Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole

From:	Christian Hesse
Subject:	Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole
Date:	Wed, 29 Jul 2020 22:12:17 +0200

Daniel Kiper <daniel.kiper@oracle.com> on Wed, 2020/07/29 19:00:
> I am posting all the GRUB2 upstream patches which fixes all security bugs
> found and reported up until now. Major Linux distros carry or will carry
> soon one form or another of these patches. Now all the GRUB2 upstream
> patches are in the GRUB2 git repository [5] too.

This does not apply on top of grub 2.04. Will downstream maintainers have to
do their cherry-picking on its own or will a maintenance branch on top of
grub-2.04 (or what ever) be available?
I would like to push updates to the Arch Linux repositories.
Thanks!
-- 
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Best regards             my address:    */=0;b=c[a++];)
putchar(b-1/(/*    Chris            cc -ox -xc - && ./x    */b/42*2-3)*42);}

pgpVHthP9zXTM.pgp
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[SECURITY PATCH 24/28] efi: Fix some malformed device path arithmetic errors, (continued)
- [SECURITY PATCH 24/28] efi: Fix some malformed device path arithmetic errors, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 25/28] efi/chainloader: Propagate errors from copy_file_path(), Daniel Kiper, 2020/07/29
- [SECURITY PATCH 26/28] efi: Fix use-after-free in halt/reboot path, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 27/28] loader/linux: Avoid overflow on initrd size calculation, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 28/28] linux: Fix integer overflows in initrd size handling, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 09/28] xnu: Fix double free in grub_xnu_devprop_add_property(), Daniel Kiper, 2020/07/29
- [SECURITY PATCH 16/28] relocator: Protect grub_relocator_alloc_chunk_addr() input args against integer underflow/overflow, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 17/28] relocator: Protect grub_relocator_alloc_chunk_align() max_addr against integer underflow, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 20/28] relocator: Fix grub_relocator_alloc_chunk_align() top memory allocation, Daniel Kiper, 2020/07/29
- [SECURITY PATCH 21/28] hfsplus: Fix two more overflows, Daniel Kiper, 2020/07/29
- Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole, Christian Hesse <=
  - Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole, John Paul Adrian Glaubitz, 2020/07/29
    - Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole, Dimitri John Ledkov, 2020/07/29
    - Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole, John Paul Adrian Glaubitz, 2020/07/29

Prev by Date: Re: GRUB 2.06 release
Next by Date: Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole
Previous by thread: [SECURITY PATCH 21/28] hfsplus: Fix two more overflows
Next by thread: Re: [SECURITY PATCH 00/28] Multiple GRUB2 vulnerabilities - BootHole
Index(es):
- Date
- Thread