Package "grub-common"
Name: |
grub-common
|
Description: |
GRand Unified Bootloader (common files)
|
Latest version: |
2.02-2ubuntu8.26 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
main |
Head package: |
grub2 |
Homepage: |
http://www.gnu.org/software/grub/ |
Links
Download "grub-common"
Other versions of "grub-common" in Bionic
Changelog
grub2 (2.02-2ubuntu8.19) bionic; urgency=medium
* grub-install: cherry-pick patch from grub-devel to make grub-install
fault tolerant. Create backup of files in /boot/grub, and restore them
on failure to complete grub-install. LP: #1891680
Also cherry-pick patch to make atexit work correctly.
* postinst.in: do not exit successfully when failing to show critical
grub-pc/install_devices_failed and grub-pc/install_devices_empty
prompts in non-interactive mode. This enables surfacing upgrade errors
to the users and/or automation. LP: #1891680 LP: #1896608
* postinst.in: do not attempt to call grub-install upon fresh install of
grub-pc because it it a job of installers to do that after fresh
install. Fixup for the issue unmasked by above. LP: #1891680
* postinst.in: Fixup postinst.in, to attempt grub-install upon explicit
dpkg-reconfigure grub-pc. LP: #1892526
-- Dimitri John Ledkov <email address hidden> Thu, 22 Oct 2020 15:01:52 +0100
|
Source diff to previous version |
1891680 |
grub-pc needs to detect when debconf points to invalid drive and stop in preinst, before unpacking files, and also treat this as a failure in postins |
1896608 |
[regression-in-stable] grub-multi-install fails with exit 1 when question grub-efi/install_devices_empty is skipped |
1892526 |
dpkg-reconfigure grub-pc no longer prompts for grub-pc/install_devices |
|
grub2 (2.02-2ubuntu8.18) bionic; urgency=medium
* debian/patches/ubuntu-flavour-order.patch:
- Add a (hidden) GRUB_FLAVOUR_ORDER setting that can mark certain kernel
flavours as preferred, and specify an order between those preferred
flavours (LP: #1882663)
* debian/patches/ubuntu-recovery-dis_ucode_ldr.patch:
- Pass dis_ucode_ldr to kernel for recovery mode (LP: #1831789)
-- Julian Andres Klode <email address hidden> Mon, 24 Aug 2020 10:45:45 +0200
|
Source diff to previous version |
|
grub2 (2.02-2ubuntu8.17) bionic; urgency=medium
* debian/postinst.in: Avoid calling grub-install on upgrade of the grub-pc
package, since we cannot be certain that it will install to the correct
disk and a grub-install failure will render the system unbootable.
LP: #1889556.
-- Steve Langasek <email address hidden> Thu, 30 Jul 2020 18:49:49 -0700
|
Source diff to previous version |
1889556 |
grub-install failure does not fail package upgrade (and does not roll back to matching modules) |
|
grub2 (2.02-2ubuntu8.16) bionic; urgency=medium
[ Chris Coulson ]
* SECURITY UPDATE: Heap buffer overflow when encountering commands that
cannot be tokenized to less than 8192 characters.
- 0082-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch: Make
fatal lexer errors actually be fatal
- CVE-2020-10713
* SECURITY UPDATE: Multiple integer overflow bugs that could result in
heap buffer allocations that were too small and subsequent heap buffer
overflows when handling certain filesystems, font files or PNG images.
- 0083-safemath-Add-some-arithmetic-primitives-that-check-f.patch: Add
arithmetic primitives that allow for overflows to be detected
- 0084-calloc-Make-sure-we-always-have-an-overflow-checking.patch:
Make sure that there is always an overflow checking implementation
of calloc() available
- 0085-calloc-Use-calloc-at-most-places.patch: Use calloc where
appropriate
- 0086-malloc-Use-overflow-checking-primitives-where-we-do-.patch: Use
overflow-safe arithmetic primitives when performing allocations
based on the results of operations that might overflow
- 0094-hfsplus-fix-two-more-overflows.patch: Fix integer overflows in
hfsplus
- 0095-lvm-fix-two-more-potential-data-dependent-alloc-over.patch: Fix
more potential integer overflows in lvm
- CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311
* SECURITY UPDATE: Use-after-free when executing a command that causes
a currently executing function to be redefined.
