Hello,
This is an announcement of TF-M v1.6.1 hotfix preparation. The reason for the hot fix is the recently found incorrect stack sealing in Library model. The library mode is deprecated already but is available in v1.6.0 and the intention is to leave it in the best shape to our knowledge. Security analysis shows no vulnerability was brought by this defect, so it is not a security fix.
The plan is to issue the fix by Nov 17.
TF-M release cadence and process is here: https://tf-m-user-guide.trustedfirmware.org/releases/release_process.htmltea...
Thanks, Anton
Hi,
TF-M released a hotfix to the current version, tagged by TF-Mv1.6.1https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tag/?h=TF-Mv1.6.1.
The fixes:
* Correctly apply the stack sealing for the PSP stack in library mode * Fix an issue by which the TF-M Crypto service might use invalid lengths for output buffer parameters for some PSA Crypto APIs calls leading to an automatic reset of the device when the API should just return PSA_ERROR_BUFFER_TOO_SMALL
Please do not confuse it with the upcoming main release v1.7.0 planned for the beginning of December.
Thanks, Anton
tf-m@lists.trustedfirmware.org
-
Anton Komlev