Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

boot/shim: security bump to version 15.6

Fixes the following security issue:

CVE-2022-28737: There's a possible overflow in handle_image() when shim
tries to load and execute crafted EFI executables

https://github.com/advisories/GHSA-hmxr-46w2-jjwh

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit f29cbc6ce3def37d7dc4d99fa2a5cbdadc6369e9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard 1 year ago
parent
7b1ee6b6b6
commit
425dbe3b3d
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      boot/shim/shim.hash
  2. 1 1
      boot/shim/shim.mk

+ 1 - 1
boot/shim/shim.hash
View File 

@@ -1,3 +1,3 @@
 
 # locally computed hash
 
-sha256  8344473dd10569588b8238a4656b8fab226714eea9f5363f8c410aa8a5090297  shim-15.4.tar.bz2
 
+sha256  eab91644a3efe91a666399f5d8eb3eed0e04d04f79d4b6c0b278ef7747a239a5  shim-15.6.tar.bz2
 
 sha256  15edf527919ddcb2f514ab9d16ad07ef219e4bb490e0b79560be510f0c159cc2  COPYRIGHT

+ 1 - 1
boot/shim/shim.mk
View File 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-SHIM_VERSION = 15.4
 
+SHIM_VERSION = 15.6
 
 SHIM_SITE = https://github.com/rhboot/shim/releases/download/$(SHIM_VERSION)
 
 SHIM_SOURCE = shim-$(SHIM_VERSION).tar.bz2
 
 SHIM_LICENSE = BSD-2-Clause