| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| CVE-2022-2553.patch | [PATCH] Revert "Refactor: main: substitute is_auth_req macro" This reverts commit da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c. authfile != authkey |
Jan Friesse <jfriesse@redhat.com> | no | 2022-07-04 | ||
| 0001-auth-Check-result-of-gcrypt-gcry_md_get_algo_dlen.patch | auth: Check result of gcrypt gcry_md_get_algo_dlen When unknown hash is passed to gcry_md_get_algo_dlen 0 is returned. This value is then used for memcmp so wrong hmac might be accepted as correct. |
Jan Friesse <jfriesse@redhat.com> | no | 2024-02-21 | ||
| 0002-attr-Fix-reading-of-server_reply.patch | attr: Fix reading of server_reply read_server_reply first reads boothc header and then rest of packet which contains hmac info. This should go in memory right after boothc_header and not after full length of packet, because full length of packet already contains hmac info. Solution is to simply use length of header and not length of packet. Longer term and better solution would be to drop read_server_reply completely and use recv_auth which is used for everything else but attr set and delete. |
Jan Friesse <jfriesse@redhat.com> | no | 2024-02-21 |