Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

journalctl: verify that old entries are not sealed with too recent key #28885

Merged
merged 2 commits into from Oct 6, 2023
Merged

journalctl: verify that old entries are not sealed with too recent key #28885

merged 2 commits into from Oct 6, 2023

Commits on Aug 18, 2023

  1. journalctl: verify that old entries are not sealed with too recent key 

    When verifying seals produced with forward secure sealing, the verification
currently does not check that old entries are only sealed with the key for
their epoch and not a more recent one. This missing check allows an attacker
to remove seals, and create new ones with the currently available key, and
verify will claim everything is in order, although all entries could have
been modified.

This resolves CVE-2023-31439.
    Felix Dörre committed Aug 18, 2023
    Copy the full SHA
    540e35e View commit details
    Browse the repository at this point in the history

Commits on Oct 3, 2023

  1. journalctl: address review comments

    Felix Dörre committed Oct 3, 2023
    Copy the full SHA
    3c89625 View commit details
    Browse the repository at this point in the history