daea2d8219
Porting patches from grub2_2.06-3~deb11u6 to fix CVE-2023-4692/CVE-2023-4693. The source code of grub2_2.06-3~deb11u6 is from: https://snapshot.debian.org/archive/debian-security/20231006T185629Z/ pool/updates/main/g/grub2/grub2_2.06-3~deb11u6.debian.tar.xz Patch for CVE-2023-4692: <fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for the $MFT file> Patch for CVE-2023-4693: <fs/ntfs: Fix an OOB read when reading data from the resident $DATA attribute> No content changes for all the patches from debian release. We do this because grub2/grub-efi is ported from wrlinux for secure boot bringing up. Test plan: - PASS: build grub2/grub-efi. - PASS: build-image and install and boot up on lab/qemu. - PASS: check that the "stx.N" version number is right for both bios(grub2 ver) and uefi(grub-efi ver) boot. Closes-bug: 2038742 Signed-off-by: Li Zhou <li.zhou@windriver.com> Change-Id: I7c8e11952fb409be93e9d777bf7da7b87414a95d |
||
|---|---|---|
| .. | ||
| grub2 | ||
| grub-efi/debian | ||
| grubby | ||