summaryrefslogtreecommitdiffstats
path: root/meta/recipes-bsp/grub/files/CVE-2022-28734-net-http-Fix-OOB-write-for-split-http-headers.patch
Commit message (Collapse)AuthorAgeFilesLines
* grub2: upgrade 2.06 -> 2.12Anuj Mittal2024-01-241-56/+0
| | | | | | | | | | | | | | Drop patches that have been upstreamed. Refresh others. This version dropped extra_deps.lst from the tarball [1] and that leads to build failures. Restore it in do_configure for now. [1] https://git.savannah.gnu.org/cgit/grub.git/commit/?id=b835601c7639ed1890f2d3db91900a8506011a8e (From OE-Core rev: 7c8e1e48075f7f54aec9d295605c982f440be5d5) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* grub2: fix several CVEsYongxin Liu2022-08-211-0/+56
Backport CVE patches from upstream to fix: CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 Backport the following 5 patches to make CVE patches be applied smoothly. video-Remove-trailing-whitespaces.patch video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch (From OE-Core rev: db43401a3a4c201f02f4128fa4bac8ce993bfec0) Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-12-16 18:08:13 +0000