From d32e9ab991950213c0a9e7a9e2a93c285f6d9365 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.ibm.com>
Date: Fri, 2 Jan 2026 10:24:50 -0500
Subject: [PATCH 1/2] CHANGES: Updated CHANGES document for 0.10.2

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 CHANGES | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGES b/CHANGES
index 2db00949a..7d86ea3e7 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,9 @@
 CHANGES - changes for libtpms
 
+version 0.10.2:
+  - tpm2: Fix memory leak by freeing KDF context
+  - tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 version 0.10.1:
   - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
   - tpm2: fix build for LibreSSL 4.1.0

From 5282db80ea27c763c825da5b894d836c7d97d665 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.ibm.com>
Date: Fri, 2 Jan 2026 10:28:04 -0500
Subject: [PATCH 2/2] rpm/debian: Add 0.10.2 entry in changelog

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 debian/changelog     | 7 +++++++
 dist/libtpms.spec    | 4 ++++
 dist/libtpms.spec.in | 4 ++++
 3 files changed, 15 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 4fbe56c2c..43f1dea44 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+libtpms (0.10.2) RELEASED; urgency=high
+
+  * tpm2: Fix memory leak by freeing KDF context
+  * tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
+ -- Stefan Berger <stefanb@linux.ibm.com>  Tue, 2 Jan 2026 09:00:00 -0500
+
 libtpms (0.10.1) RELEASED; urgency=high
 
   * tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
diff --git a/dist/libtpms.spec b/dist/libtpms.spec
index e2b234c30..68dc47106 100644
--- a/dist/libtpms.spec
+++ b/dist/libtpms.spec
@@ -112,6 +112,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Jan 02 2026 Stefan Berger - 0.10.2-1
+- tpm2: Fix memory leak by freeing KDF context
+- tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 * Tue Jun 10 2025 Stefan Berger - 0.10.1-1
 - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
 - tpm2: fix build for LibreSSL 4.1.0
diff --git a/dist/libtpms.spec.in b/dist/libtpms.spec.in
index 4f6201a23..0c5fd0797 100644
--- a/dist/libtpms.spec.in
+++ b/dist/libtpms.spec.in
@@ -112,6 +112,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
 %postun -p /sbin/ldconfig
 
 %changelog
+* Fri Jan 02 2026 Stefan Berger - 0.10.2-1
+- tpm2: Fix memory leak by freeing KDF context
+- tpm2: Fix retrieval of updated IV when using OpenSSL >= 3.0 (CVE-2026-21444)
+
 * Tue Jun 10 2025 Stefan Berger - 0.10.1-1
 - tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue (CVE-2025-49133)
 - tpm2: fix build for LibreSSL 4.1.0