dgit.raspbian.org Git - u-boot.git/commit

u-boot (2021.01+dfsg-5+deb11u1) bullseye-security; urgency=medium

  * Non-maintainer upload by the Debian LTS team.
  * d/patches/CVE-2022-34835.patch: Add patch to fix CVE-2022-34835.
    - Fix an integer signedness error and resultant stack-based buffer overflow
      in the 'i2c md' command that enables the corruption of the return address
      pointer of the do_i2c_md function (closes: #1014529).
  * d/patches/CVE-2022-33967.patch: Add patch to fix CVE-2022-33967.
    - Fix a heap-based buffer overflow vulnerability due to a defect in the
      metadata reading process which may lead to a denial-of-service (DoS)
      condition or arbitrary code execution by loading a specially crafted
      squashfs image.
  * d/patches/CVE-2022-33103.patch: Add patch to fix CVE-2022-33103.
    - Fix an an out-of-bounds write (closes: #1014528).
  * d/patches/CVE-2022-30790.patch: Add patch to fix CVE-2022-30790 and
    CVE-2022-30552.
    - Fix a a Buffer Overflow (closes: #1014470).
  * d/patches/CVE-2022-30767.patch: Add patch to fix CVE-2022-30767.
    - Fix an unbounded memcpy with a failed length check, leading to a buffer
      overflow. This issue exists due to an incorrect fix for CVE-2019-14196
      (closes: #1014471).
  * d/patches/CVE-2022-2347.patch: Add patch to fix CVE-2022-2347.
    - Fix an unchecked length field leading to a heap overflow
      (closes: #1014959).
  * d/patches/CVE-2024-57254.patch: Add patch to fix CVE-2024-57254.
    - Fix an integer overflow in sqfs_inode_size (closes: 1098254).
  * d/patches/CVE-2024-57255.patch: Add patch to fix CVE-2024-57255.
    - Fix an integer overflow in sqfs_resolve_symlink (closes: #1098254).
  * d/patches/CVE-2024-57256.patch: Add patch to fix CVE-2024-57256.
    - Fix an integer overflow in ext4fs_read_symlink (closes: #1098254).
  * d/patches/CVE-2024-57257.patch: Add patch to fix CVE-2024-57257.
    - Fix a stack consumption issue in sqfs_size possible with deep symlink
      nesting (closes: #1098254).
  * d/patches/CVE-2024-57258-1.patch, d/patches/CVE-2024-57258-2.patch,
    d/patches/CVE-2024-57258-3.patch: Add patches to fx CVE-2024-57258.
    - Fix multiple integer overflows (closes: #1098254).
  * d/patches/CVE-2024-57259.patch: Add patch to fix CVE-2024-57259.
    - Fix an off-by-one error resulting in a heap memory corruption in
      sqfs_search_dir (closes: #1098254).

[dgit import unpatched u-boot 2021.01+dfsg-5+deb11u1]

author	Daniel Leidert <dleidert@debian.org>
	Wed, 30 Apr 2025 23:19:02 +0000 (01:19 +0200)
committer	Daniel Leidert <dleidert@debian.org>
	Wed, 30 Apr 2025 23:19:02 +0000 (01:19 +0200)
commit	1b1f7d717383c99663b58239ee7994d99eb58ca0
tree	977fe43d50e6bb691b87aefd199ae26d85085366	tree \| snapshot
parent	df707a8698e63750556f5c63fb92f9ffa529af0e	commit \| diff
parent	6e957e1b79acec86b58e4bc94730265fa29c6e29	commit \| diff

