[U-Boot] [PATCH 4/4] lib: uuid: Improve randomness of uuid values on RANDOM_UUID=y

Eugeniu Rosca erosca at de.adit-jv.com
Tue May 7 12:25:50 UTC 2019


On Fri, May 03, 2019 at 06:09:28PM +0200, Eugeniu Rosca wrote:
> On Thu, May 02, 2019 at 12:32:53AM +0200, Eugeniu Rosca wrote:
> > Hi Tom,
> > 
> > On Wed, May 01, 2019 at 03:51:49PM -0400, Tom Rini wrote:
> > [..]
> > > 
> > > Agreed, this patch sounds like it addresses a number of problems today
> > > that are real problems (I await someone filing a CVE now for our PRNG
> > > problem)
> > 
> > A new CVE has been submitted via https://cveform.mitre.org/.
> > Will keep this thread posted with any updates from the CVE Team.
> 
> The CVE has been published as:
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11690
> https://nvd.nist.gov/vuln/detail/CVE-2019-11690
> 
> It looks like it is still WIP.

jFTR, https://nvd.nist.gov/vuln/detail/CVE-2019-11690 has been populated
with some "Severity and Metrics".

> 
> > 
> > > and can be iteratively improved on, once merged rather than
> > > having a fundamental problem that needs to be addressed.
> > > 
> > > -- 
> > > Tom
> > 
> > --
> > Best regards,
> > Eugeniu.

-- 
Best Regards,
Eugeniu.


More information about the U-Boot mailing list