* Repository for CVE-2019-6260 test tool
@ 2019-02-21 2:42 Andrew Jeffery
2019-02-21 3:40 ` Gunnar Mills
0 siblings, 1 reply; 4+ messages in thread
From: Andrew Jeffery @ 2019-02-21 2:42 UTC (permalink / raw)
To: openbmc, Brad Bishop
Hi Brad,
We're looking to publish a tool for testing the state of the bridges outlined in CVE-2019-6260. The initial release of the tool can only be run on the BMC, using /dev/mem as a backend to test the bits. Thus users will already need to authenticate as root to the BMC to inspect whether the system is vulnerable and the tool is _not_ a PoC demonstrating how to use the bridges.
Can you please create a cve-2019-6260 repository under the OpenBMC github organisation to host the tool?
Cheers,
Andrew
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Repository for CVE-2019-6260 test tool
2019-02-21 2:42 Repository for CVE-2019-6260 test tool Andrew Jeffery
@ 2019-02-21 3:40 ` Gunnar Mills
2019-02-21 3:56 ` Andrew Jeffery
0 siblings, 1 reply; 4+ messages in thread
From: Gunnar Mills @ 2019-02-21 3:40 UTC (permalink / raw)
To: Andrew Jeffery, openbmc, Brad Bishop
[-- Attachment #1: Type: text/plain, Size: 224 bytes --]
On 2/20/2019 8:42 PM, Andrew Jeffery wrote:
> Can you please create a cve-2019-6260 repository under the OpenBMC github organisation to host the tool?
Why a new cve-2019-6260 repo instead of openbmc-tools?
- Gunnar***
*
[-- Attachment #2: Type: text/html, Size: 757 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Repository for CVE-2019-6260 test tool
2019-02-21 3:40 ` Gunnar Mills
@ 2019-02-21 3:56 ` Andrew Jeffery
2019-02-24 23:10 ` Andrew Jeffery
0 siblings, 1 reply; 4+ messages in thread
From: Andrew Jeffery @ 2019-02-21 3:56 UTC (permalink / raw)
To: openbmc, Brad Bishop, Gunnar Mills
On Thu, 21 Feb 2019, at 14:10, Gunnar Mills wrote:
> On 2/20/2019 8:42 PM, Andrew Jeffery wrote:
>
> Can you please create a cve-2019-6260 repository under the OpenBMC
> github organisation to host the tool?
> >
> Why a new cve-2019-6260 repo instead of openbmc-tools?
No really good reason, just felt it was well defined enough to not get lumped
in with everything else in the openbmc-tools repo. openbmc-tools was
intended as a home for ill-defined scripts and bits that people had lying
around that they wouldn't have otherwise published.
Andrew
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Repository for CVE-2019-6260 test tool
2019-02-21 3:56 ` Andrew Jeffery
@ 2019-02-24 23:10 ` Andrew Jeffery
0 siblings, 0 replies; 4+ messages in thread
From: Andrew Jeffery @ 2019-02-24 23:10 UTC (permalink / raw)
To: openbmc, Brad Bishop, Gunnar Mills
On Thu, 21 Feb 2019, at 14:27, Andrew Jeffery wrote:
>
>
> On Thu, 21 Feb 2019, at 14:10, Gunnar Mills wrote:
> > On 2/20/2019 8:42 PM, Andrew Jeffery wrote:
> >
> > Can you please create a cve-2019-6260 repository under the OpenBMC
> > github organisation to host the tool?
> > >
> > Why a new cve-2019-6260 repo instead of openbmc-tools?
>
> No really good reason, just felt it was well defined enough to not get lumped
> in with everything else in the openbmc-tools repo. openbmc-tools was
> intended as a home for ill-defined scripts and bits that people had lying
> around that they wouldn't have otherwise published.
In the mean time I've pushed the repo here:
https://github.com/amboar/cve-2019-6260
>
> Andrew
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-02-24 23:10 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-02-21 2:42 Repository for CVE-2019-6260 test tool Andrew Jeffery
2019-02-21 3:40 ` Gunnar Mills
2019-02-21 3:56 ` Andrew Jeffery
2019-02-24 23:10 ` Andrew Jeffery
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.