]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit
projects / thirdparty / openembedded / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: deb919a) | patch
grub2: Fix CVE-2022-2601 & CVE-2022-3775
authorHitendra Prajapati <hprajapati@mvista.com>
Thu, 5 Jan 2023 06:25:25 +0000 (11:55 +0530)
committerSteve Sakoman <steve@sakoman.com>
Mon, 9 Jan 2023 16:30:45 +0000 (06:30 -1000)
commit6149febd53b32406dc4b07b1721b3dfbae70723e
tree152c9e1a263603e92e1dbbb5cbef4f1a138546f4tree
parentdeb919a693e4371ace649680ca06ca6b6e3da4e2commit | diff
grub2: Fix CVE-2022-2601 & CVE-2022-3775

Backport patch from upstream to solve CVE-2022-2601 CVE-2022-3775 dependency:

font: Fix size overflow in grub_font_get_glyph_internal()
Upstream-Status: Backport from https://git.savannah.gnu.org/cgit/grub.git/commit/?id=9c76ec09ae08155df27cd237eaea150b4f02f532

CVE-2022-2601: font: Fix several integer overflows in grub_font_construct_glyph()
Upstream-Status: Backport from https://git.savannah.gnu.org/cgit/grub.git/commit/?id=768e1ef2fc159f6e14e7246e4be09363708ac39e

CVE-2022-3775: font: Fix an integer underflow in blit_comb()
Upstream-Status: Backport from https://git.savannah.gnu.org/cgit/grub.git/commit/?id=992c06191babc1e109caf40d6a07ec6fdef427af

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
meta/recipes-bsp/grub/files/CVE-2022-2601.patch [new file with mode: 0644] blob
meta/recipes-bsp/grub/files/CVE-2022-3775.patch [new file with mode: 0644] blob
meta/recipes-bsp/grub/files/font-Fix-size-overflow-in-grub_font_get_glyph_intern.patch [new file with mode: 0644] blob
meta/recipes-bsp/grub/grub2.inc diff | blob | blame | history
Mirror of git://git.openembedded.org/openembedded-core