debian/bin/generate-qcom	\|	\|	blob
debian/bin/u-boot-install-rockchip	\|	\|	blob
debian/bin/u-boot-install-sunxi	\|	\|	blob
debian/bin/u-boot-install-targets	\|	\|	blob
debian/bin/update-lintian-overrides	\|	\|	blob
debian/bin/update-substvars	\|	\|	blob
debian/changelog	\|	\|	blob
debian/control	\|	\|	blob
debian/copyright	\|	\|	blob
debian/env-configs/efikamx.config	\|	\|	blob
debian/env-configs/guruplug.config	\|	\|	blob
debian/env-configs/kurobox_pro.config	\|	\|	blob
debian/env-configs/linkstation-mini.config	\|	\|	blob
debian/env-configs/linkstation_pro_live.config	\|	\|	blob
debian/env-configs/lsmipsel.config	\|	\|	blob
debian/env-configs/lsppchg.config	\|	\|	blob
debian/env-configs/mx6cuboxi.config	\|	\|	blob
debian/env-configs/openmoko_gta01.config	\|	\|	blob
debian/env-configs/openmoko_gta02.config	\|	\|	blob
debian/env-configs/openrd.config	\|	\|	blob
debian/env-configs/qnap_ts101.config	\|	\|	blob
debian/env-configs/qnap_ts109-209.config	\|	\|	blob
debian/env-configs/qnap_ts119-219.config	\|	\|	blob
debian/env-configs/sheevaplug.config	\|	\|	blob
debian/env-configs/udoo_quad.config	\|	\|	blob
debian/env-configs/wandboard.config	\|	\|	blob
debian/gbp.conf	\|	\|	blob
debian/manpages/u-boot-install-sunxi.8	\|	\|	blob
debian/patches/CVE-2022-2347.patch	\|	\|	blob
debian/patches/CVE-2022-30767.patch	\|	\|	blob
debian/patches/CVE-2022-30790.patch	\|	\|	blob
debian/patches/CVE-2022-33103.patch	\|	\|	blob
debian/patches/CVE-2022-33967.patch	\|	\|	blob
debian/patches/CVE-2022-34835.patch	\|	\|	blob
debian/patches/CVE-2024-57254.patch	\|	\|	blob
debian/patches/CVE-2024-57255.patch	\|	\|	blob
debian/patches/CVE-2024-57256.patch	\|	\|	blob
debian/patches/CVE-2024-57257.patch	\|	\|	blob
debian/patches/CVE-2024-57258-1.patch	\|	\|	blob
debian/patches/CVE-2024-57258-2.patch	\|	\|	blob
debian/patches/CVE-2024-57258-3.patch	\|	\|	blob
debian/patches/CVE-2024-57259.patch	\|	\|	blob
debian/patches/add-debian-revision-to-u-boot-version	\|	\|	blob
debian/patches/am57xx/omap5_distro_bootcmd	\|	\|	blob
debian/patches/arndale/board-spl-rule.diff	\|	\|	blob
debian/patches/ensure-config-sandbox-for-make-env.patch	\|	\|	blob
debian/patches/exynos/0001-arm-config-fix-default-console-only-to-specify-the-d.patch	\|	\|	blob
debian/patches/mx53loco	\|	\|	blob
debian/patches/n900/bootz_and_raw_initrd.patch	\|	\|	blob
debian/patches/pinetab/0001-configs-add-PineTab-defconfig.patch	\|	\|	blob
debian/patches/riscv64/qemu-riscv64_smode-sifive-fu540-fix-extlinux-define-.patch	\|	\|	blob
debian/patches/rk3399/disable-preboot	\|	\|	blob
debian/patches/series	\|	\|	blob
debian/patches/test-imagetools-test-fixes	\|	\|	blob
debian/patches/tools-generic-builds.patch	\|	\|	blob
debian/patches/upstream/0001-efi_loader-switch-to-non-secure-mode-later.patch	\|	\|	blob
debian/rules	\|	\|	blob
debian/source/format	\|	\|	blob
debian/source/include-binaries	\|	\|	blob
debian/targets	\|	\|	blob
debian/u-boot-amlogic.docs	\|	\|	blob
debian/u-boot-amlogic.install	\|	\|	blob
debian/u-boot-amlogic.lintian-overrides	\|	\|	blob
debian/u-boot-exynos.docs	\|	\|	blob
debian/u-boot-exynos.install	\|	\|	blob
debian/u-boot-exynos.lintian-overrides	\|	\|	blob
debian/u-boot-imx.README.Debian	\|	\|	blob
debian/u-boot-imx.install	\|	\|	blob
debian/u-boot-imx.links	\|	\|	blob
debian/u-boot-imx.lintian-overrides	\|	\|	blob
debian/u-boot-mvebu.docs	\|	\|	blob
debian/u-boot-mvebu.install	\|	\|	blob
debian/u-boot-mvebu.lintian-overrides	\|	\|	blob
debian/u-boot-omap.README.Debian	\|	\|	blob
debian/u-boot-omap.docs	\|	\|	blob
debian/u-boot-omap.install	\|	\|	blob
debian/u-boot-omap.lintian-overrides	\|	\|	blob
debian/u-boot-qcom.README.Debian	\|	\|	blob
debian/u-boot-qcom.install	\|	\|	blob
debian/u-boot-qcom.lintian-overrides	\|	\|	blob
debian/u-boot-qemu.README.Debian	\|	\|	blob
debian/u-boot-qemu.install	\|	\|	blob
debian/u-boot-qemu.lintian-overrides	\|	\|	blob
debian/u-boot-rockchip.NEWS	\|	\|	blob
debian/u-boot-rockchip.README.Debian	\|	\|	blob
debian/u-boot-rockchip.docs	\|	\|	blob
debian/u-boot-rockchip.install	\|	\|	blob
debian/u-boot-rockchip.lintian-overrides	\|	\|	blob
debian/u-boot-rpi.README.Debian	\|	\|	blob
debian/u-boot-rpi.install	\|	\|	blob
debian/u-boot-rpi.lintian-overrides	\|	\|	blob
debian/u-boot-sifive.docs	\|	\|	blob
debian/u-boot-sifive.install	\|	\|	blob
debian/u-boot-sifive.lintian-overrides	\|	\|	blob
debian/u-boot-sunxi.README.Debian	\|	\|	blob
debian/u-boot-sunxi.docs	\|	\|	blob
debian/u-boot-sunxi.install	\|	\|	blob
debian/u-boot-sunxi.links	\|	\|	blob
debian/u-boot-sunxi.lintian-overrides	\|	\|	blob
debian/u-boot-sunxi.manpages	\|	\|	blob
debian/u-boot-tegra.README.Debian	\|	\|	blob
debian/u-boot-tegra.install	\|	\|	blob
debian/u-boot-tegra.links.arm64	\|	\|	blob
debian/u-boot-tegra.lintian-overrides	\|	\|	blob
debian/u-boot-tools.docs	\|	\|	blob
debian/u-boot-tools.examples	\|	\|	blob
debian/u-boot-tools.install	\|	\|	blob
debian/u-boot-tools.manpages	\|	\|	blob
debian/u-boot.README.Debian	\|	\|	blob
debian/u-boot.install	\|	\|	blob
debian/u-boot.lintian-overrides	\|	\|	blob
debian/upstream/signing-key.asc	\|	\|	blob
debian/watch	\|	\|	blob