[PATCH 0/3] KEYS: Miscellaneous fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi James,

Here are three miscellaneous fixes:

 (1) Fix a panic in some debugging code in PKCS#7.  This can only happen by
     explicitly inserting a #define DEBUG into the code.

 (2) Fix the calculation of the digest length in the PE file parser.  This
     causes a failure where there should be a success.

 (3) Fix the case where an X.509 cert can be added as an asymmetric key to
     a trusted keyring with no trust restriction if no AKID is supplied.

Bugs (1) and (2) aren't particularly problematic, but (3) allows a security
check to be bypassed.  Bug (3) is added since the 4.6 kernel.

The patches can be found here also:

	http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-fixes

at tag:

	keys-fixes-20160718

David
---
Lans Zhang (2):
      PKCS#7: Fix panic when referring to the empty AKID when DEBUG defined
      pefile: Fix the failure of calculation for digest

Mat Martineau (1):
      KEYS: Fix for erroneous trust of incorrectly signed X.509 certs


 crypto/asymmetric_keys/mscode_parser.c |    7 ++++++-
 crypto/asymmetric_keys/pkcs7_verify.c  |    2 +-
 crypto/asymmetric_keys/restrict.c      |    2 +-
 3 files changed, 8 insertions(+), 3 deletions(-)

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux