grub2 2.06-2ubuntu10 source package in Ubuntu
Changelog
grub2 (2.06-2ubuntu10) kinetic; urgency=medium [ Chris Coulson ] * SECURITY UPDATE: Crafted PNG grayscale images may lead to out-of-bounds write in heap. - 0139-video-readers-png-Drop-greyscale-support-to-fix-heap.patch: video/readers/png: Drop greyscale support to fix heap out-of-bounds write - CVE-2021-3695 * SECURITY UPDATE: Crafted PNG image may lead to out-of-bound write during huffman table handling. - 0140-video-readers-png-Avoid-heap-OOB-R-W-inserting-huff-.patch: video/readers/png: Avoid heap OOB R/W inserting huff table items - CVE-2021-3696 * SECURITY UPDATE: Crafted JPEG image can lead to buffer underflow write in the heap. - 0145-video-readers-jpeg-Block-int-underflow-wild-pointer-.patch: video/readers/jpeg: Block int underflow -> wild pointer write - CVE-2021-3697 * SECURITY UPDATE: Integer underflow in grub_net_recv_ip4_packets - 0148-net-ip-Do-IP-fragment-maths-safely.patch: net/ip: Do IP fragment maths safely - CVE-2022-28733 * SECURITY UPDATE: Out-of-bounds write when handling split HTTP headers - 0154-net-http-Fix-OOB-write-for-split-http-headers.patch: net/http: Fix OOB write for split http headers - CVE-2022-28734 * SECURITY UPDATE: shim_lock verifier allows non-kernel files to be loaded - 0135-kern-efi-sb-Reject-non-kernel-files-in-the-shim_lock.patch: kern/efi/sb: Reject non-kernel files in the shim_lock verifier - CVE-2022-28735 * SECURITY UPDATE: use-after-free in grub_cmd_chainloader() - 0130-loader-efi-chainloader-simplify-the-loader-state.patch: loader/efi/chainloader: simplify the loader state - 0131-commands-boot-Add-API-to-pass-context-to-loader.patch: commands/boot: Add API to pass context to loader - 0132-loader-efi-chainloader-Use-grub_loader_set_ex.patch: loader/efi/chainloader: Use grub_loader_set_ex - 0133-loader-i386-efi-linux-Use-grub_loader_set_ex.patch: loader/i386/efi/linux: Use grub_loader_set_ex * Various fixes as a result of fuzzing and static analysis: - 0129-loader-efi-chainloader-grub_load_and_start_image-doe.patch: loader/efi/chainloader: grub_load_and_start_image doesn't load and start - 0134-loader-i386-efi-linux-Fix-a-memory-leak-in-the-initr.patch: loader/i386/efi/linux: Fix a memory leak in the initrd command - 0136-kern-file-Do-not-leak-device_name-on-error-in-grub_f.patch: kern/file: Do not leak device_name on error in grub_file_open() - 0137-video-readers-png-Abort-sooner-if-a-read-operation-f.patch: video/readers/png: Abort sooner if a read operation fails - 0138-video-readers-png-Refuse-to-handle-multiple-image-he.patch: video/readers/png: Refuse to handle multiple image headers - 0141-video-readers-png-Sanity-check-some-huffman-codes.patch: video/readers/png: Sanity check some huffman codes - 0142-video-readers-jpeg-Abort-sooner-if-a-read-operation-.patch: video/readers/jpeg: Abort sooner if a read operation fails - 0143-video-readers-jpeg-Do-not-reallocate-a-given-huff-ta.patch: video/readers/jpeg: Do not reallocate a given huff table - 0144-video-readers-jpeg-Refuse-to-handle-multiple-start-o.patch: video/readers/jpeg: Refuse to handle multiple start of streams - 0146-normal-charset-Fix-array-out-of-bounds-formatting-un.patch: normal/charset: Fix array out-of-bounds formatting unicode for display - 0147-net-netbuff-Block-overly-large-netbuff-allocs.patch: net/netbuff: Block overly large netbuff allocs - 0149-net-dns-Fix-double-free-addresses-on-corrupt-DNS-res.patch: net/dns: Fix double-free addresses on corrupt DNS response - 0150-net-dns-Don-t-read-past-the-end-of-the-string-we-re-.patch: net/dns: Don't read past the end of the string we're checking against - 0151-net-tftp-Prevent-a-UAF-and-double-free-from-a-failed.patch: net/tftp: Prevent a UAF and double-free from a failed seek - 0152-net-tftp-Avoid-a-trivial-UAF.patch: net/tftp: Avoid a trivial UAF - 0153-net-http-Do-not-tear-down-socket-if-it-s-already-bee.patch: