diff options
| author | Thomas Gerbet <thomas@gerbet.me> | 2025-02-19 14:08:17 +0100 |
|---|---|---|
| committer | Thomas Gerbet <thomas@gerbet.me> | 2025-03-01 13:08:03 +0100 |
| commit | 920cf80d337324d82a834ef0092d24b6268d6aaa (patch) | |
| tree | c304211ee97ac45d79dd9c6c64512af90d943f8b /pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch | |
| parent | 6d6df8288d2419766df3c8c489cf6ab60bd80e07 (diff) | |
grub2: apply patches for security issues
https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
Fixes:
1) CVE-2024-45774: reader/jpeg: Heap OOB Write during JPEG parsing.
2) CVE-2024-45775: commands/extcmd: Missing check for failed allocation.
3) CVE-2024-45776: grub-core/gettext: Integer overflow leads to Heap OO
Write and Read.
4) CVE-2024-45777: grub-core/gettext: Integer overflow leads to Heap OOB
Write.
5) CVE-2024-45778: fs/bfs: Integer overflow in the BFS parser.
6) CVE-2024-45779: fs/bfs: Integer overflow leads to Heap OOB Read
(Write?) in the BFS parser.
7) CVE-2024-45780: fs/tar: Integer Overflow causes Heap OOB Write.
8) CVE-2024-45781: fs/ufs: OOB write in the heap.
9) CVE-2024-45782: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)
10) CVE-2024-45783: fs/hfs+: refcount can be decremented twice
11) CVE-2025-0622: command/gpg: Use-after-free due to hooks not being
removed on module unload
12) CVE-2025-0624: net: Out-of-bounds write in
grub_net_search_config_file()
13) CVE-2025-0677: UFS: Integer overflow may lead to heap based
out-of-bounds write when handling symlinks
14) CVE-2025-0678: squash4: Integer overflow may lead to heap based
out-of-bounds write when reading data
15) CVE-2025-0684: reiserfs: Integer overflow when handling symlinks may
lead to heap based out-of-bounds write when reading
data
16) CVE-2025-0685: jfs: Integer overflow when handling symlinks may lead
to heap based out-of-bounds write when reading data
17) CVE-2025-0686: romfs: Integer overflow when handling symlinks may
lead to heap based out-of-bounds write when reading
data
18) CVE-2025-0689: udf: Heap based buffer overflow in
grub_udf_read_block() may lead to arbitrary code
execution
19) CVE-2025-0690: read: Integer overflow may lead to out-of-bounds
write
20) CVE-2025-1118: commands/dump: The dump command is not in lockdown
when secure boot is enabled
21) CVE-2025-1125: fs/hfs: Integer overflow may lead to heap based
out-of-bounds write
A few additional patches have been also backported in addition to the 73
mentionned by upstream to avoid conflicts.
Diffstat (limited to 'pkgs/development/python-modules/python-mapnik/python-mapnik_std_optional.patch')
0 files changed, 0 insertions, 0 deletions