stefanberger · stefanberger · Jan 2, 2026 · Jan 2, 2026 · Jan 2, 2026
diff --git a/CHANGES b/CHANGES
@@ -1,5 +1,9 @@
 CHANGES - changes for libtpms
 
+version 0.10.2:
+  - tpm2: Fix memory leak by freeing KDF context
+  - tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 version 0.10.1:
   - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
   - tpm2: fix build for LibreSSL 4.1.0

diff --git a/debian/changelog b/debian/changelog
@@ -1,3 +1,10 @@
+libtpms (0.10.2) RELEASED; urgency=high
+
+  * tpm2: Fix memory leak by freeing KDF context
+  * tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
+ -- Stefan Berger <stefanb@linux.ibm.com>  Tue, 2 Jan 2026 09:00:00 -0500
+
 libtpms (0.10.1) RELEASED; urgency=high
 
   * tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)

diff --git a/dist/libtpms.spec b/dist/libtpms.spec
@@ -112,6 +112,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Jan 02 2026 Stefan Berger - 0.10.2-1
+- tpm2: Fix memory leak by freeing KDF context
+- tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 * Tue Jun 10 2025 Stefan Berger - 0.10.1-1
 - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
 - tpm2: fix build for LibreSSL 4.1.0

diff --git a/dist/libtpms.spec.in b/dist/libtpms.spec.in
@@ -112,6 +112,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Jan 02 2026 Stefan Berger - 0.10.2-1
+- tpm2: Fix memory leak by freeing KDF context
+- tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 * Tue Jun 10 2025 Stefan Berger - 0.10.1-1
 - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
 - tpm2: fix build for LibreSSL 4.1.0