grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02


From: John Paul Adrian Glaubitz
Subject: Re: [SECURITY PATCH 000/117] Multiple GRUB2 vulnerabilities - 2021/03/02 round
Date: Tue, 2 Mar 2021 20:37:14 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1

Hi Daniel!

On 3/2/21 7:00 PM, Daniel Kiper wrote:
> The BootHole vulnerability [1][2] announced last year encouraged many people 
> to
> take a closer look at the security of boot process in general and the GRUB
> bootloader in particular. Due to that, during past few months we were getting
> reports of, and also discovering various security flaws in the GRUB ourselves.
> You can find the list of most severe ones which got CVEs assigned at the end 
> of
> this message. The patch bundle fixing all these issues in the upstream GRUB
> contains 117 patches.

Huge thanks and kudos to everyone involved fixing all these vulnerabilities!

Given the amount of patches, wouldn't it make sense to push an RC candidate
for 2.06 in the near future so that distributions can start shipping the pre-
release and avoiding to carry this large amount of patches?

Thanks,
Adrian

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaubitz@debian.org
`. `'   Freie Universitaet Berlin - glaubitz@physik.fu-berlin.de
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913




reply via email to

[Prev in Thread] Current Thread [Next in Thread]