Univention Bugzilla – Bug 55482
grub2: Multiple issues (5.0)
Last modified: 2022-12-14 15:04:48 CET
New Debian grub2 2.06-3~deb10u3 fixes: This update addresses the following issues: 2.06-3~deb10u3 (Thu, 08 Dec 2022 00:19:43 +0000) [ Steve McIntyre ] * Actually ensure the patches are applied for CVE-2022-2601 and CVE-2022-3775. * Include fonts in the memdisk build for EFI images. * Fix bug in core file code so errors are handled better. This makes the fallback font-handling patch work properly. * Bump Debian SBAT level to 4 - Due to a mistake in the buster upload (2.06-3~deb10u2) that left the CVE-2022-2601 bugs in place, we need to bump SBAT for all of the Debian GRUB binaries. :-(
--- mirror/ftp/pool/main/g/grub2/grub2_2.06-3~deb10u2.dsc +++ apt/ucs_5.0-0-errata5.0-2/source/grub2_2.06-3~deb10u3.dsc @@ -1,3 +1,16 @@ +2.06-3~deb10u3 [Thu, 08 Dec 2022 00:19:43 +0000] Steve McIntyre <93sam@debian.org>: + + [ Steve McIntyre ] + * Actually ensure the patches are applied for CVE-2022-2601 and + CVE-2022-3775. Closes: #1024617 + * Include fonts in the memdisk build for EFI images. + * Fix bug in core file code so errors are handled better. This makes + the fallback font-handling patch work properly. + * Bump Debian SBAT level to 4 + - Due to a mistake in the buster upload (2.06-3~deb10u2) that left + the CVE-2022-2601 bugs in place, we need to bump SBAT for all of + the Debian GRUB binaries. :-( + 2.06-3~deb10u2 [Sun, 13 Nov 2022 21:07:01 +0000] Steve McIntyre <93sam@debian.org>: [ Steve McIntyre ] <http://piuparts.knut.univention.de/5.0-2/#2838695408114537278>
OK: yaml OK: announce_errata OK: patch OK: piuparts OK: reboot OK: mokutil --sb-state [5.0-2] 87a9f9061b Bug #55482: grub2 2.06-3~deb10u3 doc/errata/staging/grub-efi-amd64-signed.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x514> <https://errata.software-univention.de/#/?erratum=5.0x515>