nerd/rufus
1
1
Fork 0
mirror of https://github.com/pbatard/rufus.git synced 2024-08-14 23:57:05 +00:00
Code Issues 1 Projects Releases Wiki Activity

[pki] check timestamp chronology during update validation

Browse source 
* Done to address the second "vulnerability" proposed in #1009, independently
  of the protocol used.
This commit is contained in:
Pete Batard 2017-09-01 18:27:34 +01:00
parent c3c39f7f8a
commit 35da381a11
6 changed files with 253 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

4
res/localization/rufus.loc
View file

@ -565,6 +565,10 @@ t MSG_297 "Truncated ISO detected"
t MSG_298 "The ISO file you have selected does not match its declared size: %s of data is missing!\n\nIf you obtained "
"this file from the Internet, you should try to download a new copy and verify that the MD5 or SHA checksums match "
"the official ones.\n\nNote that you can compute the MD5 or SHA in Rufus by clicking the '#' button."
t MSG_299 "Timestamp validation error"
t MSG_300 "Rufus could not validate that the timestamp of the downloaded update is more recent than the one for the "
"current executable.\n\nIn order to prevent potential attack scenarios, the update process has been aborted and "
"the download will be deleted. Please check the log for more details."
################################################################################
############################# TRANSLATOR END COPY ##############################