Ubuntu
grub2-unsigned package

grub2-unsigned 2.04-1ubuntu47.5 source package in Ubuntu

Changelog

grub2-unsigned (2.04-1ubuntu47.5) focal; urgency=medium

  [ Chris Coulson ]
  * SECURITY UPDATE: Fix out of bounds writes due specially crafted fonts.
    - add debian/patches/font-Fix-several-integer-overflows-in-grub_font_construct.patch
    - add debian/patches/font-Fix-an-integer-underflow-in-blit_comb.patch
    - CVE-2022-2601, CVE-2022-3775
    - LP: #1996950
  * Fix various issues as a result of fuzzing, static analysis and code
    review:
    - add debian/patches/font-Reject-glyphs-exceeds-font-max_glyph_width-or-font-m.patch
    - add debian/patches/font-Fix-size-overflow-in-grub_font_get_glyph_internal.patch
    - add debian/patchces/font-Remove-grub_font_dup_glyph.patch
    - add debian/patches/font-Fix-integer-overflow-in-ensure_comb_space.patch
    - add debian/patches/font-Fix-integer-overflow-in-BMP-index.patch
    - add debian/patches/font-Fix-integer-underflow-in-binary-search-of-char-index.patch
    - add debian/patches/fbutil-Fix-integer-overflow.patch
    - add debian/patches/font-Harden-grub_font_blit_glyph-and-grub_font_blit_glyph.patch
    - add debian/patches/font-Assign-null_font-to-glyphs-in-ascii_font_glyph.patch
    - add debian/patches/normal-charset-Fix-an-integer-overflow-in-grub_unicode_ag.patch
  * Forbid loading of external fonts when secure boot is enabled:
    - add debian/patches/font-Forbid-loading-of-font-files-when-secure-boot-is-ena.patch
  * Bundle unicode.pf2 in a squashfs memdisk attached to the signed EFI binary
    - update debian/control
    - update debian/build-efi-image
    - add debian/patches/font-Try-opening-fonts-from-the-bundled-memdisk.patch
  * Fix the squashfs tests during the build
    - remove debian/patches/ubuntu-fix-reproducible-squashfs-test.patch
    - add debian/patches/tests-Explicitly-unset-SOURCE_DATE_EPOCH-before-running-f.patch
  * Bump SBAT generation:
    - update debian/sbat.ubuntu.csv.in
  * Make grub-efi-{amd64,arm64} depend on grub2-common 2.02~beta2-36ubuntu3.33
    in xenial and 2.02-2ubuntu8.25 in bionic to fix LP: #1995751 (thanks
    Julian Klode for the base-files hack to make a single binary be able to
    depend on 2 different versions of the same package)

  [ dann frazier ]
  * linuxefi: Invalidate i-cache before starting the kernel (LP: #1987924)
    - d/p/linuxefi-Invalidate-i-cache-before-starting-the-kern.patch

  [ Chris Coulson ]
  * Source package generated from src:grub2 using make -f ./debian/rules
    generate-grub2-unsigned

 -- Chris Coulson <email address hidden>  Thu, 17 Nov 2022 13:27:15 +0000

Upload details

Uploaded by:: Chris Coulson on 2022-11-18

Uploaded to:: Focal

Original maintainer:: Ubuntu Developers

Architectures:: any-amd64 any-arm64 i386 kopensolaris-i386

Section:: admin

Urgency:: Medium Urgency

See full publishing history Publishing

Series	Pocket	Published	Component	Section

Builds

Focal: amd64 arm64

Downloads

File	Size	SHA-256 Checksum
grub2-unsigned_2.04.orig.tar.xz	6.1 MiB	e5292496995ad42dabe843a0192cf2a2c502e7ffcc7479398232b10a472df77d
grub2-unsigned_2.04-1ubuntu47.5.debian.tar.xz	1.2 MiB	6114ef33e04149bcdcc356f20295bb4706f3eae00fe5ca8f4745e072da4f334e
grub2-unsigned_2.04-1ubuntu47.5.dsc	3.3 KiB	2520048e26467b62a6b965b87a7adc8a93a99c9eba08e72ab210166ca8cf2e5a

