system76-edk2

Files

Jian J Wang c13742b180 SecurityPkg/DxeImageVerificationLib: reject CertStack.CertNumber==0 per DBX (CVE-2019-14575)

In case the signers' certificate stack, retrieved from the PE/COFF image's
Authenticode blob, has zero elements (=there are zero signer certificates),
then we should consider the image forbidden by DBX, not accepted by DBX.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

2020-02-19 14:08:23 +00:00

DxeImageVerificationLib.c

SecurityPkg/DxeImageVerificationLib: reject CertStack.CertNumber==0 per DBX (CVE-2019-14575)

2020-02-19 14:08:23 +00:00

DxeImageVerificationLib.h

SecurityPkg: Replace BSD License with BSD+Patent License

2019-04-09 10:58:23 -07:00

DxeImageVerificationLib.inf

SecurityPkg: Replace BSD License with BSD+Patent License

2019-04-09 10:58:23 -07:00

DxeImageVerificationLib.uni

SecurityPkg: Replace BSD License with BSD+Patent License

2019-04-09 10:58:23 -07:00

Measurement.c

SecurityPkg: Replace BSD License with BSD+Patent License

2019-04-09 10:58:23 -07:00