grub: fix several CVEs in grub 2.04 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Yongxin Liu <yongxin.liu@windriver.com>	2020-10-28 11:18:06 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-11-12 13:07:52 +0000
commit	5b716fa8e2562a1f942c2d920a3f727c3841c4f3 (patch)
tree	2f9803068abf3f4ef9d3a3109f382788b4bf4ce1 /meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch
parent	59c65998c8e87758aec4ad77e96cf212f0b47f40 (diff)
download	poky-5b716fa8e2562a1f942c2d920a3f727c3841c4f3.tar.gz

grub: fix several CVEs in grub 2.04

Backport patches from https://git.savannah.gnu.org/git/grub.git to fix some CVEs. Here is the list. CVE-2020-14308: 0001-calloc-Make-sure-we-always-have-an-overflow-checking.patch 0002-lvm-Add-LVM-cache-logical-volume-handling.patch 0003-calloc-Use-calloc-at-most-places.patch CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: 0004-safemath-Add-some-arithmetic-primitives-that-check-f.patch 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch CVE-2020-15706: 0006-script-Remove-unused-fields-from-grub_script_functio.patch 0007-script-Avoid-a-use-after-free-when-redefining-a-func.patch CVE-2020-15707: 0008-linux-Fix-integer-overflows-in-initrd-size-handling.patch (From OE-Core rev: af52a1f1f3a2ab61fea263c3dd17628f359ec906) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 67329184985a03534f11f95e9df5f9fb2305a261) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-bsp/grub/files/calloc-Make-sure-we-always-have-an-overflow-checking.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: