integ/grub
Li Zhou daea2d8219 grub2/grub-efi: fix CVE-2023-4692/CVE-2023-4693
Porting patches from grub2_2.06-3~deb11u6 to fix
CVE-2023-4692/CVE-2023-4693.

The source code of grub2_2.06-3~deb11u6 is from:
https://snapshot.debian.org/archive/debian-security/20231006T185629Z/
pool/updates/main/g/grub2/grub2_2.06-3~deb11u6.debian.tar.xz

Patch for CVE-2023-4692:
<fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute
 for the $MFT file>
Patch for CVE-2023-4693:
<fs/ntfs: Fix an OOB read when reading data from the resident $DATA
 attribute>

No content changes for all the patches from debian release.

We do this because grub2/grub-efi is ported from wrlinux for
secure boot bringing up.

Test plan:
 - PASS: build grub2/grub-efi.
 - PASS: build-image and install and boot up on lab/qemu.
 - PASS: check that the "stx.N" version number is right for both
         bios(grub2 ver) and uefi(grub-efi ver) boot.

Closes-bug: 2038742

Signed-off-by: Li Zhou <li.zhou@windriver.com>
Change-Id: I7c8e11952fb409be93e9d777bf7da7b87414a95d
2023-10-09 22:31:36 -04:00
..
grub2 grub2/grub-efi: fix CVE-2023-4692/CVE-2023-4693 2023-10-09 22:31:36 -04:00
grub-efi/debian grub2/grub-efi: fix CVE-2023-4692/CVE-2023-4693 2023-10-09 22:31:36 -04:00
grubby Fix lint errors identified by Zuul pylint job 2023-03-15 12:07:17 +00:00