Merge ~mkukri/grub:kinetic-unsigned into ~ubuntu-core-dev/grub/+git/ubuntu:kinetic-unsigned

Proposed by Mate Kukri
Status: Merged
Merged at revision: 4bf5d9c485a32ab3200b2dbd964d8f6b344f3d25
Proposed branch: ~mkukri/grub:kinetic-unsigned
Merge into: ~ubuntu-core-dev/grub/+git/ubuntu:kinetic-unsigned
Diff against target: 60 lines (+38/-0)
3 files modified
debian/changelog (+6/-0)
debian/patches/efinet-http-message-field-size.patch (+31/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
Julian Andres Klode Pending
Ubuntu Core Development Team Pending
Chengen Du Pending
Review via email: mp+455398@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Mate Kukri (mkukri) wrote (last edit ):

@juliank i believe this is in the dev PPA at least now, but maybe please merge this in git and get it closed?

Revision history for this message
Mate Kukri (mkukri) :

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/changelog b/debian/changelog
2index cde507a..d766fb5 100644
3--- a/debian/changelog
4+++ b/debian/changelog
5@@ -1,3 +1,9 @@
6+grub2 (2.06-2ubuntu14.5) jammy; urgency=medium
7+
8+ * efinet: HTTP_MESSAGE fix field size (LP: #2043084)
9+
10+ -- Mate Kukri <mate.kukri@canonical.com> Thu, 09 Nov 2023 13:52:48 +0200
11+
12 grub2 (2.06-2ubuntu14.4) jammy; urgency=high
13
14 * SECURITY UPDATE: Crafted file system images can cause out-of-bounds write
15diff --git a/debian/patches/efinet-http-message-field-size.patch b/debian/patches/efinet-http-message-field-size.patch
16new file mode 100644
17index 0000000..a0b6db1
18--- /dev/null
19+++ b/debian/patches/efinet-http-message-field-size.patch
20@@ -0,0 +1,31 @@
21+From: Keng-Yu Lin <kengyu@hpe.com>
22+Date: Wed, 26 Apr 2023 01:43:16 -0400
23+Subject: efi/http: change uint32_t to uintn_t
24+
25+Modify UINT32 to UINTN in EFI_HTTP_MESSAGE to
26+be UEFI 2.9 compliant.
27+
28+Signed-off-by: Keng-Yu Lin <kengyu@hpe.com>
29+Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
30+
31+Ubuntu-Bug: https://bugs.launchpad.net/bugs/2043084
32+---
33+ include/grub/efi/http.h | 4 ++--
34+ 1 file changed, 2 insertions(+), 2 deletions(-)
35+
36+diff --git a/include/grub/efi/http.h b/include/grub/efi/http.h
37+index c5e9a89..ad164ba 100644
38+--- a/include/grub/efi/http.h
39++++ b/include/grub/efi/http.h
40+@@ -171,9 +171,9 @@ typedef struct {
41+ grub_efi_http_request_data_t *request;
42+ grub_efi_http_response_data_t *response;
43+ } data;
44+- grub_efi_uint32_t header_count;
45++ grub_efi_uintn_t header_count;
46+ grub_efi_http_header_t *headers;
47+- grub_efi_uint32_t body_length;
48++ grub_efi_uintn_t body_length;
49+ void *body;
50+ } grub_efi_http_message_t;
51+
52diff --git a/debian/patches/series b/debian/patches/series
53index 4ca7dea..ef44f8d 100644
54--- a/debian/patches/series
55+++ b/debian/patches/series
56@@ -219,3 +219,4 @@ ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bitmaps-for-index-at.patch
57 ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-label.patch
58 ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch
59 fdt-fixup-after-load.patch
60+efinet-http-message-field-size.patch

Subscribers

People subscribed via source and target branches