Available diffs

diff from 2.04-1ubuntu47.4 to 2.04-1ubuntu47.5 (14.3 KiB)
diff from 2.04-1ubuntu47.5~ppa4 to 2.04-1ubuntu47.5 (1.2 KiB)

View changes file

Binary packages built by this source

grub-efi-amd64: GRand Unified Bootloader, version 2 (EFI-AMD64 version): GRUB is a portable, powerful bootloader. This version of GRUB is based on a
cleaner design than its predecessors, and provides the following new features:
.
  - Scripting in grub.cfg using BASH-like syntax.
  - Support for modern partition maps such as GPT.
  - Modular generation of grub.cfg via update-grub. Packages providing GRUB
    add-ons can plug in their own script rules and trigger updates by invoking
    update-grub.
.
This is a dependency package for a version of GRUB that has been built for
use with the EFI-AMD64 architecture, as used by Intel Macs (unless a BIOS
interface has been activated). Installing this package indicates that this
version of GRUB should be the active boot loader.

grub-efi-amd64-bin: GRand Unified Bootloader, version 2 (EFI-AMD64 modules): GRUB is a portable, powerful bootloader. This version of GRUB is based on a
cleaner design than its predecessors, and provides the following new features:
.
  - Scripting in grub.cfg using BASH-like syntax.
  - Support for modern partition maps such as GPT.
  - Modular generation of grub.cfg via update-grub. Packages providing GRUB
    add-ons can plug in their own script rules and trigger updates by invoking
    update-grub.
.
This package contains GRUB modules that have been built for use with the
EFI-AMD64 architecture, as used by Intel Macs (unless a BIOS interface has
been activated). It can be installed in parallel with other flavours, but
will not automatically install GRUB as the active boot loader nor
automatically update grub.cfg on upgrade unless grub-efi-amd64 is also
installed.

grub-efi-amd64-dbg: GRand Unified Bootloader, version 2 (EFI-AMD64 debug files): This package contains debugging files for grub-efi-amd64-bin. You only
need these if you are trying to debug GRUB using its GDB stub.

grub-efi-arm64: GRand Unified Bootloader, version 2 (ARM64 UEFI version): GRUB is a portable, powerful bootloader. This version of GRUB is based on a
cleaner design than its predecessors, and provides the following new features:
.
  - Scripting in grub.cfg using BASH-like syntax.
  - Support for modern partition maps such as GPT.
  - Modular generation of grub.cfg via update-grub. Packages providing GRUB
    add-ons can plug in their own script rules and trigger updates by invoking
    update-grub.
.
This is a dependency package for a version of GRUB that has been built for
use on ARM64 systems with UEFI. Installing this package indicates that
this version of GRUB should be the active boot loader.

grub-efi-arm64-bin: GRand Unified Bootloader, version 2 (ARM64 UEFI modules): GRUB is a portable, powerful bootloader. This version of GRUB is based on a
cleaner design than its predecessors, and provides the following new features:
.
  - Scripting in grub.cfg using BASH-like syntax.
  - Support for modern partition maps such as GPT.
  - Modular generation of grub.cfg via update-grub. Packages providing GRUB
    add-ons can plug in their own script rules and trigger updates by invoking
    update-grub.
.
This package contains GRUB modules that have been built for use on ARM64
systems with UEFI. It can be installed in parallel with other flavours,
but will not automatically install GRUB as the active boot loader nor
automatically update grub.cfg on upgrade unless grub-efi-arm64 is also
installed.

grub-efi-arm64-dbg: GRand Unified Bootloader, version 2 (ARM64 UEFI debug files): This package contains debugging files for grub-efi-arm64-bin. You only
need these if you are trying to debug GRUB using its GDB stub.

Ubuntugrub2-unsigned package

grub2-unsigned 2.04-1ubuntu47.5 source package in Ubuntu

Changelog

Upload details

See full publishing history Publishing

Builds

Downloads

Available diffs

Binary packages built by this source

Ubuntu
grub2-unsigned package