net/http: Do not tear down socket if it's already been torn down - 0155-net-http-Error-out-on-headers-with-LF-without-CR.patch: net/http: Error out on headers with LF without CR - 0156-fs-f2fs-Do-not-read-past-the-end-of-nat-journal-entr.patch: fs/f2fs: Do not read past the end of nat journal entries - 0157-fs-f2fs-Do-not-read-past-the-end-of-nat-bitmap.patch: fs/f2fs: Do not read past the end of nat bitmap - 0158-fs-f2fs-Do-not-copy-file-names-that-are-too-long.patch: fs/f2fs: Do not copy file names that are too long - 0159-fs-btrfs-Fix-several-fuzz-issues-with-invalid-dir-it.patch: fs/btrfs: Fix several fuzz issues with invalid dir item sizing - 0160-fs-btrfs-Fix-more-ASAN-and-SEGV-issues-found-with-fu.patch: fs/btrfs: Fix more ASAN and SEGV issues found with fuzzing - 0161-fs-btrfs-Fix-more-fuzz-issues-related-to-chunks.patch: fs/btrfs: Fix more fuzz issues related to chunks * Bump SBAT generation: - update debian/sbat.ubuntu.csv.in * Make the grub2/no_efi_extra_removable setting work correctly - update debian/postinst.in * Build grub2-unsigned packages with xz compression for compatibility with xenial dpkg - update debian/rules [ Steve Langasek ] * Bump versioned dependency on grub2-common to 2.02~beta2-36ubuntu3.32 for necessary arm relocation support. LP: #1926748. * debian/postinst.in: Unconditionally call grub-install with --force-extra-removable on xenial and bionic, so that the \EFI\BOOT removable path as used in cloud images receives the updates. LP: #1930742. -- Chris Coulson <email address hidden> Tue, 07 Jun 2022 17:36:27 +0100
Upload details
- Uploaded by:
- Chris Coulson
- Uploaded to:
- Kinetic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
grub2_2.06.orig.tar.xz | 6.3 MiB | b79ea44af91b93d17cd3fe80bdae6ed43770678a9a5ae192ccea803ebb657ee1 |
grub2_2.06-2ubuntu10.debian.tar.xz | 1.1 MiB | f3f5097e1135e69a83ecd946d102b0681174515655505b99856706fba0931f85 |
grub2_2.06-2ubuntu10.dsc | 6.7 KiB | 879a0a22ed582cc0e766522e811f2e6a97165c5cc1ddc985ae93e540c5919c6d |
Available diffs
- diff from 2.06-2ubuntu7 (in Ubuntu) to 2.06-2ubuntu10 (30.2 KiB)
- diff from 2.06-2ubuntu9 to 2.06-2ubuntu10 (826 bytes)
Binary packages built by this source
- grub-common: No summary available for grub-common in ubuntu kinetic.
No description available for grub-common in ubuntu kinetic.
- grub-common-dbgsym: No summary available for grub-common-dbgsym in ubuntu kinetic.
No description available for grub-common-dbgsym in ubuntu kinetic.
- grub-coreboot: No summary available for grub-coreboot in ubuntu kinetic.
No description available for grub-coreboot in ubuntu kinetic.
- grub-coreboot-bin: No summary available for grub-coreboot-bin in ubuntu kinetic.
No description available for grub-coreboot-bin in ubuntu kinetic.
- grub-coreboot-dbg: No summary available for grub-coreboot-dbg in ubuntu kinetic.
No description available for grub-coreboot-dbg in ubuntu kinetic.
- grub-efi: No summary available for grub-efi in ubuntu kinetic.
No description available for grub-efi in ubuntu kinetic.
- grub-efi-amd64-signed-template: No summary available for grub-efi-amd64-signed-template in ubuntu kinetic.
No description available for grub-efi-
amd64-signed- template in ubuntu kinetic.
- grub-efi-arm: No summary available for grub-efi-arm in ubuntu kinetic.
No description available for grub-efi-arm in ubuntu kinetic.
- grub-efi-arm-bin: No summary available for grub-efi-arm-bin in ubuntu kinetic.
No description available for grub-efi-arm-bin in ubuntu kinetic.
- grub-efi-arm-dbg: No summary available for grub-efi-arm-dbg in ubuntu kinetic.
No description available for grub-efi-arm-dbg in ubuntu kinetic.
- grub-efi-arm64-signed-template: No summary available for grub-efi-arm64-signed-template in ubuntu kinetic.
No description available for grub-efi-
arm64-signed- template in ubuntu kinetic.
- grub-efi-ia32: No summary available for grub-efi-ia32 in ubuntu kinetic.
