5.1.1 - 5.1.1 2021-06-21
5.1.1 2021-06-21
- tpm2_import: fix fixed AES key CVE-2021-3565
- tpm2_import used a fixed AES key for the inner wrapper, which means that
a MITM attack would be able to unwrap the imported key. To fix this,
ensure the key size is 16 bytes or bigger and use OpenSSL to generate a
secure random AES key.
- tpm2_import used a fixed AES key for the inner wrapper, which means that