Commit 5f489e1ed0 for qemu.org
commit 5f489e1ed04ce56d20966b11a1eccf65197c1042
Merge: 4eee6ecb57 b4680c02b8
Author: Stefan Hajnoczi <stefanha@redhat.com>
Date: Sat May 9 07:37:35 2026 -0400
Merge tag 'firmware-20260508-pull-request' of https://gitlab.com/kraxel/qemu into staging
hw/uefi: collection of CVE fixes.
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEoDKM/7k6F6eZAf59TLbY7tPocTgFAmn9svYACgkQTLbY7tPo
# cThcEA/8DG1riNLCKxotL4k6doFP91LW72j11vrxkrP1QtTc7Al7Pd7jFpiO46cx
# cGgFuhwZT3pzY6lCIekheDzbm1nW09V9UcMzirW9kpwCiw9R79sMw6DXFxJ1Zmza
# DFuvBajdQ0Cik+iesNeN1M+Zg55hXe2FJTgxo/bUR8wSgfv2oew/B61RV9j43q3Q
# g7mJKgJTlnleS8yJyN5js3G59p7egOgFZSdcJlMC9Ozkun/bonoTJAeYMF5N7LXI
# kA5p42kGLCNe6nOUrQSk+WSum8CnAld6Qs+b13gVbsMK83QRF3yApXG63bJGqBJ1
# t4zWLUieTCEVW38I/MOEjGu2qEksfLe81KJ7hfEMLhUPjeCv9++9YU35XgbHubIv
# Kfh7B0xV0K9g+JYEYfflwQdI5AdSp5EmFb9ztf02u4CH5nC0EcDVb8hB2fJW+Psj
# ElJH0SQl+Hdco/Ln7dcenKMgqAl9ekarYysV3xvO4e59pxqx/2S03HiEvNnrYByw
# pklUobv8gnuZujHyq/5fOgrLnH7qMsfgyYRej4iBaRWNOa4K5Oz0HhnBxdpjvMqa
# 1u3BXlv6VjDrGNnhHUA+2nPdqx2iUSDbE20BhUoOAOjOnGfCi6REFWS7fhyLvQBT
# MedYFgWT/eD37n65j+4Nvd73CQfHasQCFEedAbU8wAQRoDe+jP0=
# =gKLo
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri 08 May 2026 05:55:02 EDT
# gpg: using RSA key A0328CFFB93A17A79901FE7D4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kraxel@redhat.com>" [full]
# gpg: aka "Gerd Hoffmann <gerd@kraxel.org>" [full]
# gpg: aka "Gerd Hoffmann (private) <kraxel@gmail.com>" [full]
# Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138
* tag 'firmware-20260508-pull-request' of https://gitlab.com/kraxel/qemu:
hw/uefi: avoid possibly unaligned variable_auth_2 struct field access
hw/uefi: verify data size before accessing it in wrap_pkcs7
hw/uefi: add name_size check to uefi_vars_mm_lock_variable()
hw/uefi: fix ucs2 string helper functions
hw/uefi: verify pio_xfer_offset before calculating buffer checksum
hw/uefi: fix buffer overruns
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>