diff options
author | Xiangyu Chen <xiangyu.chen@eng.windriver.com> | 2022-12-26 15:16:19 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-12-26 18:49:07 +0000 |
commit | 7ec846be8be10183e2d69bc272a82a7611dfe286 (patch) | |
tree | eef76ae8cd3a99d39f9deb69cfe510e3f123cb9d /meta/recipes-bsp/grub/grub2.inc | |
parent | f2c5a99994b5634b682ac324d63880427de95d1a (diff) | |
download | poky-7ec846be8be10183e2d69bc272a82a7611dfe286.tar.gz |
grub2: backport patch to fix CVE-2022-2601 CVE-2022-3775
Backport patch from upstream to solve CVE-2022-2601 CVE-2022-3775 dependency:
font: Fix size overflow in grub_font_get_glyph_internal()
(https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c76ec09ae08155df27cd237eaea150b4f02f532)
Backport patch from upstream to fix following CVEs:
CVE-2022-2601: font: Fix several integer overflows in grub_font_construct_glyph()
(https://git.savannah.gnu.org/cgit/grub.git/commit/?id=768e1ef2fc159f6e14e7246e4be09363708ac39e)
CVE-2022-3775: font: Fix an integer underflow in blit_comb()
(https://git.savannah.gnu.org/cgit/grub.git/commit/?id=992c06191babc1e109caf40d6a07ec6fdef427af)
(From OE-Core rev: fa5a42150098be892246146456faed778e28ef94)
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Liwei Song <liwei.song@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-bsp/grub/grub2.inc')
-rw-r--r-- | meta/recipes-bsp/grub/grub2.inc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index e819cb9775..bf7aba6b1c 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc | |||
@@ -37,6 +37,9 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ | |||
37 | file://loader-efi-chainloader-Simplify-the-loader-state.patch \ | 37 | file://loader-efi-chainloader-Simplify-the-loader-state.patch \ |
38 | file://commands-boot-Add-API-to-pass-context-to-loader.patch \ | 38 | file://commands-boot-Add-API-to-pass-context-to-loader.patch \ |
39 | file://CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch\ | 39 | file://CVE-2022-28736-loader-efi-chainloader-Use-grub_loader_set_ex.patch\ |
40 | file://0001-font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch \ | ||
41 | file://CVE-2022-2601.patch \ | ||
42 | file://CVE-2022-3775.patch \ | ||
40 | " | 43 | " |
41 | 44 | ||
42 | SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f" | 45 | SRC_URI[sha256sum] = "23b64b4c741569f9426ed2e3d0e6780796fca081bee4c99f62aa3f53ae803f5f" |