| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | grub: clean up CVE patches | Yongxin Liu | 2020-11-08 | 1 | -1326/+0 |
| | | | | | | | | | | | | | | | Clean up several patches introduced in commit 6732918498 ("grub:fix several CVEs in grub 2.04"). 1) Add CVE tags to individual patches. 2) Rename upstream patches and prefix them with CVE tags. 3) Add description of reference to upstream patch. (From OE-Core rev: bcb8b6719beaf6625e6b703e91958fe8afba5819) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||||
| * | grub: fix several CVEs in grub 2.04 | Yongxin Liu | 2020-10-30 | 1 | -0/+1326 |
| Backport patches from https://git.savannah.gnu.org/git/grub.git to fix some CVEs. Here is the list. CVE-2020-14308: 0001-calloc-Make-sure-we-always-have-an-overflow-checking.patch 0002-lvm-Add-LVM-cache-logical-volume-handling.patch 0003-calloc-Use-calloc-at-most-places.patch CVE-2020-14309, CVE-2020-14310, CVE-2020-14311: 0004-safemath-Add-some-arithmetic-primitives-that-check-f.patch 0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch CVE-2020-15706: 0006-script-Remove-unused-fields-from-grub_script_functio.patch 0007-script-Avoid-a-use-after-free-when-redefining-a-func.patch CVE-2020-15707: 0008-linux-Fix-integer-overflows-in-initrd-size-handling.patch (From OE-Core rev: 67329184985a03534f11f95e9df5f9fb2305a261) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | |||||
 |
index : linux/poky.git | |
| Mirror of git.yoctoproject.org/poky | N/A |
| summaryrefslogtreecommitdiffstats |
path: root/meta/recipes-bsp/grub/files/0005-malloc-Use-overflow-checking-primitives-where-we-do-.patch