* [dizzy][PATCH] grub2: Fix CVE-2015-8370
@ 2015-12-23 11:20 Awais Belal
[not found] ` <1450877091.3760.4.camel@collabora.co.uk>
2015-12-31 13:38 ` Belal, Awais
0 siblings, 2 replies; 13+ messages in thread
From: Awais Belal @ 2015-12-23 11:20 UTC (permalink / raw)
To: openembedded-core
http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2
Signed-off-by: Awais Belal <awais_belal@mentor.com>
---
...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++
meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 +
meta/recipes-bsp/grub/grub_2.00.bb | 1 +
3 files changed, 54 insertions(+)
create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
new file mode 100644
index 0000000..f9252e9
--- /dev/null
+++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
@@ -0,0 +1,52 @@
+Upstream-Status: Accepted
+Signed-off-by: Awais Belal <awais_belal@mentor.com>
+
+From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001
+From: Hector Marco-Gisbert <hecmargi@upv.es>
+Date: Wed, 16 Dec 2015 04:57:18 +0000
+Subject: Fix security issue when reading username and password
+
+This patch fixes two integer underflows at:
+ * grub-core/lib/crypto.c
+ * grub-core/normal/auth.c
+
+CVE-2015-8370
+
+Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
+Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es>
+Also-By: Andrey Borzenkov <arvidjaar@gmail.com>
+---
+diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
+index 010e550..683a8aa 100644
+--- a/grub-core/lib/crypto.c
++++ b/grub-core/lib/crypto.c
+@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size)
+
+ if (key == '\b')
+ {
+- cur_len--;
++ if (cur_len)
++ cur_len--;
+ continue;
+ }
+
+diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c
+index c6bd96e..8615c48 100644
+--- a/grub-core/normal/auth.c
++++ b/grub-core/normal/auth.c
+@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size)
+
+ if (key == '\b')
+ {
+- cur_len--;
+- grub_printf ("\b");
++ if (cur_len)
++ {
++ cur_len--;
++ grub_printf ("\b");
++ }
+ continue;
+ }
+
+--
+cgit v0.9.0.2
diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb
index 7674255..6822e7a 100644
--- a/meta/recipes-bsp/grub/grub-efi_2.00.bb
+++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb
@@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \
file://grub-2.00-add-oe-kernel.patch \
file://grub-efi-fix-with-glibc-2.20.patch \
file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \
+ file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \
"
SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c"
SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3"
diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb
index d4df676..94b6da9 100644
--- a/meta/recipes-bsp/grub/grub_2.00.bb
+++ b/meta/recipes-bsp/grub/grub_2.00.bb
@@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \
file://fix-endianness-problem.patch \
file://grub2-remove-sparc64-setup-from-x86-builds.patch \
file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \
+ file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \
"
SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c"
--
1.9.1
^ permalink raw reply related [flat|nested] 13+ messages in thread[parent not found: <1450877091.3760.4.camel@collabora.co.uk>]
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 [not found] ` <1450877091.3760.4.camel@collabora.co.uk> @ 2015-12-28 10:40 ` Belal, Awais 2016-01-07 11:06 ` Joshua Lock 0 siblings, 1 reply; 13+ messages in thread From: Belal, Awais @ 2015-12-28 10:40 UTC (permalink / raw) To: Joshua Lock, openembedded-core@lists.openembedded.org Hi Joshua, http://patchwork.openembedded.org/patch/110999/ BR, Awais ________________________________________ From: Joshua Lock [joshua.lock@collabora.co.uk] Sent: Wednesday, December 23, 2015 6:24 PM To: Belal, Awais; openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 Hi Awais, Will you be submitting a similar patch for Fido too? (neither the dizzy nor jethro versions you've already sent apply cleanly). Regards, Joshua On Wed, 2015-12-23 at 16:20 +0500, Awais Belal wrote: > http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432 > e109771bb8febafca7a5f1f2 > > Signed-off-by: Awais Belal <awais_belal@mentor.com> > --- > ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 > ++++++++++++++++++++++ > meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + > meta/recipes-bsp/grub/grub_2.00.bb | 1 + > 3 files changed, 54 insertions(+) > create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015- > 8370-Grub2-user-pass-vulnerability.patch > > diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370- > Grub2-user-pass-vulnerability.patch b/meta/recipes- > bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass- > vulnerability.patch > new file mode 100644 > index 0000000..f9252e9 > --- /dev/null > +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user- > pass-vulnerability.patch > @@ -0,0 +1,52 @@ > +Upstream-Status: Accepted > +Signed-off-by: Awais Belal <awais_belal@mentor.com> > + > +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 > 2001 > +From: Hector Marco-Gisbert <hecmargi@upv.es> > +Date: Wed, 16 Dec 2015 04:57:18 +0000 > +Subject: Fix security issue when reading username and password > + > +This patch fixes two integer underflows at: > + * grub-core/lib/crypto.c > + * grub-core/normal/auth.c > + > +CVE-2015-8370 > + > +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> > +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> > +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> > +--- > +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c > +index 010e550..683a8aa 100644 > +--- a/grub-core/lib/crypto.c > ++++ b/grub-core/lib/crypto.c > +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned > buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > ++ if (cur_len) > ++ cur_len--; > + continue; > + } > + > +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c > +index c6bd96e..8615c48 100644 > +--- a/grub-core/normal/auth.c > ++++ b/grub-core/normal/auth.c > +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned > buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > +- grub_printf ("\b"); > ++ if (cur_len) > ++ { > ++ cur_len--; > ++ grub_printf ("\b"); > ++ } > + continue; > + } > + > +-- > +cgit v0.9.0.2 > diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes- > bsp/grub/grub-efi_2.00.bb > index 7674255..6822e7a 100644 > --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb > +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb > @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.ta > r.gz \ > file://grub-2.00-add-oe-kernel.patch \ > file://grub-efi-fix-with-glibc-2.20.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const- > qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass- > vulnerability.patch \ > " > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > SRC_URI[sha256sum] = > "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" > diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes- > bsp/grub/grub_2.00.bb > index d4df676..94b6da9 100644 > --- a/meta/recipes-bsp/grub/grub_2.00.bb > +++ b/meta/recipes-bsp/grub/grub_2.00.bb > @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.ta > r.gz \ > file://fix-endianness-problem.patch \ > file://grub2-remove-sparc64-setup-from-x86-builds.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const- > qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass- > vulnerability.patch \ > " > > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > -- > 1.9.1 > ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2015-12-28 10:40 ` Belal, Awais @ 2016-01-07 11:06 ` Joshua Lock 0 siblings, 0 replies; 13+ messages in thread From: Joshua Lock @ 2016-01-07 11:06 UTC (permalink / raw) To: Belal, Awais; +Cc: Joshua Lock, openembedded-core@lists.openembedded.org [-- Attachment #1: Type: text/plain, Size: 5936 bytes --] Hi Awais, On 28 December 2015 at 10:40, Belal, Awais <Awais_Belal@mentor.com> wrote: > Hi Joshua, > > http://patchwork.openembedded.org/patch/110999/ > > Unfortunately this doesn't apply on my fido branch: ERROR: Command Error: exit status: 1 Output: Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch patching file grub-core/lib/crypto.c Hunk #1 FAILED at 470. 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c patching file grub-core/normal/auth.c Hunk #1 FAILED at 174. 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does not apply (enforce with -f) ERROR: Function failed: patch_do_patch ERROR: Logfile of failure stored in: /home/joshuagl/Projects/poky-fido/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.23384 ERROR: Task 1 (/home/joshuagl/Projects/poky-fido/meta/recipes-bsp/grub/ grub_2.00.bb, do_patch) failed with exit code '1' Regards, Joshua > BR, > Awais > > ________________________________________ > From: Joshua Lock [joshua.lock@collabora.co.uk] > Sent: Wednesday, December 23, 2015 6:24 PM > To: Belal, Awais; openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > Hi Awais, > > Will you be submitting a similar patch for Fido too? > (neither the dizzy nor jethro versions you've already sent apply > cleanly). > > Regards, > > Joshua > > On Wed, 2015-12-23 at 16:20 +0500, Awais Belal wrote: > > http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432 > > e109771bb8febafca7a5f1f2 > > > > Signed-off-by: Awais Belal <awais_belal@mentor.com> > > --- > > ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 > > ++++++++++++++++++++++ > > meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + > > meta/recipes-bsp/grub/grub_2.00.bb | 1 + > > 3 files changed, 54 insertions(+) > > create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015- > > 8370-Grub2-user-pass-vulnerability.patch > > > > diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370- > > Grub2-user-pass-vulnerability.patch b/meta/recipes- > > bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass- > > vulnerability.patch > > new file mode 100644 > > index 0000000..f9252e9 > > --- /dev/null > > +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user- > > pass-vulnerability.patch > > @@ -0,0 +1,52 @@ > > +Upstream-Status: Accepted > > +Signed-off-by: Awais Belal <awais_belal@mentor.com> > > + > > +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 > > 2001 > > +From: Hector Marco-Gisbert <hecmargi@upv.es> > > +Date: Wed, 16 Dec 2015 04:57:18 +0000 > > +Subject: Fix security issue when reading username and password > > + > > +This patch fixes two integer underflows at: > > + * grub-core/lib/crypto.c > > + * grub-core/normal/auth.c > > + > > +CVE-2015-8370 > > + > > +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> > > +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> > > +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> > > +--- > > +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c > > +index 010e550..683a8aa 100644 > > +--- a/grub-core/lib/crypto.c > > ++++ b/grub-core/lib/crypto.c > > +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned > > buf_size) > > + > > + if (key == '\b') > > + { > > +- cur_len--; > > ++ if (cur_len) > > ++ cur_len--; > > + continue; > > + } > > + > > +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c > > +index c6bd96e..8615c48 100644 > > +--- a/grub-core/normal/auth.c > > ++++ b/grub-core/normal/auth.c > > +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned > > buf_size) > > + > > + if (key == '\b') > > + { > > +- cur_len--; > > +- grub_printf ("\b"); > > ++ if (cur_len) > > ++ { > > ++ cur_len--; > > ++ grub_printf ("\b"); > > ++ } > > + continue; > > + } > > + > > +-- > > +cgit v0.9.0.2 > > diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes- > > bsp/grub/grub-efi_2.00.bb > > index 7674255..6822e7a 100644 > > --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb > > +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb > > @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.ta > > r.gz \ > > file://grub-2.00-add-oe-kernel.patch \ > > file://grub-efi-fix-with-glibc-2.20.patch \ > > file://0001-parse_dhcp_vendor-Add-missing-const- > > qualifiers.patch \ > > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass- > > vulnerability.patch \ > > " > > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > > SRC_URI[sha256sum] = > > "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" > > diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes- > > bsp/grub/grub_2.00.bb > > index d4df676..94b6da9 100644 > > --- a/meta/recipes-bsp/grub/grub_2.00.bb > > +++ b/meta/recipes-bsp/grub/grub_2.00.bb > > @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.ta > > r.gz \ > > file://fix-endianness-problem.patch \ > > file://grub2-remove-sparc64-setup-from-x86-builds.patch \ > > file://0001-parse_dhcp_vendor-Add-missing-const- > > qualifiers.patch \ > > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass- > > vulnerability.patch \ > > " > > > > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > > -- > > 1.9.1 > > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > [-- Attachment #2: Type: text/html, Size: 9195 bytes --] ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2015-12-23 11:20 [dizzy][PATCH] grub2: Fix CVE-2015-8370 Awais Belal [not found] ` <1450877091.3760.4.camel@collabora.co.uk> @ 2015-12-31 13:38 ` Belal, Awais 2016-01-04 2:13 ` akuster808 1 sibling, 1 reply; 13+ messages in thread From: Belal, Awais @ 2015-12-31 13:38 UTC (permalink / raw) To: openembedded-core@lists.openembedded.org Ping! BR, Awais ________________________________________ From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais Sent: Wednesday, December 23, 2015 4:20 PM To: openembedded-core@lists.openembedded.org Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 Signed-off-by: Awais Belal <awais_belal@mentor.com> --- ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + meta/recipes-bsp/grub/grub_2.00.bb | 1 + 3 files changed, 54 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch new file mode 100644 index 0000000..f9252e9 --- /dev/null +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch @@ -0,0 +1,52 @@ +Upstream-Status: Accepted +Signed-off-by: Awais Belal <awais_belal@mentor.com> + +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 +From: Hector Marco-Gisbert <hecmargi@upv.es> +Date: Wed, 16 Dec 2015 04:57:18 +0000 +Subject: Fix security issue when reading username and password + +This patch fixes two integer underflows at: + * grub-core/lib/crypto.c + * grub-core/normal/auth.c + +CVE-2015-8370 + +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> +--- +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c +index 010e550..683a8aa 100644 +--- a/grub-core/lib/crypto.c ++++ b/grub-core/lib/crypto.c +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) + + if (key == '\b') + { +- cur_len--; ++ if (cur_len) ++ cur_len--; + continue; + } + +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c +index c6bd96e..8615c48 100644 +--- a/grub-core/normal/auth.c ++++ b/grub-core/normal/auth.c +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) + + if (key == '\b') + { +- cur_len--; +- grub_printf ("\b"); ++ if (cur_len) ++ { ++ cur_len--; ++ grub_printf ("\b"); ++ } + continue; + } + +-- +cgit v0.9.0.2 diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb index 7674255..6822e7a 100644 --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ file://grub-2.00-add-oe-kernel.patch \ file://grub-efi-fix-with-glibc-2.20.patch \ file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ " SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb index d4df676..94b6da9 100644 --- a/meta/recipes-bsp/grub/grub_2.00.bb +++ b/meta/recipes-bsp/grub/grub_2.00.bb @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ file://fix-endianness-problem.patch \ file://grub2-remove-sparc64-setup-from-x86-builds.patch \ file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ " SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" -- 1.9.1 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core ^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2015-12-31 13:38 ` Belal, Awais @ 2016-01-04 2:13 ` akuster808 2016-01-04 7:53 ` Belal, Awais 0 siblings, 1 reply; 13+ messages in thread From: akuster808 @ 2016-01-04 2:13 UTC (permalink / raw) To: Awais_Belal; +Cc: openembedded-core On 12/31/15 5:38 AM, Belal, Awais wrote: Awais, > Ping! This patch does not apply to the current dizzy branch. is there a dependency patch I missed to apply? regards, Armin > > BR, > Awais > > ________________________________________ > From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais > Sent: Wednesday, December 23, 2015 4:20 PM > To: openembedded-core@lists.openembedded.org > Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 > > Signed-off-by: Awais Belal <awais_belal@mentor.com> > --- > ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ > meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + > meta/recipes-bsp/grub/grub_2.00.bb | 1 + > 3 files changed, 54 insertions(+) > create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > > diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > new file mode 100644 > index 0000000..f9252e9 > --- /dev/null > +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > @@ -0,0 +1,52 @@ > +Upstream-Status: Accepted > +Signed-off-by: Awais Belal <awais_belal@mentor.com> > + > +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 > +From: Hector Marco-Gisbert <hecmargi@upv.es> > +Date: Wed, 16 Dec 2015 04:57:18 +0000 > +Subject: Fix security issue when reading username and password > + > +This patch fixes two integer underflows at: > + * grub-core/lib/crypto.c > + * grub-core/normal/auth.c > + > +CVE-2015-8370 > + > +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> > +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> > +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> > +--- > +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c > +index 010e550..683a8aa 100644 > +--- a/grub-core/lib/crypto.c > ++++ b/grub-core/lib/crypto.c > +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > ++ if (cur_len) > ++ cur_len--; > + continue; > + } > + > +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c > +index c6bd96e..8615c48 100644 > +--- a/grub-core/normal/auth.c > ++++ b/grub-core/normal/auth.c > +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > +- grub_printf ("\b"); > ++ if (cur_len) > ++ { > ++ cur_len--; > ++ grub_printf ("\b"); > ++ } > + continue; > + } > + > +-- > +cgit v0.9.0.2 > diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb > index 7674255..6822e7a 100644 > --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb > +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb > @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > file://grub-2.00-add-oe-kernel.patch \ > file://grub-efi-fix-with-glibc-2.20.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > " > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" > diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb > index d4df676..94b6da9 100644 > --- a/meta/recipes-bsp/grub/grub_2.00.bb > +++ b/meta/recipes-bsp/grub/grub_2.00.bb > @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > file://fix-endianness-problem.patch \ > file://grub2-remove-sparc64-setup-from-x86-builds.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > " > > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > -- > 1.9.1 > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-04 2:13 ` akuster808 @ 2016-01-04 7:53 ` Belal, Awais 2016-01-06 9:43 ` Belal, Awais 0 siblings, 1 reply; 13+ messages in thread From: Belal, Awais @ 2016-01-04 7:53 UTC (permalink / raw) To: akuster808; +Cc: openembedded-core@lists.openembedded.org Hi Armin, Odd, applies cleanly on dizzy for me. Can you please share the patch log? On a scratch build dir, I get the following: -------------------------------------------------------------- awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub Parsing recipes: 100% |#############################################################| Time: 00:00:36 Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. NOTE: Resolving any missing task queue dependencies Build Configuration: BB_VERSION = "1.24.0" BUILD_SYS = "x86_64-linux" NATIVELSBSTRING = "Ubuntu-14.04" TARGET_SYS = "x86_64-poky-linux" MACHINE = "amdfalconx86" DISTRO = "poky" DISTRO_VERSION = "1.7.3" TUNE_FEATURES = "dbfp4" TARGET_FPU = "" meta meta-yocto meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" common meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" meta-oe meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" NOTE: Preparing runqueue NOTE: Executing SetScene Tasks NOTE: Executing RunQueue Tasks NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. awais@alpha:~/yocto/build-dizzy$ -------------------------------------------------------------- BR, Awais ________________________________________ From: akuster808 [akuster808@gmail.com] Sent: Monday, January 04, 2016 7:13 AM To: Belal, Awais Cc: openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 On 12/31/15 5:38 AM, Belal, Awais wrote: Awais, > Ping! This patch does not apply to the current dizzy branch. is there a dependency patch I missed to apply? regards, Armin > > BR, > Awais > > ________________________________________ > From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais > Sent: Wednesday, December 23, 2015 4:20 PM > To: openembedded-core@lists.openembedded.org > Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 > > Signed-off-by: Awais Belal <awais_belal@mentor.com> > --- > ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ > meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + > meta/recipes-bsp/grub/grub_2.00.bb | 1 + > 3 files changed, 54 insertions(+) > create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > > diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > new file mode 100644 > index 0000000..f9252e9 > --- /dev/null > +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > @@ -0,0 +1,52 @@ > +Upstream-Status: Accepted > +Signed-off-by: Awais Belal <awais_belal@mentor.com> > + > +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 > +From: Hector Marco-Gisbert <hecmargi@upv.es> > +Date: Wed, 16 Dec 2015 04:57:18 +0000 > +Subject: Fix security issue when reading username and password > + > +This patch fixes two integer underflows at: > + * grub-core/lib/crypto.c > + * grub-core/normal/auth.c > + > +CVE-2015-8370 > + > +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> > +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> > +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> > +--- > +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c > +index 010e550..683a8aa 100644 > +--- a/grub-core/lib/crypto.c > ++++ b/grub-core/lib/crypto.c > +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > ++ if (cur_len) > ++ cur_len--; > + continue; > + } > + > +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c > +index c6bd96e..8615c48 100644 > +--- a/grub-core/normal/auth.c > ++++ b/grub-core/normal/auth.c > +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > +- grub_printf ("\b"); > ++ if (cur_len) > ++ { > ++ cur_len--; > ++ grub_printf ("\b"); > ++ } > + continue; > + } > + > +-- > +cgit v0.9.0.2 > diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb > index 7674255..6822e7a 100644 > --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb > +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb > @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > file://grub-2.00-add-oe-kernel.patch \ > file://grub-efi-fix-with-glibc-2.20.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > " > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" > diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb > index d4df676..94b6da9 100644 > --- a/meta/recipes-bsp/grub/grub_2.00.bb > +++ b/meta/recipes-bsp/grub/grub_2.00.bb > @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > file://fix-endianness-problem.patch \ > file://grub2-remove-sparc64-setup-from-x86-builds.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > " > > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > -- > 1.9.1 > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-04 7:53 ` Belal, Awais @ 2016-01-06 9:43 ` Belal, Awais 2016-01-06 17:15 ` akuster808 0 siblings, 1 reply; 13+ messages in thread From: Belal, Awais @ 2016-01-06 9:43 UTC (permalink / raw) To: akuster808; +Cc: openembedded-core@lists.openembedded.org Ping! BR, Awais ________________________________________ From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais Sent: Monday, January 04, 2016 12:53 PM To: akuster808 Cc: openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 Hi Armin, Odd, applies cleanly on dizzy for me. Can you please share the patch log? On a scratch build dir, I get the following: -------------------------------------------------------------- awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub Parsing recipes: 100% |#############################################################| Time: 00:00:36 Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. NOTE: Resolving any missing task queue dependencies Build Configuration: BB_VERSION = "1.24.0" BUILD_SYS = "x86_64-linux" NATIVELSBSTRING = "Ubuntu-14.04" TARGET_SYS = "x86_64-poky-linux" MACHINE = "amdfalconx86" DISTRO = "poky" DISTRO_VERSION = "1.7.3" TUNE_FEATURES = "dbfp4" TARGET_FPU = "" meta meta-yocto meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" common meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" meta-oe meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" NOTE: Preparing runqueue NOTE: Executing SetScene Tasks NOTE: Executing RunQueue Tasks NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. awais@alpha:~/yocto/build-dizzy$ -------------------------------------------------------------- BR, Awais ________________________________________ From: akuster808 [akuster808@gmail.com] Sent: Monday, January 04, 2016 7:13 AM To: Belal, Awais Cc: openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 On 12/31/15 5:38 AM, Belal, Awais wrote: Awais, > Ping! This patch does not apply to the current dizzy branch. is there a dependency patch I missed to apply? regards, Armin > > BR, > Awais > > ________________________________________ > From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais > Sent: Wednesday, December 23, 2015 4:20 PM > To: openembedded-core@lists.openembedded.org > Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 > > Signed-off-by: Awais Belal <awais_belal@mentor.com> > --- > ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ > meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + > meta/recipes-bsp/grub/grub_2.00.bb | 1 + > 3 files changed, 54 insertions(+) > create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > > diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > new file mode 100644 > index 0000000..f9252e9 > --- /dev/null > +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > @@ -0,0 +1,52 @@ > +Upstream-Status: Accepted > +Signed-off-by: Awais Belal <awais_belal@mentor.com> > + > +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 > +From: Hector Marco-Gisbert <hecmargi@upv.es> > +Date: Wed, 16 Dec 2015 04:57:18 +0000 > +Subject: Fix security issue when reading username and password > + > +This patch fixes two integer underflows at: > + * grub-core/lib/crypto.c > + * grub-core/normal/auth.c > + > +CVE-2015-8370 > + > +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> > +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> > +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> > +--- > +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c > +index 010e550..683a8aa 100644 > +--- a/grub-core/lib/crypto.c > ++++ b/grub-core/lib/crypto.c > +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > ++ if (cur_len) > ++ cur_len--; > + continue; > + } > + > +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c > +index c6bd96e..8615c48 100644 > +--- a/grub-core/normal/auth.c > ++++ b/grub-core/normal/auth.c > +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) > + > + if (key == '\b') > + { > +- cur_len--; > +- grub_printf ("\b"); > ++ if (cur_len) > ++ { > ++ cur_len--; > ++ grub_printf ("\b"); > ++ } > + continue; > + } > + > +-- > +cgit v0.9.0.2 > diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb > index 7674255..6822e7a 100644 > --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb > +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb > @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > file://grub-2.00-add-oe-kernel.patch \ > file://grub-efi-fix-with-glibc-2.20.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > " > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" > diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb > index d4df676..94b6da9 100644 > --- a/meta/recipes-bsp/grub/grub_2.00.bb > +++ b/meta/recipes-bsp/grub/grub_2.00.bb > @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > file://fix-endianness-problem.patch \ > file://grub2-remove-sparc64-setup-from-x86-builds.patch \ > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > " > > SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > -- > 1.9.1 > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-06 9:43 ` Belal, Awais @ 2016-01-06 17:15 ` akuster808 2016-01-07 9:56 ` Belal, Awais 0 siblings, 1 reply; 13+ messages in thread From: akuster808 @ 2016-01-06 17:15 UTC (permalink / raw) To: Belal, Awais; +Cc: openembedded-core@lists.openembedded.org Awais, this is what I am seeing. NOTE: Executing RunQueue Tasks ERROR: Command Error: exit status: 1 Output: Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch patching file grub-core/lib/crypto.c Hunk #1 FAILED at 470. 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c patching file grub-core/normal/auth.c Hunk #1 FAILED at 174. 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does not apply (enforce with -f) ERROR: Function failed: patch_do_patch ERROR: Logfile of failure stored in: /home/akuster/oss/maint/mylayers/poky/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.3029 ERROR: Task 1 (/home/akuster/oss/maint/mylayers/poky/meta/recipes-bsp/grub/grub_2.00.bb, do_patch) failed with exit code '1' I am using my contrib akuster/dizzy-next. I will hand fixup the changes. please give me a few days. - armin On 01/06/2016 01:43 AM, Belal, Awais wrote: > Ping! > > BR, > Awais > > ________________________________________ > From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais > Sent: Monday, January 04, 2016 12:53 PM > To: akuster808 > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > Hi Armin, > > Odd, applies cleanly on dizzy for me. Can you please share the patch log? > > On a scratch build dir, I get the following: > -------------------------------------------------------------- > awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub > Parsing recipes: 100% |#############################################################| Time: 00:00:36 > Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. > NOTE: Resolving any missing task queue dependencies > > Build Configuration: > BB_VERSION = "1.24.0" > BUILD_SYS = "x86_64-linux" > NATIVELSBSTRING = "Ubuntu-14.04" > TARGET_SYS = "x86_64-poky-linux" > MACHINE = "amdfalconx86" > DISTRO = "poky" > DISTRO_VERSION = "1.7.3" > TUNE_FEATURES = "dbfp4" > TARGET_FPU = "" > meta > meta-yocto > meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" > common > meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" > meta-oe > meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" > > NOTE: Preparing runqueue > NOTE: Executing SetScene Tasks > NOTE: Executing RunQueue Tasks > NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. > awais@alpha:~/yocto/build-dizzy$ > -------------------------------------------------------------- > > BR, > Awais > > ________________________________________ > From: akuster808 [akuster808@gmail.com] > Sent: Monday, January 04, 2016 7:13 AM > To: Belal, Awais > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > On 12/31/15 5:38 AM, Belal, Awais wrote: > Awais, > >> Ping! > This patch does not apply to the current dizzy branch. > > is there a dependency patch I missed to apply? > > regards, > Armin >> >> BR, >> Awais >> >> ________________________________________ >> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais >> Sent: Wednesday, December 23, 2015 4:20 PM >> To: openembedded-core@lists.openembedded.org >> Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 >> >> Signed-off-by: Awais Belal <awais_belal@mentor.com> >> --- >> ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ >> meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + >> meta/recipes-bsp/grub/grub_2.00.bb | 1 + >> 3 files changed, 54 insertions(+) >> create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >> >> diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >> new file mode 100644 >> index 0000000..f9252e9 >> --- /dev/null >> +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >> @@ -0,0 +1,52 @@ >> +Upstream-Status: Accepted >> +Signed-off-by: Awais Belal <awais_belal@mentor.com> >> + >> +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 >> +From: Hector Marco-Gisbert <hecmargi@upv.es> >> +Date: Wed, 16 Dec 2015 04:57:18 +0000 >> +Subject: Fix security issue when reading username and password >> + >> +This patch fixes two integer underflows at: >> + * grub-core/lib/crypto.c >> + * grub-core/normal/auth.c >> + >> +CVE-2015-8370 >> + >> +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> >> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> >> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> >> +--- >> +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c >> +index 010e550..683a8aa 100644 >> +--- a/grub-core/lib/crypto.c >> ++++ b/grub-core/lib/crypto.c >> +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) >> + >> + if (key == '\b') >> + { >> +- cur_len--; >> ++ if (cur_len) >> ++ cur_len--; >> + continue; >> + } >> + >> +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c >> +index c6bd96e..8615c48 100644 >> +--- a/grub-core/normal/auth.c >> ++++ b/grub-core/normal/auth.c >> +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) >> + >> + if (key == '\b') >> + { >> +- cur_len--; >> +- grub_printf ("\b"); >> ++ if (cur_len) >> ++ { >> ++ cur_len--; >> ++ grub_printf ("\b"); >> ++ } >> + continue; >> + } >> + >> +-- >> +cgit v0.9.0.2 >> diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb >> index 7674255..6822e7a 100644 >> --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb >> +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb >> @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >> file://grub-2.00-add-oe-kernel.patch \ >> file://grub-efi-fix-with-glibc-2.20.patch \ >> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >> " >> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >> SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" >> diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb >> index d4df676..94b6da9 100644 >> --- a/meta/recipes-bsp/grub/grub_2.00.bb >> +++ b/meta/recipes-bsp/grub/grub_2.00.bb >> @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >> file://fix-endianness-problem.patch \ >> file://grub2-remove-sparc64-setup-from-x86-builds.patch \ >> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >> " >> >> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >> -- >> 1.9.1 >> >> -- >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org >> http://lists.openembedded.org/mailman/listinfo/openembedded-core > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-06 17:15 ` akuster808 @ 2016-01-07 9:56 ` Belal, Awais 2016-01-08 2:32 ` akuster808 0 siblings, 1 reply; 13+ messages in thread From: Belal, Awais @ 2016-01-07 9:56 UTC (permalink / raw) To: akuster808; +Cc: openembedded-core@lists.openembedded.org Hi Armin, With dizzy-next from your fork awais@alpha:~/yocto/build-dizzy-akuster$ bitbake -c patch grub Parsing recipes: 100% |##############################################################| Time: 00:00:46 Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. NOTE: Resolving any missing task queue dependencies Build Configuration: BB_VERSION = "1.24.0" BUILD_SYS = "x86_64-linux" NATIVELSBSTRING = "Ubuntu-14.04" TARGET_SYS = "x86_64-poky-linux" MACHINE = "amdfalconx86" DISTRO = "poky" DISTRO_VERSION = "1.7.3" TUNE_FEATURES = "dbfp4" TARGET_FPU = "" meta meta-yocto meta-yocto-bsp = "akuster/dizzy-next:4807ff0ca0abf085e6b81257534a4a62fde88d16" common meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" meta-oe meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" NOTE: Preparing runqueue NOTE: Executing SetScene Tasks NOTE: Executing RunQueue Tasks NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. awais@alpha:~/yocto/build-dizzy-akuster$ ls tmp/work/dbfp4-poky-linux/grub/2.00-r1/ 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch 0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch check-if-liblzma-is-disabled.patch fix-endianness-problem.patch fix-issue-with-flex-2.5.37.patch grub-2.00 grub-2.00-add-oe-kernel.patch grub-2.00-fpmath-sse-387-fix.patch grub2-remove-sparc64-setup-from-x86-builds.patch grub-install.in.patch remove-gets.patch temp awais@alpha:~/yocto/build-dizzy-akuster$ Pretty odd what's happening :) BR, Awais ________________________________________ From: akuster808 [akuster808@gmail.com] Sent: Wednesday, January 06, 2016 10:15 PM To: Belal, Awais Cc: openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 Awais, this is what I am seeing. NOTE: Executing RunQueue Tasks ERROR: Command Error: exit status: 1 Output: Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch patching file grub-core/lib/crypto.c Hunk #1 FAILED at 470. 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c patching file grub-core/normal/auth.c Hunk #1 FAILED at 174. 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does not apply (enforce with -f) ERROR: Function failed: patch_do_patch ERROR: Logfile of failure stored in: /home/akuster/oss/maint/mylayers/poky/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.3029 ERROR: Task 1 (/home/akuster/oss/maint/mylayers/poky/meta/recipes-bsp/grub/grub_2.00.bb, do_patch) failed with exit code '1' I am using my contrib akuster/dizzy-next. I will hand fixup the changes. please give me a few days. - armin On 01/06/2016 01:43 AM, Belal, Awais wrote: > Ping! > > BR, > Awais > > ________________________________________ > From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais > Sent: Monday, January 04, 2016 12:53 PM > To: akuster808 > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > Hi Armin, > > Odd, applies cleanly on dizzy for me. Can you please share the patch log? > > On a scratch build dir, I get the following: > -------------------------------------------------------------- > awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub > Parsing recipes: 100% |#############################################################| Time: 00:00:36 > Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. > NOTE: Resolving any missing task queue dependencies > > Build Configuration: > BB_VERSION = "1.24.0" > BUILD_SYS = "x86_64-linux" > NATIVELSBSTRING = "Ubuntu-14.04" > TARGET_SYS = "x86_64-poky-linux" > MACHINE = "amdfalconx86" > DISTRO = "poky" > DISTRO_VERSION = "1.7.3" > TUNE_FEATURES = "dbfp4" > TARGET_FPU = "" > meta > meta-yocto > meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" > common > meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" > meta-oe > meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" > > NOTE: Preparing runqueue > NOTE: Executing SetScene Tasks > NOTE: Executing RunQueue Tasks > NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. > awais@alpha:~/yocto/build-dizzy$ > -------------------------------------------------------------- > > BR, > Awais > > ________________________________________ > From: akuster808 [akuster808@gmail.com] > Sent: Monday, January 04, 2016 7:13 AM > To: Belal, Awais > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > On 12/31/15 5:38 AM, Belal, Awais wrote: > Awais, > >> Ping! > This patch does not apply to the current dizzy branch. > > is there a dependency patch I missed to apply? > > regards, > Armin >> >> BR, >> Awais >> >> ________________________________________ >> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais >> Sent: Wednesday, December 23, 2015 4:20 PM >> To: openembedded-core@lists.openembedded.org >> Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 >> >> Signed-off-by: Awais Belal <awais_belal@mentor.com> >> --- >> ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ >> meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + >> meta/recipes-bsp/grub/grub_2.00.bb | 1 + >> 3 files changed, 54 insertions(+) >> create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >> >> diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >> new file mode 100644 >> index 0000000..f9252e9 >> --- /dev/null >> +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >> @@ -0,0 +1,52 @@ >> +Upstream-Status: Accepted >> +Signed-off-by: Awais Belal <awais_belal@mentor.com> >> + >> +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 >> +From: Hector Marco-Gisbert <hecmargi@upv.es> >> +Date: Wed, 16 Dec 2015 04:57:18 +0000 >> +Subject: Fix security issue when reading username and password >> + >> +This patch fixes two integer underflows at: >> + * grub-core/lib/crypto.c >> + * grub-core/normal/auth.c >> + >> +CVE-2015-8370 >> + >> +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> >> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> >> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> >> +--- >> +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c >> +index 010e550..683a8aa 100644 >> +--- a/grub-core/lib/crypto.c >> ++++ b/grub-core/lib/crypto.c >> +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) >> + >> + if (key == '\b') >> + { >> +- cur_len--; >> ++ if (cur_len) >> ++ cur_len--; >> + continue; >> + } >> + >> +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c >> +index c6bd96e..8615c48 100644 >> +--- a/grub-core/normal/auth.c >> ++++ b/grub-core/normal/auth.c >> +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) >> + >> + if (key == '\b') >> + { >> +- cur_len--; >> +- grub_printf ("\b"); >> ++ if (cur_len) >> ++ { >> ++ cur_len--; >> ++ grub_printf ("\b"); >> ++ } >> + continue; >> + } >> + >> +-- >> +cgit v0.9.0.2 >> diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb >> index 7674255..6822e7a 100644 >> --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb >> +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb >> @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >> file://grub-2.00-add-oe-kernel.patch \ >> file://grub-efi-fix-with-glibc-2.20.patch \ >> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >> " >> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >> SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" >> diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb >> index d4df676..94b6da9 100644 >> --- a/meta/recipes-bsp/grub/grub_2.00.bb >> +++ b/meta/recipes-bsp/grub/grub_2.00.bb >> @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >> file://fix-endianness-problem.patch \ >> file://grub2-remove-sparc64-setup-from-x86-builds.patch \ >> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >> " >> >> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >> -- >> 1.9.1 >> >> -- >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org >> http://lists.openembedded.org/mailman/listinfo/openembedded-core > > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-07 9:56 ` Belal, Awais @ 2016-01-08 2:32 ` akuster808 2016-01-08 10:45 ` Belal, Awais 0 siblings, 1 reply; 13+ messages in thread From: akuster808 @ 2016-01-08 2:32 UTC (permalink / raw) To: Belal, Awais; +Cc: openembedded-core@lists.openembedded.org Awais, hand applied. merged and pushed to git.yoctoproject.org/poky-contrib.git akuster/dizzy-next thanks, Armin On 01/07/2016 01:56 AM, Belal, Awais wrote: > Hi Armin, > > With dizzy-next from your fork > > awais@alpha:~/yocto/build-dizzy-akuster$ bitbake -c patch grub > Parsing recipes: 100% |##############################################################| Time: 00:00:46 > Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. > NOTE: Resolving any missing task queue dependencies > > Build Configuration: > BB_VERSION = "1.24.0" > BUILD_SYS = "x86_64-linux" > NATIVELSBSTRING = "Ubuntu-14.04" > TARGET_SYS = "x86_64-poky-linux" > MACHINE = "amdfalconx86" > DISTRO = "poky" > DISTRO_VERSION = "1.7.3" > TUNE_FEATURES = "dbfp4" > TARGET_FPU = "" > meta > meta-yocto > meta-yocto-bsp = "akuster/dizzy-next:4807ff0ca0abf085e6b81257534a4a62fde88d16" > common > meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" > meta-oe > meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" > > NOTE: Preparing runqueue > NOTE: Executing SetScene Tasks > NOTE: Executing RunQueue Tasks > NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. > awais@alpha:~/yocto/build-dizzy-akuster$ ls tmp/work/dbfp4-poky-linux/grub/2.00-r1/ > 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > 0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch > check-if-liblzma-is-disabled.patch > fix-endianness-problem.patch > fix-issue-with-flex-2.5.37.patch > grub-2.00 > grub-2.00-add-oe-kernel.patch > grub-2.00-fpmath-sse-387-fix.patch > grub2-remove-sparc64-setup-from-x86-builds.patch > grub-install.in.patch > remove-gets.patch > temp > awais@alpha:~/yocto/build-dizzy-akuster$ > > Pretty odd what's happening :) > > BR, > Awais > > ________________________________________ > From: akuster808 [akuster808@gmail.com] > Sent: Wednesday, January 06, 2016 10:15 PM > To: Belal, Awais > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > Awais, > > this is what I am seeing. > > NOTE: Executing RunQueue Tasks > ERROR: Command Error: exit status: 1 Output: > Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > patching file grub-core/lib/crypto.c > Hunk #1 FAILED at 470. > 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c > patching file grub-core/normal/auth.c > Hunk #1 FAILED at 174. > 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c > Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does > not apply (enforce with -f) > ERROR: Function failed: patch_do_patch > ERROR: Logfile of failure stored in: > /home/akuster/oss/maint/mylayers/poky/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.3029 > ERROR: Task 1 > (/home/akuster/oss/maint/mylayers/poky/meta/recipes-bsp/grub/grub_2.00.bb, > do_patch) failed with exit code '1' > > > I am using my contrib akuster/dizzy-next. > > I will hand fixup the changes. please give me a few days. > > - armin > > > On 01/06/2016 01:43 AM, Belal, Awais wrote: >> Ping! >> >> BR, >> Awais >> >> ________________________________________ >> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais >> Sent: Monday, January 04, 2016 12:53 PM >> To: akuster808 >> Cc: openembedded-core@lists.openembedded.org >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> Hi Armin, >> >> Odd, applies cleanly on dizzy for me. Can you please share the patch log? >> >> On a scratch build dir, I get the following: >> -------------------------------------------------------------- >> awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub >> Parsing recipes: 100% |#############################################################| Time: 00:00:36 >> Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. >> NOTE: Resolving any missing task queue dependencies >> >> Build Configuration: >> BB_VERSION = "1.24.0" >> BUILD_SYS = "x86_64-linux" >> NATIVELSBSTRING = "Ubuntu-14.04" >> TARGET_SYS = "x86_64-poky-linux" >> MACHINE = "amdfalconx86" >> DISTRO = "poky" >> DISTRO_VERSION = "1.7.3" >> TUNE_FEATURES = "dbfp4" >> TARGET_FPU = "" >> meta >> meta-yocto >> meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" >> common >> meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" >> meta-oe >> meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" >> >> NOTE: Preparing runqueue >> NOTE: Executing SetScene Tasks >> NOTE: Executing RunQueue Tasks >> NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. >> awais@alpha:~/yocto/build-dizzy$ >> -------------------------------------------------------------- >> >> BR, >> Awais >> >> ________________________________________ >> From: akuster808 [akuster808@gmail.com] >> Sent: Monday, January 04, 2016 7:13 AM >> To: Belal, Awais >> Cc: openembedded-core@lists.openembedded.org >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> On 12/31/15 5:38 AM, Belal, Awais wrote: >> Awais, >> >>> Ping! >> This patch does not apply to the current dizzy branch. >> >> is there a dependency patch I missed to apply? >> >> regards, >> Armin >>> >>> BR, >>> Awais >>> >>> ________________________________________ >>> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais >>> Sent: Wednesday, December 23, 2015 4:20 PM >>> To: openembedded-core@lists.openembedded.org >>> Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >>> >>> http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 >>> >>> Signed-off-by: Awais Belal <awais_belal@mentor.com> >>> --- >>> ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ >>> meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + >>> meta/recipes-bsp/grub/grub_2.00.bb | 1 + >>> 3 files changed, 54 insertions(+) >>> create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> >>> diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> new file mode 100644 >>> index 0000000..f9252e9 >>> --- /dev/null >>> +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> @@ -0,0 +1,52 @@ >>> +Upstream-Status: Accepted >>> +Signed-off-by: Awais Belal <awais_belal@mentor.com> >>> + >>> +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 >>> +From: Hector Marco-Gisbert <hecmargi@upv.es> >>> +Date: Wed, 16 Dec 2015 04:57:18 +0000 >>> +Subject: Fix security issue when reading username and password >>> + >>> +This patch fixes two integer underflows at: >>> + * grub-core/lib/crypto.c >>> + * grub-core/normal/auth.c >>> + >>> +CVE-2015-8370 >>> + >>> +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> >>> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> >>> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> >>> +--- >>> +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c >>> +index 010e550..683a8aa 100644 >>> +--- a/grub-core/lib/crypto.c >>> ++++ b/grub-core/lib/crypto.c >>> +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) >>> + >>> + if (key == '\b') >>> + { >>> +- cur_len--; >>> ++ if (cur_len) >>> ++ cur_len--; >>> + continue; >>> + } >>> + >>> +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c >>> +index c6bd96e..8615c48 100644 >>> +--- a/grub-core/normal/auth.c >>> ++++ b/grub-core/normal/auth.c >>> +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) >>> + >>> + if (key == '\b') >>> + { >>> +- cur_len--; >>> +- grub_printf ("\b"); >>> ++ if (cur_len) >>> ++ { >>> ++ cur_len--; >>> ++ grub_printf ("\b"); >>> ++ } >>> + continue; >>> + } >>> + >>> +-- >>> +cgit v0.9.0.2 >>> diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb >>> index 7674255..6822e7a 100644 >>> --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb >>> +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb >>> @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >>> file://grub-2.00-add-oe-kernel.patch \ >>> file://grub-efi-fix-with-glibc-2.20.patch \ >>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >>> " >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >>> SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" >>> diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb >>> index d4df676..94b6da9 100644 >>> --- a/meta/recipes-bsp/grub/grub_2.00.bb >>> +++ b/meta/recipes-bsp/grub/grub_2.00.bb >>> @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >>> file://fix-endianness-problem.patch \ >>> file://grub2-remove-sparc64-setup-from-x86-builds.patch \ >>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >>> " >>> >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >>> -- >>> 1.9.1 >>> >>> -- >>> _______________________________________________ >>> Openembedded-core mailing list >>> Openembedded-core@lists.openembedded.org >>> http://lists.openembedded.org/mailman/listinfo/openembedded-core >> >> -- >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org >> http://lists.openembedded.org/mailman/listinfo/openembedded-core >> ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-08 2:32 ` akuster808 @ 2016-01-08 10:45 ` Belal, Awais 2016-01-11 11:14 ` Joshua Lock 0 siblings, 1 reply; 13+ messages in thread From: Belal, Awais @ 2016-01-08 10:45 UTC (permalink / raw) To: akuster808; +Cc: openembedded-core@lists.openembedded.org Hi Armin, Thanks a lot. Can you please share the diff? I am just asking because Joshua is seeing the same sort of issue with the fido branch while my local setup does not complain there either. BR, Awais ________________________________________ From: akuster808 [akuster808@gmail.com] Sent: Friday, January 08, 2016 7:32 AM To: Belal, Awais Cc: openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 Awais, hand applied. merged and pushed to git.yoctoproject.org/poky-contrib.git akuster/dizzy-next thanks, Armin On 01/07/2016 01:56 AM, Belal, Awais wrote: > Hi Armin, > > With dizzy-next from your fork > > awais@alpha:~/yocto/build-dizzy-akuster$ bitbake -c patch grub > Parsing recipes: 100% |##############################################################| Time: 00:00:46 > Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. > NOTE: Resolving any missing task queue dependencies > > Build Configuration: > BB_VERSION = "1.24.0" > BUILD_SYS = "x86_64-linux" > NATIVELSBSTRING = "Ubuntu-14.04" > TARGET_SYS = "x86_64-poky-linux" > MACHINE = "amdfalconx86" > DISTRO = "poky" > DISTRO_VERSION = "1.7.3" > TUNE_FEATURES = "dbfp4" > TARGET_FPU = "" > meta > meta-yocto > meta-yocto-bsp = "akuster/dizzy-next:4807ff0ca0abf085e6b81257534a4a62fde88d16" > common > meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" > meta-oe > meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" > > NOTE: Preparing runqueue > NOTE: Executing SetScene Tasks > NOTE: Executing RunQueue Tasks > NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. > awais@alpha:~/yocto/build-dizzy-akuster$ ls tmp/work/dbfp4-poky-linux/grub/2.00-r1/ > 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > 0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch > check-if-liblzma-is-disabled.patch > fix-endianness-problem.patch > fix-issue-with-flex-2.5.37.patch > grub-2.00 > grub-2.00-add-oe-kernel.patch > grub-2.00-fpmath-sse-387-fix.patch > grub2-remove-sparc64-setup-from-x86-builds.patch > grub-install.in.patch > remove-gets.patch > temp > awais@alpha:~/yocto/build-dizzy-akuster$ > > Pretty odd what's happening :) > > BR, > Awais > > ________________________________________ > From: akuster808 [akuster808@gmail.com] > Sent: Wednesday, January 06, 2016 10:15 PM > To: Belal, Awais > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > Awais, > > this is what I am seeing. > > NOTE: Executing RunQueue Tasks > ERROR: Command Error: exit status: 1 Output: > Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > patching file grub-core/lib/crypto.c > Hunk #1 FAILED at 470. > 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c > patching file grub-core/normal/auth.c > Hunk #1 FAILED at 174. > 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c > Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does > not apply (enforce with -f) > ERROR: Function failed: patch_do_patch > ERROR: Logfile of failure stored in: > /home/akuster/oss/maint/mylayers/poky/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.3029 > ERROR: Task 1 > (/home/akuster/oss/maint/mylayers/poky/meta/recipes-bsp/grub/grub_2.00.bb, > do_patch) failed with exit code '1' > > > I am using my contrib akuster/dizzy-next. > > I will hand fixup the changes. please give me a few days. > > - armin > > > On 01/06/2016 01:43 AM, Belal, Awais wrote: >> Ping! >> >> BR, >> Awais >> >> ________________________________________ >> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais >> Sent: Monday, January 04, 2016 12:53 PM >> To: akuster808 >> Cc: openembedded-core@lists.openembedded.org >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> Hi Armin, >> >> Odd, applies cleanly on dizzy for me. Can you please share the patch log? >> >> On a scratch build dir, I get the following: >> -------------------------------------------------------------- >> awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub >> Parsing recipes: 100% |#############################################################| Time: 00:00:36 >> Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. >> NOTE: Resolving any missing task queue dependencies >> >> Build Configuration: >> BB_VERSION = "1.24.0" >> BUILD_SYS = "x86_64-linux" >> NATIVELSBSTRING = "Ubuntu-14.04" >> TARGET_SYS = "x86_64-poky-linux" >> MACHINE = "amdfalconx86" >> DISTRO = "poky" >> DISTRO_VERSION = "1.7.3" >> TUNE_FEATURES = "dbfp4" >> TARGET_FPU = "" >> meta >> meta-yocto >> meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" >> common >> meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" >> meta-oe >> meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" >> >> NOTE: Preparing runqueue >> NOTE: Executing SetScene Tasks >> NOTE: Executing RunQueue Tasks >> NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. >> awais@alpha:~/yocto/build-dizzy$ >> -------------------------------------------------------------- >> >> BR, >> Awais >> >> ________________________________________ >> From: akuster808 [akuster808@gmail.com] >> Sent: Monday, January 04, 2016 7:13 AM >> To: Belal, Awais >> Cc: openembedded-core@lists.openembedded.org >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> On 12/31/15 5:38 AM, Belal, Awais wrote: >> Awais, >> >>> Ping! >> This patch does not apply to the current dizzy branch. >> >> is there a dependency patch I missed to apply? >> >> regards, >> Armin >>> >>> BR, >>> Awais >>> >>> ________________________________________ >>> From: openembedded-core-bounces@lists.openembedded.org [openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, Awais >>> Sent: Wednesday, December 23, 2015 4:20 PM >>> To: openembedded-core@lists.openembedded.org >>> Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >>> >>> http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 >>> >>> Signed-off-by: Awais Belal <awais_belal@mentor.com> >>> --- >>> ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ >>> meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + >>> meta/recipes-bsp/grub/grub_2.00.bb | 1 + >>> 3 files changed, 54 insertions(+) >>> create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> >>> diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> new file mode 100644 >>> index 0000000..f9252e9 >>> --- /dev/null >>> +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> @@ -0,0 +1,52 @@ >>> +Upstream-Status: Accepted >>> +Signed-off-by: Awais Belal <awais_belal@mentor.com> >>> + >>> +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 >>> +From: Hector Marco-Gisbert <hecmargi@upv.es> >>> +Date: Wed, 16 Dec 2015 04:57:18 +0000 >>> +Subject: Fix security issue when reading username and password >>> + >>> +This patch fixes two integer underflows at: >>> + * grub-core/lib/crypto.c >>> + * grub-core/normal/auth.c >>> + >>> +CVE-2015-8370 >>> + >>> +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> >>> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> >>> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> >>> +--- >>> +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c >>> +index 010e550..683a8aa 100644 >>> +--- a/grub-core/lib/crypto.c >>> ++++ b/grub-core/lib/crypto.c >>> +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) >>> + >>> + if (key == '\b') >>> + { >>> +- cur_len--; >>> ++ if (cur_len) >>> ++ cur_len--; >>> + continue; >>> + } >>> + >>> +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c >>> +index c6bd96e..8615c48 100644 >>> +--- a/grub-core/normal/auth.c >>> ++++ b/grub-core/normal/auth.c >>> +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) >>> + >>> + if (key == '\b') >>> + { >>> +- cur_len--; >>> +- grub_printf ("\b"); >>> ++ if (cur_len) >>> ++ { >>> ++ cur_len--; >>> ++ grub_printf ("\b"); >>> ++ } >>> + continue; >>> + } >>> + >>> +-- >>> +cgit v0.9.0.2 >>> diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb b/meta/recipes-bsp/grub/grub-efi_2.00.bb >>> index 7674255..6822e7a 100644 >>> --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb >>> +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb >>> @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >>> file://grub-2.00-add-oe-kernel.patch \ >>> file://grub-efi-fix-with-glibc-2.20.patch \ >>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >>> " >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >>> SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" >>> diff --git a/meta/recipes-bsp/grub/grub_2.00.bb b/meta/recipes-bsp/grub/grub_2.00.bb >>> index d4df676..94b6da9 100644 >>> --- a/meta/recipes-bsp/grub/grub_2.00.bb >>> +++ b/meta/recipes-bsp/grub/grub_2.00.bb >>> @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >>> file://fix-endianness-problem.patch \ >>> file://grub2-remove-sparc64-setup-from-x86-builds.patch \ >>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >>> " >>> >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >>> -- >>> 1.9.1 >>> >>> -- >>> _______________________________________________ >>> Openembedded-core mailing list >>> Openembedded-core@lists.openembedded.org >>> http://lists.openembedded.org/mailman/listinfo/openembedded-core >> >> -- >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org >> http://lists.openembedded.org/mailman/listinfo/openembedded-core >> ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-08 10:45 ` Belal, Awais @ 2016-01-11 11:14 ` Joshua Lock 2016-01-11 11:29 ` Belal, Awais 0 siblings, 1 reply; 13+ messages in thread From: Joshua Lock @ 2016-01-11 11:14 UTC (permalink / raw) To: Belal, Awais; +Cc: openembedded-core@lists.openembedded.org [-- Attachment #1: Type: text/plain, Size: 12249 bytes --] On 8 January 2016 at 10:45, Belal, Awais <Awais_Belal@mentor.com> wrote: > Hi Armin, > > Thanks a lot. > > Can you please share the diff? I am just asking because Joshua is seeing > the same sort of issue with the fido branch while my local setup does not > complain there either. > I've cherry-picked the change from Armin's branch onto my joshuagl/fido-next branch. Thanks, Joshua > BR, > Awais > > ________________________________________ > From: akuster808 [akuster808@gmail.com] > Sent: Friday, January 08, 2016 7:32 AM > To: Belal, Awais > Cc: openembedded-core@lists.openembedded.org > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > Awais, > > > > hand applied. merged and pushed to > > git.yoctoproject.org/poky-contrib.git akuster/dizzy-next > > thanks, > Armin > > On 01/07/2016 01:56 AM, Belal, Awais wrote: > > Hi Armin, > > > > With dizzy-next from your fork > > > > awais@alpha:~/yocto/build-dizzy-akuster$ bitbake -c patch grub > > Parsing recipes: 100% > |##############################################################| Time: > 00:00:46 > > Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 > targets, 66 skipped, 0 masked, 0 errors. > > NOTE: Resolving any missing task queue dependencies > > > > Build Configuration: > > BB_VERSION = "1.24.0" > > BUILD_SYS = "x86_64-linux" > > NATIVELSBSTRING = "Ubuntu-14.04" > > TARGET_SYS = "x86_64-poky-linux" > > MACHINE = "amdfalconx86" > > DISTRO = "poky" > > DISTRO_VERSION = "1.7.3" > > TUNE_FEATURES = "dbfp4" > > TARGET_FPU = "" > > meta > > meta-yocto > > meta-yocto-bsp = > "akuster/dizzy-next:4807ff0ca0abf085e6b81257534a4a62fde88d16" > > common > > meta-amdfalconx86 = > "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" > > meta-oe > > meta-python = > "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" > > > > NOTE: Preparing runqueue > > NOTE: Executing SetScene Tasks > > NOTE: Executing RunQueue Tasks > > NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be > rerun and all succeeded. > > awais@alpha:~/yocto/build-dizzy-akuster$ ls > tmp/work/dbfp4-poky-linux/grub/2.00-r1/ > > 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > > 0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch > > check-if-liblzma-is-disabled.patch > > fix-endianness-problem.patch > > fix-issue-with-flex-2.5.37.patch > > grub-2.00 > > grub-2.00-add-oe-kernel.patch > > grub-2.00-fpmath-sse-387-fix.patch > > grub2-remove-sparc64-setup-from-x86-builds.patch > > grub-install.in.patch > > remove-gets.patch > > temp > > awais@alpha:~/yocto/build-dizzy-akuster$ > > > > Pretty odd what's happening :) > > > > BR, > > Awais > > > > ________________________________________ > > From: akuster808 [akuster808@gmail.com] > > Sent: Wednesday, January 06, 2016 10:15 PM > > To: Belal, Awais > > Cc: openembedded-core@lists.openembedded.org > > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > > > Awais, > > > > this is what I am seeing. > > > > NOTE: Executing RunQueue Tasks > > ERROR: Command Error: exit status: 1 Output: > > Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > > patching file grub-core/lib/crypto.c > > Hunk #1 FAILED at 470. > > 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c > > patching file grub-core/normal/auth.c > > Hunk #1 FAILED at 174. > > 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c > > Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does > > not apply (enforce with -f) > > ERROR: Function failed: patch_do_patch > > ERROR: Logfile of failure stored in: > > > /home/akuster/oss/maint/mylayers/poky/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.3029 > > ERROR: Task 1 > > (/home/akuster/oss/maint/mylayers/poky/meta/recipes-bsp/grub/ > grub_2.00.bb, > > do_patch) failed with exit code '1' > > > > > > I am using my contrib akuster/dizzy-next. > > > > I will hand fixup the changes. please give me a few days. > > > > - armin > > > > > > On 01/06/2016 01:43 AM, Belal, Awais wrote: > >> Ping! > >> > >> BR, > >> Awais > >> > >> ________________________________________ > >> From: openembedded-core-bounces@lists.openembedded.org [ > openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, > Awais > >> Sent: Monday, January 04, 2016 12:53 PM > >> To: akuster808 > >> Cc: openembedded-core@lists.openembedded.org > >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > >> > >> Hi Armin, > >> > >> Odd, applies cleanly on dizzy for me. Can you please share the patch > log? > >> > >> On a scratch build dir, I get the following: > >> -------------------------------------------------------------- > >> awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub > >> Parsing recipes: 100% > |#############################################################| Time: > 00:00:36 > >> Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 > targets, 66 skipped, 0 masked, 0 errors. > >> NOTE: Resolving any missing task queue dependencies > >> > >> Build Configuration: > >> BB_VERSION = "1.24.0" > >> BUILD_SYS = "x86_64-linux" > >> NATIVELSBSTRING = "Ubuntu-14.04" > >> TARGET_SYS = "x86_64-poky-linux" > >> MACHINE = "amdfalconx86" > >> DISTRO = "poky" > >> DISTRO_VERSION = "1.7.3" > >> TUNE_FEATURES = "dbfp4" > >> TARGET_FPU = "" > >> meta > >> meta-yocto > >> meta-yocto-bsp = > "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" > >> common > >> meta-amdfalconx86 = > "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" > >> meta-oe > >> meta-python = > "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" > >> > >> NOTE: Preparing runqueue > >> NOTE: Executing SetScene Tasks > >> NOTE: Executing RunQueue Tasks > >> NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be > rerun and all succeeded. > >> awais@alpha:~/yocto/build-dizzy$ > >> -------------------------------------------------------------- > >> > >> BR, > >> Awais > >> > >> ________________________________________ > >> From: akuster808 [akuster808@gmail.com] > >> Sent: Monday, January 04, 2016 7:13 AM > >> To: Belal, Awais > >> Cc: openembedded-core@lists.openembedded.org > >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > >> > >> On 12/31/15 5:38 AM, Belal, Awais wrote: > >> Awais, > >> > >>> Ping! > >> This patch does not apply to the current dizzy branch. > >> > >> is there a dependency patch I missed to apply? > >> > >> regards, > >> Armin > >>> > >>> BR, > >>> Awais > >>> > >>> ________________________________________ > >>> From: openembedded-core-bounces@lists.openembedded.org [ > openembedded-core-bounces@lists.openembedded.org] on behalf of Belal, > Awais > >>> Sent: Wednesday, December 23, 2015 4:20 PM > >>> To: openembedded-core@lists.openembedded.org > >>> Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > >>> > >>> > http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 > >>> > >>> Signed-off-by: Awais Belal <awais_belal@mentor.com> > >>> --- > >>> ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 > ++++++++++++++++++++++ > >>> meta/recipes-bsp/grub/grub-efi_2.00.bb | 1 + > >>> meta/recipes-bsp/grub/grub_2.00.bb | 1 + > >>> 3 files changed, 54 insertions(+) > >>> create mode 100644 > meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > >>> > >>> diff --git > a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > >>> new file mode 100644 > >>> index 0000000..f9252e9 > >>> --- /dev/null > >>> +++ > b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > >>> @@ -0,0 +1,52 @@ > >>> +Upstream-Status: Accepted > >>> +Signed-off-by: Awais Belal <awais_belal@mentor.com> > >>> + > >>> +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 > >>> +From: Hector Marco-Gisbert <hecmargi@upv.es> > >>> +Date: Wed, 16 Dec 2015 04:57:18 +0000 > >>> +Subject: Fix security issue when reading username and password > >>> + > >>> +This patch fixes two integer underflows at: > >>> + * grub-core/lib/crypto.c > >>> + * grub-core/normal/auth.c > >>> + > >>> +CVE-2015-8370 > >>> + > >>> +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es> > >>> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es> > >>> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com> > >>> +--- > >>> +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c > >>> +index 010e550..683a8aa 100644 > >>> +--- a/grub-core/lib/crypto.c > >>> ++++ b/grub-core/lib/crypto.c > >>> +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) > >>> + > >>> + if (key == '\b') > >>> + { > >>> +- cur_len--; > >>> ++ if (cur_len) > >>> ++ cur_len--; > >>> + continue; > >>> + } > >>> + > >>> +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c > >>> +index c6bd96e..8615c48 100644 > >>> +--- a/grub-core/normal/auth.c > >>> ++++ b/grub-core/normal/auth.c > >>> +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) > >>> + > >>> + if (key == '\b') > >>> + { > >>> +- cur_len--; > >>> +- grub_printf ("\b"); > >>> ++ if (cur_len) > >>> ++ { > >>> ++ cur_len--; > >>> ++ grub_printf ("\b"); > >>> ++ } > >>> + continue; > >>> + } > >>> + > >>> +-- > >>> +cgit v0.9.0.2 > >>> diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb > b/meta/recipes-bsp/grub/grub-efi_2.00.bb > >>> index 7674255..6822e7a 100644 > >>> --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb > >>> +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb > >>> @@ -30,6 +30,7 @@ SRC_URI = " > ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > >>> file://grub-2.00-add-oe-kernel.patch \ > >>> file://grub-efi-fix-with-glibc-2.20.patch \ > >>> > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > >>> + > file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > >>> " > >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > >>> SRC_URI[sha256sum] = > "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" > >>> diff --git a/meta/recipes-bsp/grub/grub_2.00.bb > b/meta/recipes-bsp/grub/grub_2.00.bb > >>> index d4df676..94b6da9 100644 > >>> --- a/meta/recipes-bsp/grub/grub_2.00.bb > >>> +++ b/meta/recipes-bsp/grub/grub_2.00.bb > >>> @@ -25,6 +25,7 @@ SRC_URI = " > ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ > >>> file://fix-endianness-problem.patch \ > >>> file://grub2-remove-sparc64-setup-from-x86-builds.patch \ > >>> > file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ > >>> + > file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ > >>> " > >>> > >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" > >>> -- > >>> 1.9.1 > >>> > >>> -- > >>> _______________________________________________ > >>> Openembedded-core mailing list > >>> Openembedded-core@lists.openembedded.org > >>> http://lists.openembedded.org/mailman/listinfo/openembedded-core > >> > >> -- > >> _______________________________________________ > >> Openembedded-core mailing list > >> Openembedded-core@lists.openembedded.org > >> http://lists.openembedded.org/mailman/listinfo/openembedded-core > >> > -- > _______________________________________________ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > [-- Attachment #2: Type: text/html, Size: 18371 bytes --] ^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [dizzy][PATCH] grub2: Fix CVE-2015-8370 2016-01-11 11:14 ` Joshua Lock @ 2016-01-11 11:29 ` Belal, Awais 0 siblings, 0 replies; 13+ messages in thread From: Belal, Awais @ 2016-01-11 11:29 UTC (permalink / raw) To: Joshua Lock; +Cc: openembedded-core@lists.openembedded.org [-- Attachment #1: Type: text/plain, Size: 13081 bytes --] Thanks a lot Joshua and sorry for the hassle. BR, Awais ________________________________ From: Joshua Lock [joshuagloe@gmail.com] Sent: Monday, January 11, 2016 4:14 PM To: Belal, Awais Cc: akuster808; openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 On 8 January 2016 at 10:45, Belal, Awais <Awais_Belal@mentor.com<mailto:Awais_Belal@mentor.com>> wrote: Hi Armin, Thanks a lot. Can you please share the diff? I am just asking because Joshua is seeing the same sort of issue with the fido branch while my local setup does not complain there either. I've cherry-picked the change from Armin's branch onto my joshuagl/fido-next branch. Thanks, Joshua BR, Awais ________________________________________ From: akuster808 [akuster808@gmail.com<mailto:akuster808@gmail.com>] Sent: Friday, January 08, 2016 7:32 AM To: Belal, Awais Cc: openembedded-core@lists.openembedded.org<mailto:openembedded-core@lists.openembedded.org> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 Awais, hand applied. merged and pushed to git.yoctoproject.org/poky-contrib.git<http://git.yoctoproject.org/poky-contrib.git> akuster/dizzy-next thanks, Armin On 01/07/2016 01:56 AM, Belal, Awais wrote: > Hi Armin, > > With dizzy-next from your fork > > awais@alpha:~/yocto/build-dizzy-akuster$ bitbake -c patch grub > Parsing recipes: 100% |##############################################################| Time: 00:00:46 > Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. > NOTE: Resolving any missing task queue dependencies > > Build Configuration: > BB_VERSION = "1.24.0" > BUILD_SYS = "x86_64-linux" > NATIVELSBSTRING = "Ubuntu-14.04" > TARGET_SYS = "x86_64-poky-linux" > MACHINE = "amdfalconx86" > DISTRO = "poky" > DISTRO_VERSION = "1.7.3" > TUNE_FEATURES = "dbfp4" > TARGET_FPU = "" > meta > meta-yocto > meta-yocto-bsp = "akuster/dizzy-next:4807ff0ca0abf085e6b81257534a4a62fde88d16" > common > meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" > meta-oe > meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" > > NOTE: Preparing runqueue > NOTE: Executing SetScene Tasks > NOTE: Executing RunQueue Tasks > NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. > awais@alpha:~/yocto/build-dizzy-akuster$ ls tmp/work/dbfp4-poky-linux/grub/2.00-r1/ > 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > 0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch > check-if-liblzma-is-disabled.patch > fix-endianness-problem.patch > fix-issue-with-flex-2.5.37.patch > grub-2.00 > grub-2.00-add-oe-kernel.patch > grub-2.00-fpmath-sse-387-fix.patch > grub2-remove-sparc64-setup-from-x86-builds.patch > grub-install.in.patch > remove-gets.patch > temp > awais@alpha:~/yocto/build-dizzy-akuster$ > > Pretty odd what's happening :) > > BR, > Awais > > ________________________________________ > From: akuster808 [akuster808@gmail.com<mailto:akuster808@gmail.com>] > Sent: Wednesday, January 06, 2016 10:15 PM > To: Belal, Awais > Cc: openembedded-core@lists.openembedded.org<mailto:openembedded-core@lists.openembedded.org> > Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 > > Awais, > > this is what I am seeing. > > NOTE: Executing RunQueue Tasks > ERROR: Command Error: exit status: 1 Output: > Applying patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch > patching file grub-core/lib/crypto.c > Hunk #1 FAILED at 470. > 1 out of 1 hunk FAILED -- rejects in file grub-core/lib/crypto.c > patching file grub-core/normal/auth.c > Hunk #1 FAILED at 174. > 1 out of 1 hunk FAILED -- rejects in file grub-core/normal/auth.c > Patch 0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch does > not apply (enforce with -f) > ERROR: Function failed: patch_do_patch > ERROR: Logfile of failure stored in: > /home/akuster/oss/maint/mylayers/poky/build/tmp/work/i586-poky-linux/grub/2.00-r1/temp/log.do_patch.3029 > ERROR: Task 1 > (/home/akuster/oss/maint/mylayers/poky/meta/recipes-bsp/grub/grub_2.00.bb<http://grub_2.00.bb>, > do_patch) failed with exit code '1' > > > I am using my contrib akuster/dizzy-next. > > I will hand fixup the changes. please give me a few days. > > - armin > > > On 01/06/2016 01:43 AM, Belal, Awais wrote: >> Ping! >> >> BR, >> Awais >> >> ________________________________________ >> From: openembedded-core-bounces@lists.openembedded.org<mailto:openembedded-core-bounces@lists.openembedded.org> [openembedded-core-bounces@lists.openembedded.org<mailto:openembedded-core-bounces@lists.openembedded.org>] on behalf of Belal, Awais >> Sent: Monday, January 04, 2016 12:53 PM >> To: akuster808 >> Cc: openembedded-core@lists.openembedded.org<mailto:openembedded-core@lists.openembedded.org> >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> Hi Armin, >> >> Odd, applies cleanly on dizzy for me. Can you please share the patch log? >> >> On a scratch build dir, I get the following: >> -------------------------------------------------------------- >> awais@alpha:~/yocto/build-dizzy$ bitbake -c patch grub >> Parsing recipes: 100% |#############################################################| Time: 00:00:36 >> Parsing of 1458 .bb files complete (0 cached, 1458 parsed). 1914 targets, 66 skipped, 0 masked, 0 errors. >> NOTE: Resolving any missing task queue dependencies >> >> Build Configuration: >> BB_VERSION = "1.24.0" >> BUILD_SYS = "x86_64-linux" >> NATIVELSBSTRING = "Ubuntu-14.04" >> TARGET_SYS = "x86_64-poky-linux" >> MACHINE = "amdfalconx86" >> DISTRO = "poky" >> DISTRO_VERSION = "1.7.3" >> TUNE_FEATURES = "dbfp4" >> TARGET_FPU = "" >> meta >> meta-yocto >> meta-yocto-bsp = "(detachedfromorigin/dizzy):6d34267e0a13e10ab91b60590b27a2b5ba3b7da6" >> common >> meta-amdfalconx86 = "(detachedfromorigin/dizzy):84ae10ad68c7b253ab87558c5a6df057c9a84f08" >> meta-oe >> meta-python = "(detachedfromorigin/dizzy):7f1df52e9409edcc4d4cd5f34694f8740f56e1bf" >> >> NOTE: Preparing runqueue >> NOTE: Executing SetScene Tasks >> NOTE: Executing RunQueue Tasks >> NOTE: Tasks Summary: Attempted 10 tasks of which 0 didn't need to be rerun and all succeeded. >> awais@alpha:~/yocto/build-dizzy$ >> -------------------------------------------------------------- >> >> BR, >> Awais >> >> ________________________________________ >> From: akuster808 [akuster808@gmail.com<mailto:akuster808@gmail.com>] >> Sent: Monday, January 04, 2016 7:13 AM >> To: Belal, Awais >> Cc: openembedded-core@lists.openembedded.org<mailto:openembedded-core@lists.openembedded.org> >> Subject: Re: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >> >> On 12/31/15 5:38 AM, Belal, Awais wrote: >> Awais, >> >>> Ping! >> This patch does not apply to the current dizzy branch. >> >> is there a dependency patch I missed to apply? >> >> regards, >> Armin >>> >>> BR, >>> Awais >>> >>> ________________________________________ >>> From: openembedded-core-bounces@lists.openembedded.org<mailto:openembedded-core-bounces@lists.openembedded.org> [openembedded-core-bounces@lists.openembedded.org<mailto:openembedded-core-bounces@lists.openembedded.org>] on behalf of Belal, Awais >>> Sent: Wednesday, December 23, 2015 4:20 PM >>> To: openembedded-core@lists.openembedded.org<mailto:openembedded-core@lists.openembedded.org> >>> Subject: [OE-core] [dizzy][PATCH] grub2: Fix CVE-2015-8370 >>> >>> http://git.savannah.gnu.org/cgit/grub.git/commit/?id=451d80e52d851432e109771bb8febafca7a5f1f2 >>> >>> Signed-off-by: Awais Belal <awais_belal@mentor.com<mailto:awais_belal@mentor.com>> >>> --- >>> ...E-2015-8370-Grub2-user-pass-vulnerability.patch | 52 ++++++++++++++++++++++ >>> meta/recipes-bsp/grub/grub-efi_2.00.bb<http://grub-efi_2.00.bb> | 1 + >>> meta/recipes-bsp/grub/grub_2.00.bb<http://grub_2.00.bb> | 1 + >>> 3 files changed, 54 insertions(+) >>> create mode 100644 meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> >>> diff --git a/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> new file mode 100644 >>> index 0000000..f9252e9 >>> --- /dev/null >>> +++ b/meta/recipes-bsp/grub/files/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch >>> @@ -0,0 +1,52 @@ >>> +Upstream-Status: Accepted >>> +Signed-off-by: Awais Belal <awais_belal@mentor.com<mailto:awais_belal@mentor.com>> >>> + >>> +From 451d80e52d851432e109771bb8febafca7a5f1f2 Mon Sep 17 00:00:00 2001 >>> +From: Hector Marco-Gisbert <hecmargi@upv.es<mailto:hecmargi@upv.es>> >>> +Date: Wed, 16 Dec 2015 04:57:18 +0000 >>> +Subject: Fix security issue when reading username and password >>> + >>> +This patch fixes two integer underflows at: >>> + * grub-core/lib/crypto.c >>> + * grub-core/normal/auth.c >>> + >>> +CVE-2015-8370 >>> + >>> +Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es<mailto:hecmargi@upv.es>> >>> +Signed-off-by: Ismael Ripoll-Ripoll <iripoll@disca.upv.es<mailto:iripoll@disca.upv.es>> >>> +Also-By: Andrey Borzenkov <arvidjaar@gmail.com<mailto:arvidjaar@gmail.com>> >>> +--- >>> +diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c >>> +index 010e550..683a8aa 100644 >>> +--- a/grub-core/lib/crypto.c >>> ++++ b/grub-core/lib/crypto.c >>> +@@ -470,7 +470,8 @@ grub_password_get (char buf[], unsigned buf_size) >>> + >>> + if (key == '\b') >>> + { >>> +- cur_len--; >>> ++ if (cur_len) >>> ++ cur_len--; >>> + continue; >>> + } >>> + >>> +diff --git a/grub-core/normal/auth.c b/grub-core/normal/auth.c >>> +index c6bd96e..8615c48 100644 >>> +--- a/grub-core/normal/auth.c >>> ++++ b/grub-core/normal/auth.c >>> +@@ -174,8 +174,11 @@ grub_username_get (char buf[], unsigned buf_size) >>> + >>> + if (key == '\b') >>> + { >>> +- cur_len--; >>> +- grub_printf ("\b"); >>> ++ if (cur_len) >>> ++ { >>> ++ cur_len--; >>> ++ grub_printf ("\b"); >>> ++ } >>> + continue; >>> + } >>> + >>> +-- >>> +cgit v0.9.0.2 >>> diff --git a/meta/recipes-bsp/grub/grub-efi_2.00.bb<http://grub-efi_2.00.bb> b/meta/recipes-bsp/grub/grub-efi_2.00.bb<http://grub-efi_2.00.bb> >>> index 7674255..6822e7a 100644 >>> --- a/meta/recipes-bsp/grub/grub-efi_2.00.bb<http://grub-efi_2.00.bb> >>> +++ b/meta/recipes-bsp/grub/grub-efi_2.00.bb<http://grub-efi_2.00.bb> >>> @@ -30,6 +30,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >>> file://grub-2.00-add-oe-kernel.patch \ >>> file://grub-efi-fix-with-glibc-2.20.patch \ >>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >>> " >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >>> SRC_URI[sha256sum] = "65b39a0558f8c802209c574f4d02ca263a804e8a564bc6caf1cd0fd3b3cc11e3" >>> diff --git a/meta/recipes-bsp/grub/grub_2.00.bb<http://grub_2.00.bb> b/meta/recipes-bsp/grub/grub_2.00.bb<http://grub_2.00.bb> >>> index d4df676..94b6da9 100644 >>> --- a/meta/recipes-bsp/grub/grub_2.00.bb<http://grub_2.00.bb> >>> +++ b/meta/recipes-bsp/grub/grub_2.00.bb<http://grub_2.00.bb> >>> @@ -25,6 +25,7 @@ SRC_URI = "ftp://ftp.gnu.org/gnu/grub/grub-${PV}.tar.gz \ >>> file://fix-endianness-problem.patch \ >>> file://grub2-remove-sparc64-setup-from-x86-builds.patch \ >>> file://0001-parse_dhcp_vendor-Add-missing-const-qualifiers.patch \ >>> + file://0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch \ >>> " >>> >>> SRC_URI[md5sum] = "e927540b6eda8b024fb0391eeaa4091c" >>> -- >>> 1.9.1 >>> >>> -- >>> _______________________________________________ >>> Openembedded-core mailing list >>> Openembedded-core@lists.openembedded.org<mailto:Openembedded-core@lists.openembedded.org> >>> http://lists.openembedded.org/mailman/listinfo/openembedded-core >> >> -- >> _______________________________________________ >> Openembedded-core mailing list >> Openembedded-core@lists.openembedded.org<mailto:Openembedded-core@lists.openembedded.org> >> http://lists.openembedded.org/mailman/listinfo/openembedded-core >> -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org<mailto:Openembedded-core@lists.openembedded.org> http://lists.openembedded.org/mailman/listinfo/openembedded-core [-- Attachment #2: Type: text/html, Size: 21414 bytes --] ^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2016-01-11 11:29 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-23 11:20 [dizzy][PATCH] grub2: Fix CVE-2015-8370 Awais Belal
[not found] ` <1450877091.3760.4.camel@collabora.co.uk>
2015-12-28 10:40 ` Belal, Awais
2016-01-07 11:06 ` Joshua Lock
2015-12-31 13:38 ` Belal, Awais
2016-01-04 2:13 ` akuster808
2016-01-04 7:53 ` Belal, Awais
2016-01-06 9:43 ` Belal, Awais
2016-01-06 17:15 ` akuster808
2016-01-07 9:56 ` Belal, Awais
2016-01-08 2:32 ` akuster808
2016-01-08 10:45 ` Belal, Awais
2016-01-11 11:14 ` Joshua Lock
2016-01-11 11:29 ` Belal, Awais
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox