Package "grub2-unsigned"
Name: |
grub2-unsigned
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- GRand Unified Bootloader, version 2 (EFI-AMD64 version)
- GRand Unified Bootloader, version 2 (EFI-AMD64 modules)
- GRand Unified Bootloader, version 2 (EFI-AMD64 debug files)
|
Latest version: |
2.06-2ubuntu17.2 |
Release: |
lunar (23.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "grub2-unsigned" in Lunar
Packages in group
Deleted packages are displayed in grey.
Changelog
grub2-unsigned (2.06-2ubuntu17.2) lunar; urgency=high
* SECURITY UPDATE: Crafted file system images can cause out-of-bounds write
and may leak sensitive information into the GRUB pager.
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-a-volume-
label.patch:
fs/ntfs: Fix an OOB read when parsing a volume label
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-bs-for-
index-at.patch:
fs/ntfs: Fix an OOB read when parsing bitmaps for index attributes
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-parsing-dory-
entries-fr.patch:
fs/ntfs: Fix an OOB read when parsing directory entries from resident and
non-resident index attributes
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-read-when-reading-data-fhe-
reside.patch:
fs/ntfs: Fix an OOB read when reading data from the resident $DATA +
attribute
- CVE-2023-4693
* SECURITY UPDATE: Crafted file system images can cause heap-based buffer
overflow and may allow arbitrary code execution and secure boot bypass.
- d/patches/ntfs-cve-fixes/fs-ntfs-Fix-an-OOB-write-when-parsing-the-
ATTRIBUTE_LIST-.patch:
fs/ntfs: Fix an OOB write when parsing the $ATTRIBUTE_LIST attribute for
the $MFT file
- d/patches/ntfs-cve-fixes/fs-ntfs-Make-code-more-readable.patch
fs/ntfs: Make code more readable
- CVE-2023-4692
* efi/fdt: Apply device tree fixups directly after loading
- add debian/patches/fdt-fixup-after-load.patch
- LP: #2028931
* Source package generated from src:grub2 using make -f ./debian/rules
generate-grub2-unsigned
-- Mate Kukri <email address hidden> Mon, 02 Oct 2023 15:25:43 +0100
|
Source diff to previous version |
2028931 |
device tree protocol not always applied |
CVE-2023-4693 |
Crafted file system images can cause out-of-bounds write and may leak sensitive information into the GRUB pager |
CVE-2023-4692 |
Crafted file system images can cause heap-based buffer overflow and may allow arbitrary code execution and secure boot bypass |
|
grub2-unsigned (2.06-2ubuntu17) lunar; urgency=medium
* Cherry-pick more upstream memory patches (LP: #2004643)
* Source package generated from src:grub2 using make -f ./debian/rules
generate-grub2-unsigned
-- Julian Andres Klode <email address hidden> Mon, 20 Feb 2023 17:24:10 +0100
|
About
-
Send Feedback to @ubuntu_updates