lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <alpine.LRH.2.20.1607181203590.8286@namei.org>
Date:	Mon, 18 Jul 2016 12:06:21 +1000 (AEST)
From:	James Morris <jmorris@...ei.org>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
cc:	linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	David Howells <dhowells@...hat.com>
Subject: [GIT PULL] KEYS fixes

Please pull these fixes for the keys code.

>From David Howells:

" Here are three miscellaneous fixes:

 (1) Fix a panic in some debugging code in PKCS#7.  This can only happen 
     by explicitly inserting a #define DEBUG into the code.

 (2) Fix the calculation of the digest length in the PE file parser.  This
     causes a failure where there should be a success.

 (3) Fix the case where an X.509 cert can be added as an asymmetric key to
     a trusted keyring with no trust restriction if no AKID is supplied.

  Bugs (1) and (2) aren't particularly problematic, but (3) allows a 
  security check to be bypassed.  Bug (3) is added since the 4.6 kernel. "



The following changes since commit 47ef4ad2684d380dd6d596140fb79395115c3950:

  Merge tag 'for-linus-20160715' of git://git.infradead.org/linux-mtd (2016-07-16 09:53:34 +0900)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git for-linus

Lans Zhang (2):
      PKCS#7: Fix panic when referring to the empty AKID when DEBUG defined
      pefile: Fix the failure of calculation for digest

Mat Martineau (1):
      KEYS: Fix for erroneous trust of incorrectly signed X.509 certs

 crypto/asymmetric_keys/mscode_parser.c |    7 ++++++-
 crypto/asymmetric_keys/pkcs7_verify.c  |    2 +-
 crypto/asymmetric_keys/restrict.c      |    2 +-
 3 files changed, 8 insertions(+), 3 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