summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2024-01-22Bump version to 15.815.8Peter Jones
2024-01-22gitmodules: use shim-15.8 for gnu-efi branchPeter Jones
2024-01-22Try to load revocations.efi even if directory read failsJan Setje-Eilers
2024-01-22netboot read_image() should not hardcode DEFAULT_LOADERJan Setje-Eilers
2024-01-22Build time selectable automatic SBATLevel revocationsJan Setje-Eilers
2024-01-22Rename "previous" revocations to "automatic"Jan Setje-Eilers
2024-01-22Suppress "Failed to open <..>\revocations.efi" when file does not existJan Setje-Eilers
2024-01-22pe-relocate: Avoid __builtin_add_overflow() on GCC < 5Peter Jones
2024-01-22post-process-pe: Don't set the NX_COMPAT flag by default after all.Peter Jones
2024-01-22Fix some minor ia32 build issues.Peter Jones
2024-01-17Updated Revocations for January 2024 CVEsJan Setje-Eilers
2023-12-05Print errors when setting/clearing memory attrsPeter Jones
2023-12-05CVE-2023-40547 - avoid incorrectly trusting HTTP headersPeter Jones
2023-12-05sbat revocations: check the full section namePeter Jones
2023-12-05Print message when refusing to apply SbatLevelJan Setje-Eilers
2023-12-05shim should not self revokeJan Setje-Eilers
2023-12-05BS Variables for bootmgr revocationsJan Setje-Eilers
2023-12-05Always clear SbatLevel when Secure Boot is disabledJan Setje-Eilers
2023-12-05Allow SbatLevel data from external binaryJan Setje-Eilers
2023-12-05Further mitigations against CVE-2023-40546 as a classPeter Jones
2023-12-05CVE-2023-40548 Fix integer overflow on SBAT section size on 32-bit systemPeter Jones
2023-12-05CVE-2023-40549 Authenticode: verify that the signature header is in bounds.Peter Jones
2023-12-05pe-relocate: Ensure nothing else implements CVE-2023-40550Peter Jones
2023-12-05CVE-2023-40550 pe: Fix an out-of-bound read in verify_buffer_sbat()Peter Jones
2023-12-05pe-relocate: make read_header() use checked arithmetic operations.Peter Jones
2023-12-05CVE-2023-40551: pe-relocate: Fix bounds check for MZ binariesPeter Jones
2023-12-05pe-relocate: Add a fuzzer for read_header()Peter Jones
2023-12-05Add primitives for overflow-checked arithmetic operations.Peter Jones
2023-10-19CVE-2023-40546 mok: fix LogError() invocationPeter Jones
2023-08-25compile_commands.json: remove stuff clang doesn't likePeter Jones
2023-08-25Make some of the static analysis tools a little easier to runPeter Jones
2023-07-19mok: Avoid underflow in maximum variable size calculationAlper Nebi Yasak
2023-07-19Correctly free memory allocated in handle_image()Dennis Tseng
2023-07-19Work around ImageAddress() usage mistakeDennis Tseng
2023-06-29Add libFuzzer support to the .sbat parser.Peter Jones
2023-06-29Fix a 1-byte memory leak in .sbat parsing.Peter Jones
2023-06-29Add libFuzzer support for csv.cPeter Jones
2023-06-27Verify signature before verifying sbat levelsJan Setje-Eilers
2023-06-23Test (and fix) ImageAddress()Peter Jones
2023-06-23Split pe.c up even more.Peter Jones
2023-06-23Remove CentOS 7 test builds.Peter Jones
2023-06-23test: Make our fake dprintf be a statement.Peter Jones
2023-06-23Add gnu-stack notesPeter Jones
2023-06-23Add a make rule for compile_commands.jsonPeter Jones
2023-06-21Use -Wno-unused-but-set-variable for Cryptlib and OpenSSLPeter Jones
2023-06-21Add SbatLevel_Variable.txt to document the various revocationsJan Setje-Eilers
2023-06-21Change type of fallback_verbose_wait from int to unsigned longKamil Aronowski
2023-06-21Rename 'msecs' to 'usecs' to avoid potential confusionKamil Aronowski
2023-06-21Skip testing msleep()Kamil Aronowski
2023-06-21pe: only process RelocDir->Size of reloc sectionMike Beaton
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-31 08:25:36 +0000