Security update for u-boot
This update for u-boot fixes the following issues:
- CVE-2020-8432: Fixed a double free in the cmd/gpt.c do_rename_gpt_parts() function, which allowed an attacker to execute arbitrary code (bsc#1162198)
- CVE-2020-10648: Fixed improper signature verification during verified boot (bsc#1167209).
This update was imported from the SUSE:SLE-15-SP2:Update update project.
-
Submitted by
Matthias Brugger (mbrugger)
Fixed bugs
bnc#1162198
VUL-0: CVE-2020-8432: u-boot: double free in the cmd/gpt.c do_rename_gpt_parts() function, allowing an attacker to execute arbitrary code
bnc#1167209
VUL-0: CVE-2020-10648: u-boot: verified boot improper signature verification
