diff --git a/configure.ac b/configure.ac
index b19db106f..bd39d8d8b 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@
 #
 # See the LICENSE file for the license associated with this file.
 
-AC_INIT([libtpms],[0.10.2])
+AC_INIT([libtpms],[0.10.3])
 AC_PREREQ([2.69])
 AC_CONFIG_SRCDIR(Makefile.am)
 AC_CONFIG_AUX_DIR([.])
diff --git a/dist/libtpms.spec b/dist/libtpms.spec
index 68dc47106..7b91b2921 100644
--- a/dist/libtpms.spec
+++ b/dist/libtpms.spec
@@ -1,7 +1,7 @@
 # --- libtpm rpm-spec ---
 
 %define name      libtpms
-%define version   0.10.2
+%define version   0.10.3
 %define release   0~dev1
 
 # Valid crypto subsystems are 'freebl' and 'openssl'
diff --git a/include/libtpms/tpm_library.h b/include/libtpms/tpm_library.h
index 2619d44b4..75b0cede3 100644
--- a/include/libtpms/tpm_library.h
+++ b/include/libtpms/tpm_library.h
@@ -50,7 +50,7 @@ extern "C" {
 
 #define TPM_LIBRARY_VER_MAJOR 0
 #define TPM_LIBRARY_VER_MINOR 10
-#define TPM_LIBRARY_VER_MICRO 2
+#define TPM_LIBRARY_VER_MICRO 3
 
 #define TPM_LIBRARY_VERSION_GEN(MAJ, MIN, MICRO) \
     (( MAJ << 16 ) | ( MIN << 8 ) | ( MICRO ))
diff --git a/src/tpm2/NVMarshal.c b/src/tpm2/NVMarshal.c
index 122d4dff0..781a5e57b 100644
--- a/src/tpm2/NVMarshal.c
+++ b/src/tpm2/NVMarshal.c
@@ -4157,8 +4157,11 @@ PERSISTENT_DATA_PPList_Unmarshal(PERSISTENT_DATA *data, BYTE **buffer, INT32 *si
                 rc = ConvertFromCompressedBitArray(buf, array_size,
                                                    data->ppList, sizeof(data->ppList));
             } else {
+                /* later versions of libtpms may write bigger arrays - truncate them */
+                if (array_size > sizeof(data->ppList))
+                    array_size = sizeof(data->ppList);
+
                 memset(data->ppList, 0, sizeof(data->ppList));
-                assert(array_size <= sizeof(data->ppList));
                 memcpy(data->ppList, buf, array_size);
             }
         }
@@ -4220,8 +4223,11 @@ PERSISTENT_DATA_AuditCommands_Unmarshal(PERSISTENT_DATA *data, BYTE **buffer, IN
                 rc = ConvertFromCompressedBitArray(buf, array_size,
                                                    data->auditCommands, sizeof(data->auditCommands));
             } else {
+                /* later versions of libtpms may write bigger arrays - truncate them */
+                if (array_size > sizeof(data->auditCommands))
+                    array_size = sizeof(data->auditCommands);
+
                 memset(data->auditCommands, 0, sizeof(data->auditCommands));
-                assert(array_size <= sizeof(data->auditCommands));
                 memcpy(data->auditCommands, buf, array_size);
             }
         }