From commit message at $URL: The DxeImageVerificationHandler() function currently checks whether "SecDataDir" has enough room for "WinCertificate->dwLength". However, for advancing "OffSet", "WinCertificate->dwLength" is aligned to the next multiple of 8. If "WinCertificate->dwLength" is large enough, the alignment will return 0, and "OffSet" will be stuck at the same value. Patch is at $URL, and seems there's been a tag since that commit.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4342ef6d64286089e4a4b25dca5b15a5edb53dca commit 4342ef6d64286089e4a4b25dca5b15a5edb53dca Author: Vadim Misbakh-Soloviov <mva@gentoo.org> AuthorDate: 2020-10-02 10:37:58 +0000 Commit: Vadim Misbakh-Soloviov <mva@gentoo.org> CommitDate: 2020-10-02 10:37:58 +0000 sys-firmware/edk2-ovmf: Bump Bug: https://bugs.gentoo.org/712288 Bug: https://bugs.gentoo.org/744412 Bug: https://bugs.gentoo.org/734146 Package-Manager: Portage-3.0.6, Repoman-3.0.1 Signed-off-by: Vadim Misbakh-Soloviov <mva@gentoo.org> sys-firmware/edk2-ovmf/Manifest | 5 + sys-firmware/edk2-ovmf/edk2-ovmf-201905.ebuild | 3 + sys-firmware/edk2-ovmf/edk2-ovmf-202008.ebuild | 184 +++++++++++++++++++++++++ 3 files changed, 192 insertions(+)
Now we'll wait for stabilization of 202008 before closing this bug
Ok, please do so when ready.
arm64 done
amd64 stable
x86 stable. Maintainer(s), please cleanup. Security, please vote.
GLSA Vote: No