, 03 Jan 2026 00:39:07 +0100

libtpms (0.10.1-2ubuntu1) resolute; urgency=medium

  * Merge with Debian unstable (LP: #2130092).
  * New changes:
    - d/rules: set -D_FLAGS_SOURCE=3 to avoid FTBFS (LP: #2136755).
    - d/rules: set -O2 to avoid FTBFS in ppc64el (LP: #2136757).
  * Dropped patches that were upstreamed:
    - CVE-2025-49133.patch
    - do_not_inline_makeiv.patch
    - fix_ftbfs_cryptomacend.patch
    - CVE-2023-1017_1018.patch
    - lp-1948748-tpm2-Address-Coverity-Issue-by-casting-1-before-shif.patch
    - lp-1948748-tpm2-Check-return-code-of-BN_div.patch

 -- Ural Tunaboyu <ural.tunaboyu@canonical.com>  Wed, 17 Dec 2025 09:07:53 -0800

libtpms (0.10.1-2) unstable; urgency=medium

  * d/t/control: allow-stderr

 -- Luca Boccassi <bluca@debian.org>  Wed, 01 Oct 2025 09:05:28 +0200

libtpms (0.10.1-1) unstable; urgency=medium

  * Implement package salvaging protocol (Closes: #1113720)
  * Import autopkgtest from Ubuntu (Closes: #998654)
  * d/control: bump Standards-Version to 4.7.2, no changes
  * New upstream version 0.10.1 (Closes: #1032182)
  * Drop CVE patches, merged upstream
  * Refresh do_not_inline_makeiv.patch for new upstream release
  * Run wrap-and-sort for build deps
  * Switch from pkg-config to pkgconf
  * Build with package-notes ELF stamping
  * Mark libtpms-dev as MA: same
  * Update symbols file for 0.10.1
  * d/rules: drop unused dh_usrlocal override
  * Enable hardening options
  * Drop 0004-fix-ftbfs-bug.patch, no longer needed
  * Drop do_not_inline_makeiv.patch, no longer needed
  * Rework no_local_check.patch
  * Set forwarded tag in 0003-set-man-page-date-to-last-changelog.patch
  * Add d/salsa-ci.yml
  * Backport patch to fix dist-clean (Closes: #1046479)

 -- Luca Boccassi <bluca@debian.org>  Mon, 22 Sep 2025 12:44:18 +0100

libtpms (0.9.3-0ubuntu5) questing; urgency=medium

  * SECURITY UPDATE: Out of bounds access, denial of service
    - debian/patches/CVE-2025-49133.patch: Fix potential out-of-
      bound access & abort due to HMAC signing issue in tpm2/CryptUtil.c
    - CVE-2025-49133
  * debian/patches/do_not_inline_makeiv.patch: updated patch to set noinline 
    attribute for all arch's instead of just ppc64 to fix compiler warning 
    causing ftbfs in tpm2/AlgorithmTests.c
  * debian/patches/fix_ftbfs_crpytomacend.patch: add assertions to quiet
    compiler warning causing ftbfs in tpm2/crypto/openssl/CryptCmacEnd.c

 -- Elise Hlady <elise.hlady@canonical.com>  Wed, 25 Jun 2025 11:54:50 -0700

libtpms (0.9.3-0ubuntu4) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <steve.langasek@ubuntu.com>  Sun, 31 Mar 2024 19:48:06 +0000

libtpms (0.9.3-0ubuntu3) noble; urgency=medium

  * No-change rebuild against libssl3t64

 -- Steve Langasek <steve.langasek@ubuntu.com>  Mon, 04 Mar 2024 18:29:28 +0000

libtpms (0.9.3-0ubuntu2) lunar; urgency=medium

  * SECURITY UPDATE: out-of-bounds read/write
    - debian/patches/CVE-2023-1017_1018.patch: add a buffer size check and
      properly reduce bufferSize variable by the number of bytes that make
      up the cipherSize in CryptParameterDecryption() in
      src/tpm2/CryptUtil.c
    - CVE-2023-1017
    - CVE-2023-1018
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/tpm2-Check-size-of-TPM2B_NAME.patch: add a buffer
      size check in TPM2_PolicyAuthorize() in src/tpm2/EACommands.c.
    - No CVE number

 -- Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com>  Wed, 01 Mar 2023 18:23:14 -0300

libtpms (0.9.3-0ubuntu1) jammy; urgency=medium

  * merge 0.9.3 from upstram to stabilize libtpms in jammy; related to
    but not fixing (LP: 1948748)
    - d/p/lp-1948748-tpm2-Address-Coverity-Issue-by-casting-1-before-shif.patch:
      avoid bad shift
    - drop d/p/fix-openssl3-compat.patch: part of 0.9.3
    - drop d/p/uninitialized-variable.patch: no more needed
    - ppc64 fixes from upstream as identified and added to debian 0.9.2-3
      + d/p/do_not_inline_makeiv.patch
      + d/p/no_local_check.patch
    - d/p/lp-1948748-tpm2-Check-return-code-of-BN_div.patch: fix
      coverity finding