No description available for grub-efi-ia32 in ubuntu kinetic.
- grub-efi-ia32-bin: No summary available for grub-efi-ia32-bin in ubuntu kinetic.
No description available for grub-efi-ia32-bin in ubuntu kinetic.
- grub-efi-ia32-dbg: No summary available for grub-efi-ia32-dbg in ubuntu kinetic.
No description available for grub-efi-ia32-dbg in ubuntu kinetic.
- grub-efi-riscv64: No summary available for grub-efi-riscv64 in ubuntu kinetic.
No description available for grub-efi-riscv64 in ubuntu kinetic.
- grub-efi-riscv64-bin: No summary available for grub-efi-riscv64-bin in ubuntu kinetic.
No description available for grub-efi-
riscv64- bin in ubuntu kinetic.
- grub-efi-riscv64-dbg: No summary available for grub-efi-riscv64-dbg in ubuntu kinetic.
No description available for grub-efi-
riscv64- dbg in ubuntu kinetic.
- grub-emu: No summary available for grub-emu in ubuntu kinetic.
No description available for grub-emu in ubuntu kinetic.
- grub-emu-dbg: No summary available for grub-emu-dbg in ubuntu kinetic.
No description available for grub-emu-dbg in ubuntu kinetic.
- grub-firmware-qemu: No summary available for grub-firmware-qemu in ubuntu kinetic.
No description available for grub-firmware-qemu in ubuntu kinetic.
- grub-ieee1275: No summary available for grub-ieee1275 in ubuntu kinetic.
No description available for grub-ieee1275 in ubuntu kinetic.
- grub-ieee1275-bin: No summary available for grub-ieee1275-bin in ubuntu kinetic.
No description available for grub-ieee1275-bin in ubuntu kinetic.
- grub-ieee1275-bin-dbgsym: No summary available for grub-ieee1275-bin-dbgsym in ubuntu kinetic.
No description available for grub-ieee1275-
bin-dbgsym in ubuntu kinetic.
- grub-ieee1275-dbg: No summary available for grub-ieee1275-dbg in ubuntu kinetic.
No description available for grub-ieee1275-dbg in ubuntu kinetic.
- grub-linuxbios: No summary available for grub-linuxbios in ubuntu kinetic.
No description available for grub-linuxbios in ubuntu kinetic.
- grub-pc: No summary available for grub-pc in ubuntu kinetic.
No description available for grub-pc in ubuntu kinetic.
- grub-pc-bin: No summary available for grub-pc-bin in ubuntu kinetic.
No description available for grub-pc-bin in ubuntu kinetic.
- grub-pc-bin-dbgsym: No summary available for grub-pc-bin-dbgsym in ubuntu kinetic.
No description available for grub-pc-bin-dbgsym in ubuntu kinetic.
- grub-pc-dbg: No summary available for grub-pc-dbg in ubuntu kinetic.
No description available for grub-pc-dbg in ubuntu kinetic.
- grub-rescue-pc: No summary available for grub-rescue-pc in ubuntu kinetic.
No description available for grub-rescue-pc in ubuntu kinetic.
- grub-theme-starfield: No summary available for grub-theme-starfield in ubuntu kinetic.
No description available for grub-theme-
starfield in ubuntu kinetic.
- grub-uboot: No summary available for grub-uboot in ubuntu kinetic.
No description available for grub-uboot in ubuntu kinetic.
- grub-uboot-bin: No summary available for grub-uboot-bin in ubuntu kinetic.
No description available for grub-uboot-bin in ubuntu kinetic.
- grub-uboot-dbg: No summary available for grub-uboot-dbg in ubuntu kinetic.
No description available for grub-uboot-dbg in ubuntu kinetic.
- grub-xen: No summary available for grub-xen in ubuntu kinetic.
No description available for grub-xen in ubuntu kinetic.
- grub-xen-bin: No summary available for grub-xen-bin in ubuntu kinetic.
No description available for grub-xen-bin in ubuntu kinetic.
- grub-xen-dbg: No summary available for grub-xen-dbg in ubuntu kinetic.
No description available for grub-xen-dbg in ubuntu kinetic.
- grub-xen-host: No summary available for grub-xen-host in ubuntu kinetic.
No description available for grub-xen-host in ubuntu kinetic.
- grub2: No summary available for grub2 in ubuntu kinetic.
No description available for grub2 in ubuntu kinetic.
- grub2-common: No summary available for grub2-common in ubuntu kinetic.
No description available for grub2-common in ubuntu kinetic.
- grub2-common-dbgsym: No summary available for grub2-common-dbgsym in ubuntu kinetic.
No description available for grub2-common-dbgsym in ubuntu kinetic.