Hector Marco-Gisbert 
								
							 
						 
						
							
							
							
							
								
							
							
								451d80e52d 
								
							 
						 
						
							
							
								
								Fix security issue when reading username and password  
							
							... 
							
							
							
							This patch fixes two integer underflows at:
  * grub-core/lib/crypto.c
  * grub-core/normal/auth.c
CVE-2015-8370
Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
Also-By: Andrey Borzenkov <arvidjaar@gmail.com> 
							
						 
						
							2015-12-16 07:57:18 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								94f701a826 
								
							 
						 
						
							
							
								
								crypto: restrict cipher block size to power of 2.  
							
							... 
							
							
							
							All current ciphers have blocks which are power of 2 and it's
unlikely to change. Other block length would be tricky to handle anyway.
This restriction allows avoiding extra divisions. 
							
						 
						
							2015-02-26 22:04:40 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								76a2a43011 
								
							 
						 
						
							
							
								
								* grub-core/lib/crypto.c: Don't discard const attribute.  
							
							
							
						 
						
							2013-12-21 13:34:03 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								7dd0a30361 
								
							 
						 
						
							
							
								
								* grub-core/lib/crypto.c (grub_crypto_hash): Remove variable length  
							
							... 
							
							
							
							array. 
							
						 
						
							2013-11-20 20:09:18 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								4b85f1228a 
								
							 
						 
						
							
							
								
								* grub-core/lib/crypto.c (grub_crypto_cbc_decrypt): Remove variable  
							
							... 
							
							
							
							length arrays. 
							
						 
						
							2013-11-12 02:49:17 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								4a445f580b 
								
							 
						 
						
							
							
								
								Move password-querying (util-version) routines to grub-core/osdep.  
							
							
							
						 
						
							2013-10-08 17:51:39 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								6b87c10a0b 
								
							 
						 
						
							
							
								
								* grub-core/lib/crypto.c (grub_password_get) [GRUB_UTIL]: Add  
							
							... 
							
							
							
							windows variant.
	* util/grub-mkpasswd-pbkdf2.c: Add windows flavour for retrieving random
	data. 
							
						 
						
							2013-08-22 20:14:07 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								5e3b8dcbb5 
								
							 
						 
						
							
							
								
								Import gcrypt public-key cryptography and implement signature checking.  
							
							
							
						 
						
							2013-01-11 21:32:42 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								9c4b5c13e6 
								
							 
						 
						
							
							
								
								Improve gettext support. Stylistic fixes and error handling fixes while  
							
							... 
							
							
							
							on it. 
							
						 
						
							2012-02-08 19:26:01 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								496bd07446 
								
							 
						 
						
							
							
								
								Unify and improve RAID and crypto xor.  
							
							... 
							
							
							
							* grub-core/disk/raid.c (grub_raid_block_xor): Removed. All users
	changed to grub_crypto_xor
	* grub-core/lib/crypto.c (grub_crypto_xor): Moved from here ...
	* include/grub/crypto.h (grub_crypto_xor): ... here. Inlined.
	Use bigger types when possible. 
							
						 
						
							2011-12-13 01:26:53 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								f003a8c5e7 
								
							 
						 
						
							
							
								
								Move ZFS crypto to separate module  
							
							
							
						 
						
							2011-11-06 15:18:25 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								1bc7cc1b4d 
								
							 
						 
						
							
							
								
								First part of zfs-crypto. CCM support with 0-filled keys  
							
							
							
						 
						
							2011-11-06 13:18:27 +01:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								88ac3146d6 
								
							 
						 
						
							
							
								
								geli v5 (including rekeying support)  
							
							
							
						 
						
							2011-04-24 17:15:55 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								848c83e75c 
								
							 
						 
						
							
							
								
								add few necessarry const qualifiers for pointers  
							
							
							
						 
						
							2011-04-24 02:38:42 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								1a1f408f20 
								
							 
						 
						
							
							
								
								geli support  
							
							
							
						 
						
							2011-04-24 00:00:29 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								2cb55e6f73 
								
							 
						 
						
							
							
								
								make grub_password_get work in userland  
							
							
							
						 
						
							2011-04-22 21:46:00 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								e745cf0ca6 
								
							 
						 
						
							
							
								
								Implement automatic module license checking according to new GNU  
							
							... 
							
							
							
							guidelines.
	* grub-core/kern/dl.c (grub_dl_check_license): New function.
	(grub_dl_load_core): Use grub_dl_check_license.
	* include/grub/dl.h (GRUB_MOD_SECTION): New macro.
	(GRUB_MOD_LICENSE): Likewise.
	(GRUB_MOD_DUAL_LICENSE): Likewise.
	All modules updated. 
							
						 
						
							2011-04-11 23:01:51 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Vladimir 'phcoder' Serbinenko 
								
							 
						 
						
							
							
							
							
								
							
							
								5aaf2c18bd 
								
							 
						 
						
							
							
								
								Merge mainline into keylayouts  
							
							
							
						 
						
							2010-08-31 14:03:29 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									BVK Chaitanya 
								
							 
						 
						
							
							
							
							
								
							
							
								297f0c2b6e 
								
							 
						 
						
							
							
								
								merge with mainline  
							
							
							
						 
						
							2010-07-13 00:43:28 +05:30 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									BVK Chaitanya 
								
							 
						 
						
							
							
							
							
								
							
							
								8c41176882 
								
							 
						 
						
							
							
								
								automake commit without merge history  
							
							
							
						 
						
							2010-05-06 11:34:04 +05:30