grub/grub-core
Hector Marco-Gisbert 451d80e52d Fix security issue when reading username and password
This patch fixes two integer underflows at:
  * grub-core/lib/crypto.c
  * grub-core/normal/auth.c

CVE-2015-8370

Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
Also-By: Andrey Borzenkov <arvidjaar@gmail.com>
2015-12-16 07:57:18 +03:00
..
boot mips: Make the assembly-code N32-compatible. 2015-10-11 13:20:26 +02:00
bus ohci: fix memory leak 2015-06-20 23:38:19 +03:00
commands Translate UEFI persistent memory type 2015-12-15 10:25:34 +03:00
disk ofdisk: add sas disks to the device list 2015-11-12 09:23:02 -02:00
efiemu fix include loop on MinGW due to libintl.h pulling stdio.h 2014-01-18 21:22:57 +04:00
font Document intentional fallthroughs. 2015-01-27 17:17:58 +01:00
fs cbfs: Fix corner case and compilation with recdent gcc 2015-11-09 03:24:04 +01:00
gdb With Apple assembly in .macro environvemnt you have to use $$ instead 2013-11-24 07:08:18 +01:00
gettext * grub-core/gettext/gettext.c (main_context), (secondary_context): 2013-11-07 01:01:47 +01:00
gfxmenu gfxterm: fix calculation of terminal-top and terminal-height 2015-11-13 21:54:19 +03:00
gnulib update gnulib/argp-help.c to fix garbage in grub-mknetdir --help output 2015-03-05 20:19:47 +03:00
hello * grub-core/commands/gptsync.c: Fix typographic quoting. 2012-03-03 13:05:08 +01:00
hook * grub-core/hook/datehook.c (grub_read_hook_datetime): Small stylistic 2011-11-11 21:03:49 +01:00
io gzio: Optimize by removing division. 2015-02-26 22:10:09 +01:00
kern i386: fix TSC calibration using PIT 2015-12-01 18:49:38 +03:00
lib Fix security issue when reading username and password 2015-12-16 07:57:18 +03:00
loader Replace numbers with grub_memory_type_t enums 2015-11-27 19:52:16 +03:00
mmap Translate UEFI persistent memory type 2015-12-15 10:25:34 +03:00
net tcp: ack when we get an OOO/lost packet 2015-12-07 20:52:27 +03:00
normal Fix security issue when reading username and password 2015-12-16 07:57:18 +03:00
osdep unix: do not close stdin in grub_passwd_get 2015-11-18 22:23:58 +03:00
partmap disk/ldm, partmap/msdos.c: fix spelling error 2015-08-22 21:22:41 +02:00
parttool * grub-core/net/http.c: Add TRANSLATORS comments. 2012-03-05 16:42:26 +01:00
script script/execute.c: fix memory leak. 2015-01-28 20:35:28 +03:00
term efi: fix warnings with recent GCC 2015-10-27 23:30:54 +03:00
tests Remove libgcc dependency. 2015-03-03 20:50:37 +01:00
video jpeg: Optimise by replacing division with shifts. 2015-02-26 21:27:32 +01:00
gdb_grub.in * grub-core/gdb_grub.in: Fix overflow and wrong field. 2013-10-14 03:40:20 +02:00
genemuinit.sh use MODULE_FILES for genemuinit* instead of MOD_FILES 2014-01-18 23:15:40 +04:00
genemuinitheader.sh use MODULE_FILES for genemuinit* instead of MOD_FILES 2014-01-18 23:15:40 +04:00
genmod.sh.in * grub-core/genmod.sh.in: Strip before converting to ELF as strip 2013-12-16 13:18:48 +01:00
genmoddep.awk genmoddep.awk: Add a test that we have no circular dependencies 2015-11-08 20:00:27 +01:00
gensyminfo.sh.in * grub-core/gensyminfo.sh.in: Handle the case of portable output 2013-11-11 23:05:53 +01:00
gensymlist.sh Make 'make check' work on emu. 2013-04-27 02:00:16 +02:00
gentrigtables.c * grub-core/gentrigtables.c: Make tables const. 2013-03-01 11:15:09 +01:00
gmodule.pl.in * grub-core/gmodule.pl.in: Accept newer binutils which output 2014-09-21 18:23:23 +02:00
gnulib-fix-null-deref.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
gnulib-fix-width.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
gnulib-no-abort.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
gnulib-no-gets.diff Import new gnulib. 2013-04-11 21:12:46 +02:00
Makefile.am tsc: Use alternative delay sources whenever appropriate. 2015-11-27 11:39:55 +01:00
Makefile.core.def tsc: Use alternative delay sources whenever appropriate. 2015-11-27 11:39:55 +01:00
modinfo.sh.in modinfo.sh.in: Add missing config variables. 2015-03-27 12:18:25 +01:00