47610b45c2
If fetching GPG-signed commits over plain HTTP, a MitM attacker can fill up the drive of targets by simply returning an enormous stream for the commit object. Related to this, an attacker can also cause OSTree to perform large memory allocations by returning enormous GVariants in the metadata. This helps close that attack by limiting all metadata objects to 10 MiB, so the initial fetch will be truncated. But now the attack is only slightly more difficult as the attacker will have to return a correctly formed commit object, then return a large stream of < 10 MiB dirmeta/dirtree objects. https://bugzilla.gnome.org/show_bug.cgi?id=725921 |
||
|---|---|---|
| .. | ||
| boot | ||
| libostree | ||
| libotutil | ||
| ostree | ||
| switchroot | ||