Summary: | <sys-boot/grub-2.06-r2: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | base-system, floppym, zerochaos |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.gnu.org/archive/html/grub-devel/2022-06/msg00035.html | ||
Whiteboard: | A2 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 850673 | ||
Bug Blocks: |
Description
John Helmert III
2022-06-07 19:33:53 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7bbb9e2ce52ffd701c05daa3752f1fe11ec72f27 commit 7bbb9e2ce52ffd701c05daa3752f1fe11ec72f27 Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2022-06-08 01:02:45 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2022-06-08 01:02:45 +0000 sys-boot/grub: backport many patches Bug: https://bugs.gentoo.org/850535 Closes: https://github.com/gentoo/gentoo/pull/25629 Signed-off-by: Mike Gilbert <floppym@gentoo.org> sys-boot/grub/Manifest | 1 + sys-boot/grub/grub-2.06-r2.ebuild | 319 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 320 insertions(+) Thank you! Please stabilize when ready. (In reply to John Helmert III from comment #0) > So I suppose we need an update for sys-boot/shim, too? I doubt there are many (any?) Gentoo users that attempt to use "secure boot" via sys-boot/shim. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=034c3eb523f406231aefe984560edf432b916f81 commit 034c3eb523f406231aefe984560edf432b916f81 Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2022-09-02 15:39:11 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2022-09-02 15:39:11 +0000 sys-boot/grub: drop 2.06-r1 Bug: https://bugs.gentoo.org/850535 Signed-off-by: Mike Gilbert <floppym@gentoo.org> sys-boot/grub/grub-2.06-r1.ebuild | 318 -------------------------------------- 1 file changed, 318 deletions(-) GLSA request filed GLSA released, all done! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=9800f4266b85bdfe9aee0d03b98448c864ee9537 commit 9800f4266b85bdfe9aee0d03b98448c864ee9537 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-09-25 13:35:30 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-25 13:42:21 +0000 [ GLSA 202209-12 ] GRUB: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/835082 Bug: https://bugs.gentoo.org/850535 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202209-12.xml | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 53 insertions(+) |