 -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Wed, 30 Mar 2022 09:04:10 +0200

libtpms (0.9.2-3.2) unstable; urgency=medium

  * Non-maintainer upload
  * Fix potential out-of-bound access (Closes: #1107617, CVE-2025-49133)

 -- Bastian Germann <bage@debian.org>  Thu, 12 Jun 2025 08:15:52 +0200

libtpms (0.9.2-3.1) unstable; urgency=medium

  * Non-maintainer upload.
  * tpm2: Check size of buffer before accessing it (CVE-2023-1017,
    CVE-2023-1018) (Closes: #1032420)

 -- Salvatore Bonaccorso <carnil@debian.org>  Tue, 07 Mar 2023 22:32:00 +0100

libtpms (0.9.2-3) unstable; urgency=medium

  * Fix ppc64el build errors (Closes: #997969)
  * debian/patches: Import upstream patches for fixing build errors

 -- Seunghun Han <kkamagui@gmail.com>  Tue, 08 Mar 2022 17:34:16 +0900

libtpms (0.9.2-2) unstable; urgency=medium

  * Upload source only for upstream version 0.9.2

 -- Seunghun Han <kkamagui@gmail.com>  Tue, 22 Feb 2022 17:29:00 +0900

libtpms (0.9.2-1) unstable; urgency=medium

  * New upstream version 0.9.2 (Closes: #1006213)

 -- Seunghun Han <kkamagui@gmail.com>  Tue, 22 Feb 2022 15:19:28 +0900

libtpms (0.9.1-1) unstable; urgency=medium

  * New upstream version 0.9.1
  * Fix a security issue, CVE-2021-3623 (Closes: #990522)
  * debian/patches: Remove some useless patches because of new upstream
    version
  * debian/control: Change Standards-Version to 4.6.0

 -- Seunghun Han <kkamagui@gmail.com>  Fri, 04 Feb 2022 15:03:03 +0900

libtpms (0.9.0-0ubuntu4) jammy; urgency=medium

  * d/p/fix-openssl3-compat.patch: Cherry-picked from upstream (LP: #1962601)

 -- Simon Chopin <simon.chopin@canonical.com>  Thu, 24 Mar 2022 19:11:59 +0100

libtpms (0.9.0-0ubuntu3) jammy; urgency=medium

  * No-change rebuild against openssl3

 -- Simon Chopin <simon.chopin@canonical.com>  Wed, 24 Nov 2021 13:54:17 +0000

libtpms (0.9.0-0ubuntu2) jammy; urgency=medium

  * Add autopkgtest.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 05 Nov 2021 16:10:38 +0000

libtpms (0.9.0-0ubuntu1) jammy; urgency=medium

  * New upstream release.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Thu, 04 Nov 2021 14:46:26 -0700

libtpms (0.8.2-1ubuntu1) impish; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - debian/patches/uninitialized-variable.patch: fix issues of variables
      that may be used before initialization.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Tue, 27 Apr 2021 23:55:31 -0700

libtpms (0.8.2-1) unstable; urgency=medium

  * New upstream version 0.8.2
  * Fix a security issue, CVE-2021-3446 (Closes: #986799)
  * debian/patches: Remove some useless patches because of new upstream
    version
  * debian/copyright: Fix lintian issues

 -- Seunghun Han <kkamagui@gmail.com>  Wed, 14 Apr 2021 13:49:01 +0900

libtpms (0.8.0~dev1-1.2ubuntu1) hirsute; urgency=medium

  * debian/patches/uninitialized-variable.patch: fix issues of variables
    that may be used before initialization.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 09 Dec 2020 19:31:25 +0000

libtpms (0.8.0~dev1-1.2) unstable; urgency=medium

  * Fix a non-reproducible bug caused by the invalid path (Closes: #964768)
  * Fix a FTBFS bug caused by the incomplete condition (Closes: #966857)

 -- Seunghun Han <kkamagui@gmail.com>  Sun, 09 Aug 2020 02:31:09 +0900

libtpms (0.8.0~dev1-1.1) unstable; urgency=medium

  * Non-maintainer upload.
  * debian/control: Set git packaging repo to be under Salsa Debian
    group.
  * Source-only upload to allow testing migration.
  * debian/install: Also install static library for -dev package.

 -- Boyuan Yang <byang@debian.org>  Tue, 07 Jul 2020 10:58:58 -0400

libtpms (0.8.0~dev1-1) unstable; urgency=medium

  * New maintainer (Closes: #958071)
  * Updated standards version to 4.5.0 in debian/control
  * Updated debhelper version to 12 in debian/control
  * Added Rules-Requires-Root to debian/control
  * Added Vcs-Browser and Vcs-Git to debian/control
  * Removed autotools-dev and dh-autoreconf from debian/control since enabled
    by default
  * Removed autotools-dev, parallel options from debian/rules since deprecated
    and enabled by default
  * Converted debian/copyright to dep5-copyright format
  * Added debian/watch file
  * Added debian/libtpms.symbols file
  * Added debian/upstream/metadata file
  * Changed section of man pages from 1 to 3
  * Fixed typos and a long line warning in man pages
  * Set date of man pages to last changelog entry

 -- Seunghun Han <kkamagui@gmail.com>  Sat, 18 Apr 2020 09:20:03 +0900