- 0092-script-Remove-unused-fields-from-grub_script_functio.patch:
Remove unused fields from grub_script_function
- 0093-script-Avoid-a-use-after-free-when-redefining-a-func.patch:
Avoid a use-after-free when redefining a function during execution
- CVE-2020-15706
* SECURITY UPDATE: Integer overflows that could result in heap buffer
allocations that were too small and subsequent heap buffer overflows
during initrd loading.
- 0105-linux-Fix-integer-overflows-in-initrd-size-handling.patch: Fix
integer overflows in initrd size handling
- 0106-efilinux-Fix-integer-overflows-in-grub_cmd_initrd.patch: Fix
integer overflows in linuxefi grub_cmd_initrd
- CVE-2020-15707
* Various fixes as a result of code review and static analysis:
- 0087-iso9660-Don-t-leak-memory-on-realloc-failures.patch: Fix a
memory leak on realloc failures when processing symbolic links
- 0088-font-Do-not-load-more-than-one-NAME-section.patch: Fix a
memory leak when processing font files with more than one NAME
section
- 0089-gfxmenu-Fix-double-free-in-load_image.patch: Zero self->bitmap
after it is freed in order to avoid a potential double free later on
- 0090-lzma-Make-sure-we-don-t-dereference-past-array.patch: Fix an
out-of-bounds read in LzmaEncode
- 0091-tftp-Do-not-use-priority-queue.patch: Refactor tftp to not use
priority queues and fix a double free
- 0096-efi-fix-some-malformed-device-path-arithmetic-errors.patch: Fix
various arithmetic errors with malformed device paths
- 0098-Fix-a-regression-caused-by-efi-fix-some-malformed-de.patch: Fix
a NULL deref in the chainloader command introduced by a previous
patch
- 0100-chainloader-Avoid-a-double-free-when-validation-fail.patch:
Avoid a double free in the chainloader command when validation fails
- 0101-relocator-Protect-grub_relocator_alloc_chunk_addr-in.patch:
Protect grub_relocator_alloc_chunk_addr input arguments against
integer overflow / underflow
- 0102-relocator-Protect-grub_relocator_alloc_chunk_align-m.patch:
Protect grub_relocator_alloc_chunk_align max_addr argument against
integer underflow
- 0103-relocator-Fix-grub_relocator_alloc_chunk_align-top-m.patch: Fix
grub_relocator_alloc_chunk_align top memory allocation
- 0104-linux-loader-avoid-overflow-on-initrd-size-calculati.patch:
Avoid overflow on initrd size calculation
[ Dimitri John Ledkov ]
* SECURITY UPDATE: Grub does not enforce kernel signature validation
when the shim protocol isn't present.
- 0097-linuxefi-fail-kernel-validation-without-shim-protoco.patch:
Fail kernel validation if the shim protocol isn't available
- CVE-2020-15705
-- Chris Coulson <email address hidden> Mon, 20 Jul 2020 19:50:54 +0100
|
Source diff to previous version |
CVE-2020-14308 |
In grub2 versions before 2.06 the grub memory allocator doesn't check ... |
CVE-2020-15707 |
Integer overflows were discovered in the functions grub_cmd_initrd and ... |
|
grub2 (2.02-2ubuntu8.15) bionic; urgency=medium
* Make the linux command in EFI grub always try EFI handover; thanks
to Chris Coulson for the patches (LP: #1864533)
-- Julian Andres Klode <email address hidden> Wed, 11 Mar 2020 21:57:49 +0100
|
1864533 |
grub wrongly booting via bios entry point instead of efi when secureboot disabled |
|
About
-
Send Feedback to @ubuntu_updates