Google Git
Sign in
chromium / external / github.com / fwupd / fwupd / refs/heads/0_5_X
commit833588bace2dad9637a6b203a28f370fb409037e[log] [tgz]
authorRichard Hughes <richard@hughsie.com>Thu May 28 15:49:27 2020
committerRichard Hughes <richard@hughsie.com>Thu May 28 15:52:06 2020
tree5a9ebe3fb5806f77c102281e8c6414648a11dbb8
parent9ceb91fb5f954168f952edf694569da69f9a1905 [diff]
Validate that gpgme_op_verify_result() returned at least one signature

If a detached signature is actually a PGP message, gpgme_op_verify() returns
the rather perplexing GPG_ERR_NO_ERROR, and then gpgme_op_verify_result()
builds an empty list.

Explicitly check for no signatures present to avoid returning success in this
case.

Fixes CVE-????
1 file changed
tree: 5a9ebe3fb5806f77c102281e8c6414648a11dbb8
  1. .tx/
  2. contrib/
  3. data/
  4. docs/
  5. libfwupd/
  6. m4/
  7. po/
  8. policy/
  9. src/
  10. AUTHORS
  11. autogen.sh
  12. configure.ac
  13. COPYING
  14. git.mk
  15. MAINTAINERS
  16. Makefile.am
  17. NEWS
  18. README.md
  19. RELEASE
README.md

fwupd

This project aims to make updating firmware on Linux automatic, safe and reliable.

ColorHug Support

You need to install colord 1.2.9 which may be newer that your distribution provides. Compile it from source https://github.com/hughsie/colord or grab the RPMs here http://people.freedesktop.org/~hughsient/fedora/

If you don't want or need this functionality you can use the --disable-colorhug option.

UEFI Support

If you're wondering where to get fwupdate from, either compile it form source (you might also need a newer efivar) from https://github.com/rhinstaller/fwupdate or grab the RPMs here https://pjones.fedorapeople.org/fwupdate/

If you don't want or need this functionality you can use the --disable-uefi option.